College Board Antitrust Settlement Warning To Other Associations About Anti-Competitive Policies & Practices


The National Association for College Admission Counseling and its member organizations (“NACAC”) will eliminate and no longer enforce a series of requirements historically limiting the ability of colleges and universities (“colleges”) to compete for the recruitment of first-year and transfer students long included in the NACAC’s Code of Ethics and Professional Practices ( “Ethics Rules”) under a proposed agreement reached with the Justice Department to settle a civil antitrust lawsuit that charged the NACAC and its members with violating the antitrust rules.  Along with eliminating barriers that previously limited competition among colleges for new and transfer students, the lawsuit and its settlement provide an important reminder to other associations and their members about the need to ensure contracts, codes of conduct or other policies or practices don’t improperly fix prices or bids, allocate market share or otherwise restrict or prohibit competition among competitors.

The proposed settlement agreement, which will require federal court approval, seeks to resolve a federal civil antitrust lawsuit the Justice Department filed on November 16, 2019, which charged the NACAC and its member organizations with violating Title I of the Sherman Act by illegally conspiring to restrain and restraining competition for the recruitment and retention of college students among its members.  The leading trade association for college admissions, the NACAC generally includes two types of members:  (1) non-profit colleges and their admissions personnel and (2) high schools and their guidance counselors.

According to the civil antitrust complaint,  the Justice Department filed on November 16, 2019, NACAC’s college members compete vigorously for both incoming college students and transfer students in college tuition cost, majors offered, ease and cost of applications, campus amenities, educational quality, institutional reputation, employment prospects post-graduation and other college students.  While acknowledging this competition among the academic institutions, the Justice Department charged that mandatory rules included in the NACAC’s Ethics Code illegally prevented or severely limited competition among member colleges by restricting the colleges from (1) directly recruiting transfer students from another college, (2) offering incentives of any kind to college applicants who applied via a process known as Early Decision, and (3) recruiting incoming college freshmen after May 1 (together, “Recruiting Rules”).  The complaint charged these Recruiting Rules were horizontal agreements to restrict competition among the schools participating in NACAC that improperly denied American college applicants and potential transfer students access to competitive financial aid packages and benefits and restricted their opportunities to move between colleges. Even though the NCACA members voted to remove the challenged rules from the Ethics Rules in September, 2019, the Justice Department charged the NACAC and its members with illegal restraint of trade in violation of Section 1 of the Sherman Act and asked the court to restrain the NACAC and its members

Under the proposed settlement agreement which will require the approval of the District of Colombia, the NACAC does not admit liability but agrees among other things:

  • To abolish, and not to attempt to establish, maintain, or enforce any Early Decision Incentives Rule, Transfer Student Recruiting Rule, or First-Year Undergraduate Recruiting Rule
  • Appoint an Antitrust Compliance Officer to oversee and report on compliance to the Justice Department;
  • Communicate the rule changes to members and students;
  • Maintain compliance with the settlement agreement requirements; and
  • Submit to continuing inspection and oversight for compliance.

In addition to the expected benefits that the Justice Department expects college students to realize from the rule change accomplished from the litigation and settlement, the litigation and settlement also provides another reminder to associations and other organizations about the potential perils of seeking to establish, implement or enforce rules or other anticompetitive arrangements among competitors.  Trade and other associations and their members, as well as other businesses should take appropriate steps to assess their existing contractual, ethical and other arrangements and agreements to ensure they avoid engaging in similarly risky practices.

For More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations GroupHR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications focusing on internal controls and other performance. risk and compliance and operations management.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care, employee benefit, insurance and financial services, professional and trade associations and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

Author of leading works corporate compliance, governance, internal controls and other concerns, her work includes risk management and compliance counseling and audits, event investigation and redress, representation before regulatory and other bodies; statutory, regulatory and policy advocacy and other assistance to business and government clients. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

 

 

Posted in antitrust, Compliance, Internal Controls, Uncategorized | Leave a comment

Live Nation & Radio Music License Committee Targeted In Justice Department Antitrust Activity


The Department of Justice’s Antitrust Division is asking a Federal Court to modify a previous 2019 antitrust judgement in United States v. Ticketmaster Entertainment, Inc., et al., Case No. 1:10-cv-00139-RMC (July 30, 2010)(the “2010 Final Judgement”) to modify and clarify the order to end what the Justice Department charges are recurrent and continuing violations of the 2010 Final Judgment by Live Nation. One of two high profile antitrust enforcement actions impacting the music industry taken by the Justice Department in the same month, the action against Ticketmaster is characterized by the Justice Department as “the most significant enforcement action of an existing antitrust decree by the Department in 20 years” seeks to modify the 2010 Final Judgement so ticket holders and others will get the full benefit of the 2010 Final Judgement.

The 2010 Final Judgment resulted from antitrust litigation over the then proposed merger between Live Nation and Ticketmaster. Headquartered in Beverly Hills, California, Live Nation claims to be the largest live entertainment company in the world, active in three principal segments: concert promotion, ticketing services, and sponsorship & advertising. In 2018, Live Nation’s revenues were approximately $10.8 billion. Ticketmaster is a wholly-owned subsidiary of Live Nation following their merger in 2010. It claims to be the world’s leading live entertainment ticketing sales and entertainment company. In 2018, Ticketmaster’s revenues were approximately $1.5 billion.

The 2010 Final Judgement allowed Live Nation to merge with Ticketmaster subject to its compliance with certain conditions intended to prevent the merged operations from using their market power to control the concert and ticket marketplace such as prohibiting the merged company from retaliating against concert venues for using another ticketing company, threatening concert venues, or undertaking other specified actions against concert venues for ten years. While these and other conditions in the 2010 Final Judgement were supposed to prevent Live Nation from using its market dominance to unfairly control the market for tickets and ticket sales to the detriment of ticket purchasers, venues, artists and others, the Justice Department now charges Live Nation with recurrently repeatedly and over the course of several years violating the 2010 Final Judgement by retaliating against venues for using other ticketing agencies and other improper conduct in violation of the 2010 Final Judgment.

As part of a pre-agreed arrangement with Live Nation to resolve the compliance issues, the Justice Department on December 19 filed a motion in the U.S. District Court for the District of Columbia to reopen the docket in the underlying action, a necessary step towards filing the petition to clarify and extend the 2010 Final Judgment for an additional five and a half years beyond its scheduled expiration date.  According to the Justice Department, once the court approves the petition for leave to amend the 2010 Final Judgement, the Justice Department intends to file a petition asking the Court to modify the 2010 Final Judgment to order Live Nation to stop violating the 2010 Final Order and clarify its responsibilities going forward by among other things, extending the term of the Final Judgment by five and a half years, to allow concert venues and American consumers to get the benefit of the relief the Department bargained for in the original settlement and impose other conditions to help deter additional violations and allow for easier detection and enforcement if future violations occur. The proposed additions will include providing:

  • Live Nation may not threaten to withhold concerts from a venue if the venue chooses a ticketer other than Ticketmaster;
  • A threat by Live Nation to withhold any concerts because a venue chooses another ticketer is a violation of the Final Judgment;
  • Withholding any concerts in response to a venue choosing a ticketer other than Ticketmaster is a violation by Live Nation of the Final Judgment;
  • The Antitrust Division will appoint an independent monitor to investigate and report on Live Nation’s compliance with the Final Judgment;
  • Live Nation will appoint an internal antitrust compliance officer and conduct regular internal training to ensure its employees fully comply with the Final Judgment;
  • Live Nation will provide notice to current or potential venue customers of its ticketing services of the clarified and extended Final Judgment; and
  • Live Nation is subject to an automatic penalty of $1,000,000 for each violation of the Final Judgment.
  • Live Nation will pay costs and fees for the Department’s investigation and enforcement.

The Justice Department’s action against Ticketmaster follows its intervention earlier in December in an antitrust lawsuit in which the mega performer rights organization Global Music Rights, LLC (“GMR”) and Radio Music License Committee, Inc. each accuse each other of operating an illegal cartel in violation of the Sherman Act in their respective actions in negotiating the bundled sale and purchase of licenses to play music over the radio airwaves.

Global Music Rights, LLC (“GMO” is a performing rights organization (“PRO”) that aggregates the performing rights of various songwriters and markets and sells performing rights to their works on a bundled basis to radio stations and others. Meanwhile, Radio Music License Committee, Inc.is an entity that aggregates and negotiates on behalf of radio stations and other license buyers .

On December 5, 2019, the Justice Department intervened in the Global Music Rights, LLC v. Radio Music License Committee, Inc., et al.:litigation by filing a Statement of Interest of the United States (12/05/2019)., where FMR and RML each accuses the other of acting as an illegal cartel and restraining trade in violation of federal antitrust law. Title I of the Sherman Act prohibits restraints and conspiracies to restrain trade or commerce in the United States. In its Statement, the Justice Department sides with FRM in arguing that RML improperly interprets the Sherman Act as only prohibiting sellers, and not buyers, from conspiring or entering into agreements to fix prices or engage in other restraints on trade as well as rejects as incorrect RML’s claim that FMR must prove RML intended to violate the Sherman Act and that the restraint was “unreasonable.” In expressing its opposition to these interpretations by RML, the Justice Department argues in its Statement of Interest that the Sherman Act applies equally to agreements among buyers and agreements among sellers to restrain trade and further, that a plaintiff establishes a prima facia price fixing claim under Title I of the Sherman Act simply by pleading that the defendant was a party to an agreement between two or more competitors to fix prices regardless of the intent of the parties or the unreasonableness of the agreement and its effect on prices or other commerce.

Aside from their implications for music lovers and artists, these two recent antitrust actions reflect the increasing antitrust enforcement emphasis of the Justice Department over the past year and discuss principles and issues relevant to a broad range of industries and circumstances including particularly aggressive enforcement against agreements no to solicit or hire and other market control agreements among competitors . Businesses of all types should take note of these developments and stay tuned for developments that could impact on their industries or practices.

More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations GroupHR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications focusing on internal controls and other performance. risk and compliance and operations management.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care, employee benefit, insurance and financial services, business, trade and professional associations and groups,  and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

Author of leading works on a multitude of governance, internal controls, workforce and performance management and a host of other related compliance, risk management and regulatory and governmental enforcement and policy concerns, her work includes risk management and compliance counseling and audits, event investigation and redress, representation before regulatory and other bodies; statutory, regulatory and policy advocacy and other assistance to business and government clients. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

 

Posted in antitrust, Compliance, Cyber, Data Security, Fair Debt Collection Practices Act, Fair Debt Collections Act, Fraud, Internal Controls, marketing, Privacy, Risk Management, Uncategorized | Tagged , , , , , , | Leave a comment

Robocall Law Raises Fines, Tightens Requirements


Robocallers could be fined up to $10,000 and telephone and other voice providers will face more responsibility to identify and stop the burgeoning robocall epidemic under a bill passed by Congress and awaiting President Trump’s signature.  The new rules offer possible relief for millions of Americans besieged by perpetual robocalls, but will mean new responsibilities for voice and text service providers and impact the marketing practices of businesses across the nation that rely upon these calls.

Robocall Epidemic

Despite the tightening of federal robocall prohibitions over the past several years, robocalls have continued to surge. According to statistics from the free robocall blocking app for mobile phones YouMail, Americans received more than 5 billion robocalls so far in, 2019. This means an average 167.3 million robocalls are placed per day or 7.0 million calls per hour or 190,000 per second.

While these robocalls affect all communities, certain regions are more heavily targeted. YouMail reports Atlanta, GA leads communities most targeted with 199,110,700 calls followed by Dallas, TX with 187,406,200; Los Angeles, CA with 154,718,100; Houston, TX with 152,960,400; New York, NY with 151,230,400; Chicago, IL with 140,752,400; Baltimore, MD with 103,392,600; Phoenix, AZ with 103,086,000; Newark, NJ with 97,532,400; and the San Francisco Bay Area, CA with 91,224,800.

New Law To Require Telephone & Voice Providers To Act

The Pallone-Thune TRACED Act (S.151) directs the FCC to adopt rules to help protect a subscriber from receiving unwanted calls or texts from a caller using an unauthenticated number and requiring voice service providers to develop call authentication technologies. These rules would

  • Establish a framework for voice providers to use to identify and block prohibited robovoice calls;
  • Require voice service providers to develop call authentication technologies.
  • Require the FCC to initiate a proceeding to determine whether its policies regarding access to number resources could be modified to help reduce access to numbers by potential robocall violators that would: define when a provider may block a voice call based on information provided by the call authentication framework and processes to permit a calling party adversely affected by the framework to verify the authenticity of their calls.

The bill also:

  • Requires the Department of Justice and the FCC to assemble an interagency working group to study and report to Congress on the enforcement of the prohibition of certain robocalls. Specifically, the working group will look into how to better enforce against robocalls by examining issues like the types of laws, policies, or constraints that could be inhibiting enforcement;
  • Implements a forfeiture penalty for violations (with or without intent) of the prohibition on certain robocalls. The bill also removes an annual reporting requirement for enforcement relating to unsolicited facsimile advertisements.

The statutory changes follow up on a FCC rule change last June that gave voice providers authority to voluntarily identify and block the calls. Despite that additional regulatory permission, the robocalls and texts have continued to surge.

Robocalls are placed by a number or different parties for a variety of reasons, the vast majority are placed by legitimate businesses for reminder, marketing, collections or other business purposes. While not insignificant in number and a substantial fraud and law enforcement challenge, fewer than 30 percent of the reported robocalls are identified as associated with scam marketing. Whether from legitimate or illegitimate, the deluge of robocalls have become increasingly concerning to the American public and law enforcement. Businesses and voice providers reevaluate their plans to rely upon voice communication marketing covered by the bill in anticipation that the new rules will affect their marketing with mass voice or e-mail as individuals and businesses plagued by these calls and texts await relief.

More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations GroupHR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications focusing on internal controls and other performance. risk and compliance and operations management.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care, employee benefit, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.

Author of leading works on pay for click and other online, voice and text marketing and data, HIPAA, FACTA, and a multitude of other business marketing, data security and related concerns. Her work includes risk management and compliance counseling and audits, event investigation and redress, representation before regulatory and other bodies; statutory, regulatory and policy advocacy and other assistance to business and government clients. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Posted in Compliance, Cyber, Data Security, Fair Debt Collection Practices Act, Fair Debt Collections Act, Fraud, Internal Controls, marketing, Privacy, Risk Management, Uncategorized | Tagged , , , , , | Leave a comment

Chrisley, Other Felony Tax Prosecutions Highlight Growing Tax Criminal Prosecution Risks


Businesses, their owners, management and tax adviser and others using or contemplating using aggressive federal income, employment or other tax practices should heed the warning sent by the recent grand jury indictment and continuing Justice Department prosecution of cable reality television show Chrisley Knows Best stars Todd and Julie Chrisley on multiple counts of conspiracy, bank fraud, wire fraud, and tax evasion and companion indictment and prosecution of the Chrisley’s accountant, Peter Tarantino, on tax-related offenses.

On August 13, 2019, the Justice Department announced the grand jury indictment of the Chrisley son charges of cheating taxpayers by actively evading paying federal taxes on the money they earned and defrauding a number of banks by fraudulently obtaining millions of dollars in loans.

While the indictment and prosecution of the high profile Chrisleys has dawn extensive media coverage, the expanding aggressiveness of the Internal Revenue Service and Justice Department to zealously investigate and prosecute individuals and businesses that cheat on their tax obligations and the growing number of individuals ordered imprisonment for their conviction on these charges.  Amid this aggressive enforcement climate, businesses or individual taxpayers, their management, operators, investors and advisors should think twice before using illegal or inappropriately aggressive tax minimization strategies or other practices that could violate federal corporate, income, employment or other tax laws.

Chrisley Charges & Prosecution

Among other things, the grand jury indictment charges the Chrisleys and their accountant, Peter Tarantino, of conspiring to defraud the IRS by failing to timely file income tax returns or pay income taxes for the 2013, 2014, 2015, and 2016 tax years.  Although Todd Chrisley publicly claimed on a 2017 national radio program “obviously the federal government likes my tax returns because I pay 750,000 to 1 million dollars just about every year so the federal government doesn’t have a problem with my taxes,” the Justice Department and IRS allege the Chrisleys did not file or pay tax returns for 2013, 2014, 2015, and 2016 but instead, with the aid of Tarantino, allegedly took steps to obstruct IRS collection efforts including hiding income, lying to third parties about their tax returns, and – in Tarantino’s case – lying to FBI and IRS-CI Special Agents.

In addition to the tax fraud charges, the indictment and related information presented in court by the Justice Department also charge Todd and Julie Chrisley with conspiring to defraud numerous banks by providing the banks with false information such as personal financial statements containing false information, and fabricated bank statements when applying for and receiving millions of dollars in loans from as early as 2007 to 2012..

After fraudulently obtaining these loans, the Justice Department says the Chrisleys allegedly used much of the proceeds for their own personal benefit.  In 2014, two years after the alleged bank fraud scheme ended, the Justice Department claims Todd and Julie Chrisley allegedly used fabricated bank statements and a fabricated credit report that had been physically cut and taped or glued together when applying for and obtaining a lease for a home in California.

Other Convictions & Sentencings Show Criminal Tax Prosecution A Real Risk For Overly Aggressive Taxpayers and Tax Advisors

In weighing their own exposure to federal tax prosecution, individual and business taxpayer, their investors, operators, owners, and tax advisors should resist the urge underappreciate their own risk by attributing the prosecution of the Chrisley’s to their celebrity status.  In fact, in announcing the Chrisley indictments, the Justice Department made a point of emphasizing that the Chrisley prosecution is part of a much larger and coordinated effort by the IRS and Department of Justice to aggressively find and crack down on individuals who try to conspire with others to hide their income and then lie to federal agents when confronted. In this respect, Thomas J. Holloman, III, Special Agent in Charge of the Atlanta Field Office, made a point of denying that the Chrisley prosecution was based upon their celebrity status, but rather raises from the IRS’ policy of “zero tolerance for individuals who attempt to shirk their tax responsibilities.”

An already lengthy and quickly mounting list of federal criminal tax prosecutions and prosecutions and convictions certainly lend credence to Holloman’s claim. See, See, e.g., Detroit Area Businessperson Pleads Guilty to Payroll Tax Crime (August 28, 2019);  Former Operators of Michigan Adult Foster Care Homes Sentenced for Income and Employment Tax Crimes (August 27, 2019);  Alabama Man Sentenced to Prison for Filing a False Tax Return (August 27, 2019);  North Carolina Office Manager Sentenced to Prison for Employment Tax Fraud (August 27, 2019); Former CPA Indicted for Failing to Report Foreign Bank Accounts and Filing False Documents with the IRS (August 27, 2019); Former CPA Indicted for Failing to Report Foreign Bank Accounts and Filing False Documents with the IRS (August 14, 2019;  Portland, Maine Tax Return Preparer Pleads Guilty to Preparing False Tax Return (August 13, 2019); Federal Court Shuts Down Palm Beach County, Florida Tax Return Preparers  (August 8, 2019);  Waco Tax Return Preparer Pleads Guilty to Conspiring to Defraud the United States  (August 5, 2019);  Justice Department Announces Resolution with LLB Verwaltung (Switzerland) AG  (August 2, 2019);  Michigan Woman Convicted of Obstructing The IRS  (July 26, 2019);  Brooklyn Business Owner Pleads Guilty in Employment Tax Scheme  (July 26, 2019);  Colorado Tax Defier Convicted Of Tax Evasion  (July 22, 2019);  Michigan Defendant Pleads Guilty to Conspiracy to Steal From an Organization Receiving Federal Funds  (July 22, 2019);  North Carolina Tax Return Preparer Pleads Guilty to Conspiracy to Defraud the IRS  (July 19, 2019);  Virginia Businessman Pleads Guilty to $5 Million Employment Tax Fraud and Illegal Firearm Possession  (July 19, 2019);  Justice Department Announces Addendum to Swiss Bank Program Category 2 Non-Prosecution Agreement with Banque Bonhôte & Cie SA  (July 19, 2019);  Texas Tax Return Preparer Sentenced to Prison in False Tax Return Scheme  (July 16, 2019);  Kansas City, Missouri, Woman Sentenced to Prison for Wire Fraud and Using Stolen Identities to File False Tax Returns  (July 16, 2019);  Federal Court Bars Florida Tax Return Preparer and Her Businesses From Preparing Tax Returns  (July 15, 2019);  Michigan Defendant Pleads Guilty to Conspiracy to Defraud the IRS and Steal From an Organization Receiving Federal Funds  (July 12, 2019);  Property Preservationist Pleads Guilty in $10 Million Dollar Fraud Scheme  (July 8, 2019);  Tulsa Man Pleads Guilty to Payroll Tax Fraud  (July 3, 2019);  Maryland Woman Pleads Guilty to Theft of Government Money and Aggravated Identity Theft  (July 2, 2019);  Engineering Firms’ CPA Sentenced to Prison for Role in Tax Scheme  (July 1, 2019);  North Carolina Tax Return Preparer Sentenced to Prison for Conspiring to File False Tax Returns

Take, for instance, the criminal employment tax fraud prosecution that lead a federal court on August 28, 2019 to sentence adult foster home owner/operator Jeremiah Cheff to 27 month in prison  and his wife Nicolette to two years’ probation.

On August 28, 2019, a federal judge sentenced adult foster home owner and operator Jeremiah Cheff to 27 months in prison, and Nicolette Cheff to two years of probation as punishment for employment tax fraud.  According to court documents and the evidence presented at trial, the Cheffs owned and controlled the financial and business operations of 16 foster care homes that cared for adults with mental illnesses and developmental and physical disabilities.  From September 2010 through September 2014, prosecutors charged the Cheffs withheld payroll taxes from employees’ paychecks, but failed to timely file payroll tax returns and pay over the withheld funds to the Internal Revenue Service (IRS).  Jeremiah Cheff also failed to file several individual income tax returns and, when the IRS attempted to collect unpaid payroll taxes, he sent the IRS a false financial instrument claiming to be worth $80,000 and falsely claimed to a revenue officer that he had paid the taxes due.

On April 11, 2017, Nicolette Cheff pleaded guilty to failing to file an Employer’s Quarterly Federal Tax Return and failing to file an Individual Income Tax Return.  On May 20, 2019, a jury found Jeremiah Cheff guilty of 60 counts of willfully failing to account for and pay over payroll taxes. He was also convicted of corruptly endeavoring to obstruct the IRS, and failing to timely file his 2013 through 2015 individual income tax returns. In addition to the term of imprisonment imposed, United States District Judge Linda V. Parker ordered Jeremiah Cheff to serve two years of probation and ordered both Cheffs to pay restitution in the amount of $199,647 to the IRS.

The Cheffs’ conviction and sentencing resulted from the aggressive investigations and prosecution of businesses and individuals illegally skirting tax liability for tax fraud and related crimes that the IRS and Justice Department that are resulting in an already lengthy and ever-growing list of tax fraud prosecutions and convictions.

Beyond their actual criminal sentencing and payment of restitution, the Cheffs and other business operators with criminal tax convictions or owned or employing others with those convictions can suffer disqualification or restriction of eligibility to serve as providers or contractors to federal and/or state programs and other business opportunities, employee and investor lawsuits, shame and other consequences..

In light of these and other prosecutions and convictions, individuals and businesses that have, are or are considering using, promoting, assisting or advising others, or doing business with others engaged in prohibited or aggressive employment, income or other tax practices, making false or misleading representations to avoid taxes or tax prosecution or engaging in other conduct prohibited by federal tax laws should think twice.  Beyond the potentially painful civil penalties and interests that generally arise from many tax law violations, such actions increasingly could result in criminal prosecution and conviction under the current IRS and Justice Department “zero tolerance” policy.  Tax advisors and preparers also are reminded of their own special heightened tax preparer liability exposure from advising or representing individuals or businesses involved in such actions. Parties who suspect they or someone they do business in has engaged in such practices should contact a qualified attorney admitted to and with extensive experience representing and defending clients in tax fraud and other tax violations before the IRS and Justice Department.  While the investigation and resolution of such concerns likely may require the use of accountants or other consultants, taxpayers and advisors are cautioned the highly sensitive legal nature of the investigations and discussions required to examine and address these issues make it highly advisable for all parties to ensure all communications and dealings are conducted to the extent possible pursuant to and in furtherance of an established legal representation by legal counsel experienced in the tax and other laws involved and within the scope of attorney client privilege.

About The Author

Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent (Top 1%) rated practicing attorney and management consultant, health industry public policy advocate, widely published author and lecturer, recognized for her nearly 30 years’ of work with business and government clients and their leaders as a LexisNexis® Martindale-Hubbell® “LEGAL LEADER™ and “Top Rated Lawyer,” in Health Care Law and Labor and Employment Law; a D Magazine “Best Lawyers In Dallas” in the fields of “Health Care,” “Labor & Employment,” “Tax: Erisa & Employee Benefits” and “Business and Commercial Law,” a Fellow in the American Bar Foundation, the Texas Bar Foundation and the American College of Employee Benefit Counsel.

Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization, Ms. Stamer serves as outside general counsel and special counsel advice, representation and other legal and operations services on a real-time “on demand,” special project and ongoing basis tailored to the needs of the domestic and multinational insurance, healthcare, energy, consulting, manufacturing and other clients on compliance, risk management and other performance and controls matters.

Best  recognized for her work on labor and employment, employee benefits and compensation, healthcare, insurance and risk management, technology and privacy and data security concerns, her experience encompasses work with management of a diverse array of clients and matters including domestic and multinational employers across many industries, health and other employee benefit plans, payroll, staffing, recruitment, technology, audit, training and coaching, consultin, and other outsourcing service providers, public and private health care providers, health and other insurers, banking and financial services, manufacturing, retail and other sales, hospitality, manufacturing, consulting, engineering bankruptcy, turnaround management restructuring and reengineering,  and other change management, technology and other vendors, nonprofit, government and others domestically and internationally.

Author of a multitude of highly-regarded works and training programs on published by BNA, the ABA and other premier legal and other industry publishers,  she also consults to and trains business and government and their leaders and speaks extensively about a wide range of general and special legal, business process and operations a and other concerns.

Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other professional, charitable and civic organizations. Through these and other involvements, she provides hands on leadership, consulting and other support to develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other operations and policies.

For additional information about Ms. Stamer, see here or contact Ms. Stamer directly by e-mail here or by telephone at (469) 767-8872.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.

©2019.  Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Posted in bank secrecy act, Board of Directors, CEO, CFO, Compliance, D&O, Director Liability, Employee Benefits, FinCEN, management, Officers, Officers Liability, patriot act, Performance Management, Risk Management, Uncategorized, Workforce | Leave a comment

Rene Augustine Named DOJ Antitrust Division Acting Deputy Assistant Attorney General Responsible for International and Policy


Current Senior Counsel Rene Augustine will serve as Acting Deputy Assistant Attorney General responsible for the Department of Justice Antitrust Division’s international and policy matters. Makan Delrahim, Assistant Attorney General in charge of the Department’s Antitrust Division, announced today that Augustine will replace outgoing Deputy Assistant Attorney General Roger Alford, who will return to Notre Dame Law School as a tenured professor of law.

Augustine previously has served as Senior Counsel in the Antitrust Division’s Front Office, overseeing both the Competition Policy and Advocacy section, and the Media, Entertainment and Professional Services section.  She recently represented the Antitrust Division in Seoul, South Korea, alongside the Office of the U.S. Trade Representative (USTR) in the first-ever consultations on competition-related matters pursuant to the U.S. – Korea Free Trade Agreement. Augustine has served in all three branches of government and in the private sector. 

Before coming to the Antitrust Division at the Department of Justice, she was Special Assistant to the President and Senior Associate Counsel to the President.  She also served as Associate Counsel to the President in the George W. Bush Administration.  Previously, Augustine was Senior Counsel to the U.S. Senate Committee on the Judiciary, where she was responsible for Antitrust, Business Rights and Competition issues, and was a lead counsel to the Chairman on passage of legislation increasing the Hart-Scott-Rodino filing threshold and improving the second request process.  Augustine clerked for Judge John Hargrove of the U.S. District Court for the District of Maryland.  In the private sector, Augustine was an attorney at a national law firm, worked at the Neighborhood Legal Services Program, and was an adjunct faculty member at George Mason University Law School.Augustine earned her bachelor’s degree from Duke University and her J.D. from Vanderbilt University Law School, where she was an editor of the Vanderbilt Law Review, served on the Vanderbilt Moot Court Board, and graduated Order of the Coif.

About The Author

Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent (Top 1%) rated practicing attorney and management consultant, health industry public policy advocate, widely published author and lecturer, recognized for her nearly 30 years’ of work with business and government clients and their leaders as a LexisNexis® Martindale-Hubbell® “LEGAL LEADER™ and “Top Rated Lawyer,” in Health Care Law and Labor and Employment Law; a D Magazine “Best Lawyers In Dallas” in the fields of “Health Care,” “Labor & Employment,” “Tax: Erisa & Employee Benefits” and “Business and Commercial Law,” a Fellow in the American Bar Foundation, the Texas Bar Foundation and the American College of Employee Benefit Counsel.Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization, Ms. Stamer serves as outside general counsel and special counsel advice, representation and other legal and operations services on a real-time “on demand,” special project and ongoing basis tailored to the needs of the domestic and multinational insurance, healthcare, energy, consulting, manufacturing and other clients on compliance, risk management and other performance and controls matters.Best  recognized for her work on labor and employment, employee benefits and compensation, healthcare, insurance and risk management, technology and privacy and data security concerns, her experience encompasses work with management of a diverse array of clients and matters including domestic and multinational employers across many industries, health and other employee benefit plans, payroll, staffing, recruitment, technology, audit, training and coaching, consulting, and other outsourcing service providers, public and private health care providers, health and other insurers, banking and financial services, manufacturing, retail and other sales, hospitality, manufacturing, consulting, engineering bankruptcy, turnaround management restructuring and reengineering,  and other change management, technology and other vendors, nonprofit, government and others domestically and internationally.Author of a multitude of highly-regarded works and training programs on published by BNA, the ABA and other premier legal and other industry publishers,  she also consults to and trains business and government and their leaders and speaks extensively about a wide range of general and special legal, business process and operations a and other concerns.Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other professional, charitable and civic organizations. Through these and other involvements, she provides hands on leadership, consulting and other support to develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other operations and policies.  For additional information about Ms. Stamer, see here or contact Ms. Stamer directly by e-mail here or by telephone at (214) 452-8297.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.  ©2019  Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Posted in bank secrecy act, Board of Directors, CEO, CFO, Compliance, D&O, Director Liability, Employee Benefits, FinCEN, management, Officers, Officers Liability, patriot act, Performance Management, Risk Management, Uncategorized, Workforce

$5.1 Million Zurich Life Tax Settlement Highlights International Reporting Noncompliance Risks


A $5.1 million Zurich Life Group international tax settlement agreement highlights the importance for US businesses involved in international transactions of verifying and maintaining compliance with U.S. transaction reporting and other federal tax, financial and other reporting and disclosure requirements.

Zurich Life Insurance Company Ltd (Zurich Life), headquartered in Zurich, Switzerland, and Zurich International Life Limited (Zurich International Life), headquartered in the Isle of Man (collectively Zurich) will pay a $5,115,000 penalty and implement other new procedures and controls under a tax non-prosecution agreement with the Department of Justice Tax Division.

According to the terms of the non-prosecution agreement, Zurich agrees to cooperate in any related criminal or civil proceedings, to implement controls to stop misconduct involving undeclared U.S. accounts, and to pay a penalty in return for the Department’s agreement not to prosecute the insurance providers for tax-related criminal offenses.

“The Tax Division remains steadfast in its goal of ending the use of offshore banking and insurance products when used to commit tax evasion,” said Principal Deputy Assistant Attorney General Zuckerman. “This resolution with Zurich should serve as a strong message to those who use offshore bank accounts and insurance products to evade taxation that the Department of Justice is committed to stopping such fraud.”

Zurich Life was founded in 1922 and operates in Switzerland as an insurance carrier offering life insurance and investment products. As of 2016, Zurich Life had approximately $21.3 billion in assets under management and over 300,000 policies in force. Zurich International Life is based in the Isle of Man and operates as an insurance carrier offering life insurance and investment products. Zurich International Life focuses its business on the international expatriate market. As of 2016, Zurich International Life had approximately $10.6 billion in assets under management and approximately 300,000 policies in force. Zurich Life and Zurich International Life are indirectly owned subsidiaries of Zurich Insurance Group Ltd, a Swiss holding company headquartered in Zurich, Switzerland.

From Jan. 1, 2008, through June 30, 2014, Zurich issued or had certain insurance policies and accounts of U.S. taxpayer customers, who used their policies to evade U.S. taxes and reporting requirements. In particular, Zurich had approximately 420 U.S. related policies, 127 with Zurich Life and 293 with Zurich International Life, with an aggregate maximum value of approximately $102 million, for which the U.S. taxpayer customers did not provide evidence that they had declared their policies to U.S. tax authorities.

To qualify for favorable tax treatment under the U.S. tax code, insurance must meet certain minimal requirements. The policies offered by Zurich Life and Zurich International Life did not meet these requirements. The increase of the principal in these policies was therefore subject to taxation, and the policies were required to be disclosed to the Internal Revenue Service (IRS) on FinCEN Form 114 Foreign Bank Account Report, commonly referred to as an FBAR. In issuing or having undeclared U.S. related policies, Zurich knew or should have known that they were helping U.S. taxpayers conceal from the IRS ownership of undeclared assets, maintained as insurance policies or accounts.

Zurich International Life, in particular, sold insurance products to U.S. taxpayers that were “unit linked,” meaning the cash surrender value and death benefit amount were linked to the value of specified investments. With such policies, the U.S. taxpayer had a suite of specialized investment options, allowing them to access potentially higher returns by taking on the market risk associated with the policies. Some of these unit-linked policies offered a base death benefit that was nearly equivalent to the cost of the policy itself, and in some instances was fully funded by transfers from offshore bank accounts. Upon redemption, the U.S. taxpayer would receive the premium amount plus any investment earnings on the policy less a very small percentage for putative risk and fees.

Despite knowing that some of these policies, which had minimal-to-no risk mitigation function and specialized investment options, were held by U.S. taxpayers, Zurich International Life failed to act appropriately to ensure timely compliance by the policyholders with U.S. tax laws. In at least one instance, uncovered during the course of Zurich Life’s internal review, a former U.S. citizen, who pled guilty to a federal fraud offense after purchasing a Zurich International Life policy, used that insurance policy to hide substantial assets, despite owing approximately $900,000 in restitution to his victims.

Following the commencement of the Department’s Swiss Bank Program, the Zurich Group initiated a global review of the life insurance, savings and pension business sold by all of its non-U.S. operating companies to identify policies or accounts with U.S. indicia. This review prompted an extensive customer outreach to current and former customers with a possible nexus to the United States to confirm the customers’ status as U.S. taxpayers, assess their compliance with applicable U.S. tax and reporting rules, and encourage participation in an IRS voluntary disclosure program.

In July 2015, Zurich contacted the Department to inform it of the initial findings of the self-review. Prior to the self-reporting, Zurich was neither a subject nor a target of any investigation being conducted by the Tax Division. Since this self-disclosure, Zurich has conducted a thorough investigation and reported substantial findings to the Tax Division, including dozens of detailed summaries of account information and comprehensive reports for the U.S. related policies.

In addition to these efforts, the Companies have worked closely with non-U.S. regulators to ensure full disclosure to the Department. For instance, in 2016, Zurich Life applied to the Swiss Federal Department of Finance and received approval to waive Article 271 of the Swiss Criminal Code, which restricted the disclosures that Zurich Life could make to the Department, thereby facilitating Zurich Life’s production of certain information that would have otherwise been prohibited.

Part of a wave of tax prosecutions undertaken by the Trump Administration’s Justice Department, the prosecution and settlement signals the need for insurers, financial and other businesses participating international transactions to verify and maintain compliance with financial reporting and other tax, financial and other reporting, disclosure and other requirements.

About The Author

Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent (Top 1%) rated practicing attorney and management consultant, health industry public policy advocate, widely published author and lecturer, recognized for her nearly 30 years’ of work with business and government clients and their leaders as a LexisNexis® Martindale-Hubbell® “LEGAL LEADER™ and “Top Rated Lawyer,” in Health Care Law and Labor and Employment Law; a D Magazine “Best Lawyers In Dallas” in the fields of “Health Care,” “Labor & Employment,” “Tax: Erisa & Employee Benefits” and “Business and Commercial Law,” a Fellow in the American Bar Foundation, the Texas Bar Foundation and the American College of Employee Benefit Counsel.

Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization, Ms. Stamer serves as outside general counsel and special counsel advice, representation and other legal and operations services on a real-time “on demand,” special project and ongoing basis tailored to the needs of the domestic and multinational insurance, healthcare, energy, consulting, manufacturing and other clients on compliance, risk management and other performance and controls matters.

Best  recognized for her work on labor and employment, employee benefits and compensation, healthcare, insurance and risk management, technology and privacy and data security concerns, her experience encompasses work with management of a diverse array of clients and matters including domestic and multinational employers across many industries, health and other employee benefit plans, payroll, staffing, recruitment, technology, audit, training and coaching, consultin, and other outsourcing service providers, public and private health care providers, health and other insurers, banking and financial services, manufacturing, retail and other sales, hospitality, manufacturing, consulting, engineering bankruptcy, turnaround management restructuring and reengineering,  and other change management, technology and other vendors, nonprofit, government and others domestically and internationally.

Author of a multitude of highly-regarded works and training programs on published by BNA, the ABA and other premier legal and other industry publishers,  she also consults to and trains business and government and their leaders and speaks extensively about a wide range of general and special legal, business process and operations a and other concerns.

Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other professional, charitable and civic organizations. Through these and other involvements, she provides hands on leadership, consulting and other support to develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other operations and policies.

For additional information about Ms. Stamer, see here or contact Ms. Stamer directly by e-mail here or by telephone at (469) 767-8872.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.
©2018.  Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

ation, audit and enforcement of policies, procedures, systems and safeguards, drafting and negotiation of business associate, chain of custody, confidentiality, and other contracting; risk assessments, audits and other risk prevention and mitigation; investigation, reporting, mitigation and resolution of known or suspected breaches, violations or other incidents; and defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others; reporting known or suspected violations; commenting or obtaining other clarification of guidance and other regulatory affairs, training and enforcement, and a host of other related concerns.

Best  recognized for her work on labor and employment, employee benefits and compensation, healthcare, insurance and risk management, technology and privacy and data security concerns, her experience encompasses work with management of a diverse array of clients and matters including domestic and multinational employers across many industries, health and other employee benefit plans, payroll, staffing, recruitment, technology, audit, training and coaching, consultin, and other outsourcing service providers, public and private health care providers, health and other insurers, banking and financial services, manufacturing, retail and other sales, hospitality, manufacturing, consulting, engineering bankruptcy, turnaround management restructuring and reengineering,  and other change management, technology and other vendors, nonprofit, government and others domestically and internationally.

Author of a multitude of highly-regarded works and training programs on published by BNA, the ABA and other premier legal and other industry publishers,  she also consults to and trains business and government and their leaders and speaks extensively about a wide range of general and special legal, business process and operations a and other concerns.

Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other professional, charitable and civic organizations. Through these and other involvements, she provides hands on leadership, consulting and other support to develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other operations and policies.

For additional information about Ms. Stamer, see here or contact Ms. Stamer directly by e-mail here or by telephone at (469) 767-8872.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.
©2019.  Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Posted in bank secrecy act, Board of Directors, CEO, CFO, Compliance, D&O, Director Liability, Employee Benefits, FinCEN, management, Officers, Officers Liability, patriot act, Performance Management, Risk Management, Uncategorized, Workforce | Leave a comment

SBA Urges FMCSA To Exempt Livestock Drivers From Hours Of Service Limits


Livestock haulers troubled by the effects of Federal Motor Carrier Safety Administration (FMCSA) rules limiting driver hours on livestock are getting support for relief from the U.S. Small Business Administration’s (SBA) Office of Advocacy.

Livestock haulers have expressed concern that the FMCSA’s application of the requirements to livestock drivers is harmful and cruel to the livestock by forcing drivers to extend the livestocks’ confinement in trailers to take mandated rest periods.

The SBS has expressed support for an application to exempt livestock drivers from the FMCSA hour restrictions.

The support was expressed in comments submitted in response to the FMCSA’s Request for Comments on Notice of Application for Exemption from Certain Provisions of Hours of Service of Drivers Rule by Livestock and Related Drivers published in the Federal Register on February 6, 2019.

The exemption application was made on behalf of drivers who transport livestock, insects, and aquatic animals with special transportation needs, and was filed by the National Cattlemen’s Beef Association, Livestock Marketing Association, American Farm Bureau Federation, American Beekeeping Federation, American Honey Producers Association and the National Aquaculture Association. The applicants request approval of a sixteen-hour on-duty period during which these drivers would be permitted to drive up to fifteen hours and would only commence after ten consecutive hours off duty. All other aspects of the current Hours of Service of Drivers rules for these drivers would remain unchanged.

Read the SBA’s Comment Letter and Fact Sheet.

About The Author

The author of this update, Cynthia Marcotte Stamer is widely recognized for her nearly 30 years’ work with health care, insurance and financial services and other public and private organizations, publications, presentations, advocacy and other work on cybersecurity and other data and privacy protection and compliance,  risk management and investigation and mitigation.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Former Chair of the RPTE Employee Benefits and Compensation Committee, a current Co-Chair of the Committee, and the former Chair of its Welfare Benefit and its Defined Compensation Plan Committees and former RPTE Joint Committee on Employee Benefits Council (JCEB) Representative, Ms. Stamer is a Martindale-Hubble “AV-Preeminent” practicing attorney and management consultant, author, public policy advocate, author and lecturer repeatedly recognized for her 30 plus years’ of work and pragmatic thought leadership, publications and training on leadership and management, and compliance concerns as among the “Top Rated Labor & Employment Lawyers in Texas,” a “Legal Leader,” a “Top Woman Lawyer” and with other awards by LexisNexis® Martindale-Hubbell®; as among the “Best Lawyers In Dallas” for her work in the field of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, in International Who’s Who of Professionals and with numerous other awards and distinctions.

Highly valued for her ability to meld her extensive legal and industry knowledge and experience with her talents as an insightful innovator and pragmatic problem solver, Ms. Stamer provides legal, operational and strategic advice, representational and coaching to organizations and their management.

Ms. Stamer also is active in the leadership of a broad range of other public policy advocacy and other professional and civic organizations and involvements. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions  Law Press, Inc.™. For information about republication, please contact the author directly. All other rights reserved.

Posted in agriculture, trucking, Uncategorized | Leave a comment

Harris County Disability Settlement Reminder To Properly Accommodate Customer Disabilies


Businesses and government agencies should heed the reminder of the importance of providing proper accommodation from a new Justice Department settlement with Harris County, Texas announced today.

Another in a lengthy series of disability accommodation enforcement settlements, the agreement resolves a Justice Department lawsuit alleging that Harris County violated Title II of the Americans with Disabilities Act (ADA) by failing to provide an accessible voting program to voters with disabilities, including accessible polling places.

Harris County’s voting program—the third largest in the country—includes over 750 polling places. The Justice Department’s complaint alleges that many polling places in Harris County have architectural barriers—such as steep ramps, gaps in sidewalks and walkways, and locked gates along the route barring pedestrian access—that make them inaccessible to voters with mobility impairments or voters who are blind or visually impaired.

Under the agreement, Harris County will create and implement policies, practices, and procedures to bring its voting program into compliance with the ADA, including creating an effective system for selecting accessible facilities for polling places, surveying polling place facilities for accessibility barriers, procuring and implementing temporary accessibility remedies during elections, providing effective curbside voting, and hiring Subject Matter Experts to provide technical assistance and training to the County as well as provide reports to the parties on the County’s compliance with the agreement.

The Harris County settlement is the latest of many enforcement actions including many with substantial recoveries of damages and/or penalties.

About The Author

The author of this update, Cynthia Marcotte Stamer is widely recognized for her nearly 30 years’ work with health care, insurance and financial services and other public and private organizations, publications, presentations, advocacy and other work on cybersecurity and other data and privacy protection and compliance,  risk management and investigation and mitigation.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Former Chair of the RPTE Employee Benefits and Compensation Committee, a current Co-Chair of the Committee, and the former Chair of its Welfare Benefit and its Defined Compensation Plan Committees and former RPTE Joint Committee on Employee Benefits Council (JCEB) Representative, Ms. Stamer is a Martindale-Hubble “AV-Preeminent” practicing attorney and management consultant, author, public policy advocate, author and lecturer repeatedly recognized for her 30 plus years’ of work and pragmatic thought leadership, publications and training on leadership and management, and compliance concerns as among the “Top Rated Labor & Employment Lawyers in Texas,” a “Legal Leader,” a “Top Woman Lawyer” and with other awards by LexisNexis® Martindale-Hubbell®; as among the “Best Lawyers In Dallas” for her work in the field of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, in International Who’s Who of Professionals and with numerous other awards and distinctions.

Highly valued for her ability to meld her extensive legal and industry knowledge and experience with her talents as an insightful innovator and pragmatic problem solver, Ms. Stamer provides legal, operational and strategic advice, representational and coaching to organizations and their management.

Ms. Stamer also is active in the leadership of a broad range of other public policy advocacy and other professional and civic organizations and involvements. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions  Law Press, Inc.™. For information about republication, please contact the author directly. All other rights reserved.

Posted in Uncategorized | Leave a comment

Appeals Court Rules Corporation Can’t Deduct Excise Tax Not Paid As Tax Deduction


Federal corporate taxpayers may not deduct as a cost of goods sold expense an excise tax expense that was never actually incurred or paid according the Federal Circuit Court of Appeals just-released ruling in Sunoco, Inc. v. United States, No. 2017-1402 (November 1, 2018).

In Sonoco, Inc.,  the Federal Circuit Court of Appeals considered the approximately $1 billion deduction in alcohol fuel mixture credits claimed by  Sunoco, Inc., a petroleum and petrochemical company, claimed on its federal excise tax returns to reduce its federal fuel excise tax liability by the same amount. By including the $1 billion in excise tax expenses in its cost of goods sold, Sunoco, Inc. sought to reduce its federal corporate income taxes with an excise tax expense that was never paid. The Federal Circuit held that the plain language of the Internal Revenue Code precluded Sunoco, Inc.’s attempt to obtain a $300 million dollar “windfall” reduction in tax. The court also stated, “We have already established that Congress does not generally allow taxpayers to receive a tax benefit twice.”

The Federal Circuit Court of Appeals issued a precedential opinion today affirming the Court of Federal Claims decision that federal corporate taxpayers may not deduct as a cost of goods sold expense an excise tax expense that was never actually incurred or paid,

About The Author

The author of this update, Cynthia Marcotte Stamer is widely recognized for her nearly 30 years’ work with health care, insurance and financial services and other public and private organizations, publications, presentations, advocacy and other work on cybersecurity and other data and privacy protection and compliance,  risk management and investigation and mitigation.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Former Chair of the RPTE Employee Benefits and Compensation Committee, a current Co-Chair of the Committee, and the former Chair of its Welfare Benefit and its Defined Compensation Plan Committees and former RPTE Joint Committee on Employee Benefits Council (JCEB) Representative, Ms. Stamer is a Martindale-Hubble “AV-Preeminent” practicing attorney and management consultant, author, public policy advocate, author and lecturer repeatedly recognized for her 30 plus years’ of work and pragmatic thought leadership, publications and training on leadership and management, and compliance concerns as among the “Top Rated Labor & Employment Lawyers in Texas,” a “Legal Leader,” a “Top Woman Lawyer” and with other awards by LexisNexis® Martindale-Hubbell®; as among the “Best Lawyers In Dallas” for her work in the field of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, in International Who’s Who of Professionals and with numerous other awards and distinctions.

Highly valued for her ability to meld her extensive legal and industry knowledge and experience with her talents as an insightful innovator and pragmatic problem solver, Ms. Stamer provides legal, operational and strategic advice, representational and coaching to organizations and their management.

Ms. Stamer also is active in the leadership of a broad range of other public policy advocacy and other professional and civic organizations and involvements. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions  Law Press, Inc.™. For information about republication, please contact the author directly. All other rights reserved.

Posted in Board of Directors, CEO, CFO, Compliance, Cyber, data breach, Fraud, Leadership, Privacy, Tax, Uncategorized | Leave a comment

Protect Your Website & Website Data Against Cybersecurity Threats


The United States Computer Emergency Readiness Team of the Department of Homeland Security (US-CERT) is urging all organizations and individuals operating websites to confirm the adequacy of the website security measures and practices of their organizations’ websites to reduce their organizations to the financial, operational and reputational disruptions and risks created by the increasingly persistent ransomware and other hacking, data breach and cybersecurity threats.

Website security refers to the protection of personal and organizational public-facing websites from cyberattacks.

Cyberattacks against public-facing websites—regardless of size—are common. An attack to your website could

  • Cause defacement,
  • Cause a denial-of-service (DoS) condition,
  • Enable the attacker to obtain sensitive information, or
  • Enable the attacker to take control of the affected website.

Depending on the content and functionality of the particular website, organization and personal websites that fall victim to defacement or DoS may experience financial loss, legal liability, operational disruptions, reputational damage and other material costs and disruptions due to eroded user trust or a decrease in website visitors.

Liability can arise from a host of sources.  For instance, a cyberattack that causes a data breach places your company’s intellectual property and users’ personally identifiable information (PII) at risk of theft.  Businesses whose websites collect or receive credit, credit card, or other personal financial information generally are required to monitor and maintain the security of such information under the federal Fair and Accurate Credit Transactions Act (FACTA) and various other federal and state data security, identity theft and other identity theft, electronic crimes and data security laws.  Meanwhile, the Internal Revenue Code and various other federal or state tax and other laws obligate employers, tax advisors and tax prepares and others collecting or maintaining  tax information to take appropriate steps to safeguard tax information they create or maintain electronically against misuse. Beyond these and other commonly applicable data and cybersecurity requirements, certain industries also often face industry specific mandates concerning the security of websites and other electronic systems containing sensitive information.  For instance, the Privacy, Security and Breach Notification rules of the Health Insurance Portability and Accountability Act (HIPAA)  and most states impose detailed requirements for maintaining the security of websites and other operating systems containing electronic protected health information (ePHI) on health care providers, health plans or health insurers,  health care clearing houses and their business associates including affirmative requirements to monitor data and systems for threats or occurrences of unauthorized access and to take corrective action and provide specific notifications within specific timeframes.  Moreover, virtually all organizations maintaining or using websites also are subject to specific requirements to provide notifications about privacy and data security practices under various laws, as well as various contractual obligations concerning the protection of website data. Beyond the liabilities and sanctions that various applicable laws may impose for violations of their applicable requirements, noncompliance with these and other specific legal website and data security responsibilities, breaches of contractual, statutory or regulatory duties, misrepresentations about the adequacy of safeguards, and common law privacy theories also can create substantial damage exposure.  Even where this is not the case, however, organizations websites or website data are breached typically incur substantial operational expense, disruption, public, investor relations and other reputational harm, and other damages as a result of the security breaches.  Consequently, all organizations should tailor and monitor their website security to ensure these requirements are met as well as following other website security best practices.

  • What security threats are associated with websites?

US-CERT says cyber criminals may attack websites because of financial incentives such as the theft and sale of intellectual property and PII, ransomware payouts, and cryptocurrency mining (see Defending Against Illicit Cryptocurrency Mining Activity). Cyber criminals may also be motivated to attack websites for ideological reasons, e.g., to gain publicity and notoriety for a terrorist organization through defacing a government website.

Possible cyberattacks against your website include those commonly reported in the media, such as website defacement and DoS—which make the information services provided by the website unavailable for users (see Understanding Denial-of-Service Attacks). An even more severe website attack scenario may result in the compromise of customer data (e.g., PII). These threats affect all aspects of security—confidentiality, integrity, and availability—and can gravely damage the reputation of the website and its owner.

A more subtle attack—one that may not be immediately evident to the website’s owner or user—occurs when an attacker pivots from a compromised web server to the website owner’s corporate network, which contains an abundance of sensitive information that may be at risk of exposure, modification, or destruction. Once an attacker uses a compromised website to enter a corporate network, other assets may be available to the attacker, including user credentials, PII, administrative information, and technical vulnerabilities. Additionally, by compromising the website platform, an attacker may be able to repurpose the website infrastructure as a platform from which they can launch attacks against other systems.

  • How to improve cybersecurity protection against website attacks?

Organizations covered by affirmative federal or state mandates such as HIPAA, FACTA, the Internal Revenue Code or other federal or state data security, data breach, identity theft or other requirements should ensure that their website security at all times fulfills all of these applicable requirements and maintain clear documentation of these efforts.  Beyond meeting these specific legal mandates, US-CERT recommends that organizations and individuals act to protect their websites by applying the following the best practices to their web servers:

  • Implement the principle of least privilege. Ensure that all users have the least amount of privilege necessary on the web server (including interactive end users and service accounts).
  • Use multifactor authentication. Implement multifactor authentication for user logins to web applications and the underlying website infrastructure.
  • Change default vendor usernames and passwords. Default vendor credentials are not secure—they are usually readily available on the internet. Changing default usernames and passwords will prevent an attack that leverages default credentials.
  • Disable unnecessary accounts. Disable accounts that are no longer necessary, such as guest accounts or individual user accounts that are no longer in use.
  • Use security checklists. Audit and harden configurations based on security checklists specific to each application (e.g., Apache, MySQL) on the system.
  • Use application whitelisting. Use application whitelisting and disable modules or features that provide capabilities that are not necessary for business needs.
  • Use network segmentation and segregation. Network segmentation and segregation makes it more difficult for attackers to move laterally within connected networks. For example, placing the web server in a properly configured demilitarized zone (DMZ) limits the type of network traffic permitted between systems in the DMZ and systems in the internal corporate network.
  • Know where your assets are. You must know where your assets are in order to protect them. For example, if you have data that does not need to be on the web server, remove it to protect it from public access.
  • Protect the assets on the web server. Protect assets on the web server with multiple layers of defense (e.g., limited user access, encryption at rest).
  • Practice healthy cyber hygiene.
    • Patch systems at all levels—from web applications and backend database applications, to operating systems and hypervisors.
    • Perform routine backups, and test disaster recovery scenarios.
    • Configure extended logging and send the logs to a centralized log server.

Beyond these steps, US-CERT also suggests the following steps:

  • Sanitize all user input. Sanitize user input, such as special characters and null characters, at both the client end and the server end. Sanitizing user input is especially critical when it is incorporated into scripts or structured query language statements.
  • Increase resource availability. Configure your website caching to optimize resource availability. Optimizing your website’s resource availability increases the chance that your website will withstand unexpectedly high amounts of traffic during DoS attacks.
  • Implement cross-site scripting (XSS) and cross-site request forgery (XSRF) protections. Protect your website system, as well as visitors to your website, by implementing XSS and XSRF protections.
  • Implement a Content Security Policy (CSP). Website owners should also consider implementing a CSP. Implementing a CSP lessens the chances of an attacker successfully loading and running malicious JavaScript on the end user machine.
  • Audit third-party code. Audit third-party services (e.g., ads, analytics) to validate that no unexpected code is being delivered to the end user. Website owners should weigh the pros and cons of vetting the third-party code and hosting it on the web server (as opposed to loading the code from the third party).
  • Implement hypertext transfer protocol secure (HTTPS) and HTTP strict transport security (HSTS). Website visitors expect their privacy to be protected. To ensure communications between the website and user are encrypted, always enforce the use of HTTPS, and enforce the use of HSTS where possible. For further information and guidance, see the U.S. Chief Information Officer (CIO) and the Federal CIO Council’s webpage on the HTTPS-Only Standard.
  • Implement additional security measures. Additional measures include
    • Running static and dynamic security scans against the website code and system,
    • Deploying web application firewalls,
    • Leveraging content delivery networks to protect against malicious web traffic, and
    • Providing load balancing and resilience against high amounts of traffic.

For additional guidance, US-CERT recomends visiting  the Open Web Application Security Project Top 10 Cheat Sheet on common critical risks to web applications, the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-44: Guidelines on Securing Public Web Servers, and NIST SP 800-95: Guide to Secure Web Services. Subscribe to NCCIC Current Activities to stay current on the latest website technology vulnerabilities.

About The Author

The author of this update, Cynthia Marcotte Stamer is widely recognized for her nearly 30 years’ work with health care, insurance and financial services and other public and private organizations, publications, presentations, advocacy and other work on cybersecurity and other data and privacy protection and compliance,  risk management and investigation and mitigation.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Former Chair of the RPTE Employee Benefits and Compensation Committee, a current Co-Chair of the Committee, and the former Chair of its Welfare Benefit and its Defined Compensation Plan Committees and former RPTE Joint Committee on Employee Benefits Council (JCEB) Representative, Ms. Stamer is a Martindale-Hubble “AV-Preeminent” practicing attorney and management consultant, author, public policy advocate, author and lecturer repeatedly recognized for her 30 plus years’ of work and pragmatic thought leadership, publications and training on leadership and management, and compliance concerns as among the “Top Rated Labor & Employment Lawyers in Texas,” a “Legal Leader,” a “Top Woman Lawyer” and with other awards by LexisNexis® Martindale-Hubbell®; as among the “Best Lawyers In Dallas” for her work in the field of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, in International Who’s Who of Professionals and with numerous other awards and distinctions.

Highly valued for her ability to meld her extensive legal and industry knowledge and experience with her talents as an insightful innovator and pragmatic problem solver, Ms. Stamer provides legal, operational and strategic advice, representational and coaching to organizations and their management.

Ms. Stamer also is active in the leadership of a broad range of other public policy advocacy and other professional and civic organizations and involvements. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions  Law Press, Inc.™. For information about republication, please contact the author directly. All other rights reserved.

Posted in Board of Directors, CEO, CFO, Compliance, Cyber, data breach, Fraud, Leadership, Privacy, Uncategorized | Leave a comment