On April 8, the Department of Justice’s (“DOJ’s”) final rule on Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons (the “Rule”) formally took effect. ...more
4/21/2025
/ Compliance Dates ,
Covered Person ,
Covered Transactions ,
Data Security ,
Department of Justice (DOJ) ,
Effective Date ,
Enforcement Actions ,
Executive Orders ,
Final Rules ,
International Data Transfers ,
National Security ,
Risk Management ,
Sensitive Personal Information
This year’s M&A Report offers a detailed review of the M&A market and outlook, including a breakdown by various geographies and industry sectors. We examine what might be in store with antitrust and CFIUS under the Trump...more
2/13/2025
/ Acquisitions ,
Antitrust Provisions ,
CFIUS ,
Cross-Border Transactions ,
Defense Strategies ,
Financial Services Industry ,
Information Reports ,
Initial Public Offering (IPO) ,
Merger Controls ,
Merger Reviews ,
Mergers ,
Premerger Notifications ,
Private Equity ,
Purchase Price ,
Purchase Price Adjustment ,
Venture Capital
In 2024, the Biden Administration substantially expanded executive branch power to monitor foreign investment into and out of the United States. First, the administration continued efforts to aggressively police compliance...more
2/13/2025
/ Acquisitions ,
Artificial Intelligence ,
CFIUS ,
China ,
Cross-Border Transactions ,
Export Controls ,
Foreign Investment ,
Investment ,
Investment Opportunities ,
Mergers ,
National Security ,
Technology Sector ,
Trump Administration
On January 8, the Department of Justice (DOJ) published its final Rule implementing Executive Order 14117 (EO), “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by...more
On October 28, the Biden Administration released its long-awaited final rule to restrict U.S. investment in China. This outbound investment regime, which is effective January 2, 2025, will impact all U.S. companies and...more
11/5/2024
/ Artificial Intelligence ,
Biden Administration ,
China ,
Compliance ,
Corporate Counsel ,
Final Rules ,
Foreign Investment ,
National Security ,
Outbound Transactions ,
Technology Sector ,
U.S. Treasury
With the publication of a recent Notice of Proposed Rulemaking (NPRM), the Department of Justice National Security Division will soon become an important new regulator of transactions involving the transfer of sensitive U.S....more
10/29/2024
/ Biden Administration ,
China ,
Civil Investigation Demand ,
Comment Period ,
Compliance ,
Covered Person ,
Cross-Border Transactions ,
Data Retention ,
Department of Justice (DOJ) ,
Due Diligence ,
Executive Orders ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
Personal Data ,
Proposed Rules ,
Regulatory Authority ,
Russia ,
Sensitive Personal Information
On October 11, 2024, the U.S. Department of Defense (DoD) at long last published a final rule establishing the Cybersecurity Maturity Model Certification (CMMC) Program (the Final Rule)...more
Venture capital financing activity in 2023 contracted for the second consecutive year in the face of rising interest rates, concerns regarding the trajectory of the economy and continued geopolitical tension.
VC-backed...more
On March 6, 2024, the U.S. Departments of the Treasury, Commerce, and Justice jointly issued a Tri-Seal Compliance Note titled “Obligations of Foreign-Based Persons to Comply with U.S. Sanctions and Export Control Laws”...more
On February 28, 2024, President Biden signed Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and U.S. Government-Related Data by Countries of Concern” (the EO), under the authority of the...more
3/4/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
China ,
Consumer Financial Protection Bureau (CFPB) ,
Data Transfers ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Executive Orders ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Rulemaking Process ,
Russia ,
Sensitive Personal Information
The requirement to disclose material cybersecurity events under new Item 1.05 of Form 8-K takes effect today (other than for smaller reporting companies, for which the new requirement will take effect on June 15, 2024)....more
Navigating the expanding defense technology subsector of the emerging company ecosystem requires careful planning and execution.
Beyond putting together a trusted team and developing a uniquely marketable product, defense...more
11/28/2023
/ Capital Formation ,
Capital Raising ,
Corporate Financing ,
Defense Sector ,
Early Stage Companies ,
Entrepreneurs ,
Federal Contractors ,
Foreign Investment ,
Seed Financing ,
Small Business ,
Startups ,
Strategic Planning ,
Technology ,
Venture Capital
The Biden Administration has issued its long-awaited Executive Order on Addressing United States Investments in Certain National Security Technologies and Products in Countries of Concern (“EO”), which will create a new...more
8/11/2023
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
China ,
Cybersecurity ,
Executive Orders ,
Foreign Investment ,
NAICS ,
National Security ,
Outbound Transactions ,
Popular ,
Proposed Regulation ,
Supply Chain ,
Technology Sector ,
U.S. Treasury
The Committee on Foreign Investment in the United States (CFIUS) reviewed a record number of transactions for national security risks in 2022: 440 covered transactions, up from 436 transactions in 2021, according to its...more
Following a series of public reports, the United States appears close to announcing a new regulatory process to scrutinize US “outbound” investment to countries presenting national security challenges. ...more
2/22/2023
/ Acquisitions ,
CFIUS ,
Compliance ,
Covered Transactions ,
Cross-Border Transactions ,
Foreign Investment ,
Mergers ,
NAICS ,
National Security ,
Office of Foreign Assets Control (OFAC) ,
Outbound Transactions ,
Popular ,
Regulatory Agenda ,
Regulatory Requirements
On September 15, 2022, President Biden signed an Executive Order (EO) identifying economic sectors that merit special attention for review by the Committee on Foreign Investment in the United States (CFIUS or the Committee)....more
9/20/2022
/ Biden Administration ,
CFIUS ,
Cybersecurity ,
Executive Orders ,
Foreign Direct Investment ,
Foreign Investment ,
Investors ,
National Security ,
Sensitive Personal Information ,
Supply Chain ,
Technology Sector
The Committee on Foreign Investment in the United States (CFIUS) is reviewing a record number of transactions for national security risks, according to a recently released Annual Report to Congress for Calendar Year 2021. ...more
On June 28, 2022, the FBI issued a Public Service Announcement (PSA) warning that fraudsters are using deepfakes to impersonate job applicants during online interviews and employing stolen Personally Identifiable Information...more
Fast-spreading disinformation and the growing ease with which believable deepfake media can be created are threats that are poised to accelerate a range of business dangers, particularly those related to reputational risk,...more
On March 9, 2022, the SEC proposed rules, by a 3-1 vote, that are intended to enhance disclosures about cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed rules are...more
3/11/2022
/ Comment Period ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 10-K ,
Form 8-K ,
Investment Adviser ,
Investment Companies ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Mitigation ,
Securities and Exchange Commission (SEC)
On October 27, 2021, the Federal Trade Commission (FTC) announced a newly updated rule under the Gramm-Leach-Bliley Act (GLBA) intended to require financial institutions to strengthen their data security safeguards to protect...more
11/1/2021
/ Cybersecurity ,
Data Protection ,
Federal Trade Commission (FTC) ,
Final Rules ,
Financial Institutions ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Personal Information ,
Risk Assessment ,
Safeguards Rule ,
Security Risk Assessments ,
Third-Party Service Provider
The US Department of Justice (DOJ) recently announced plans to use the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors, subcontractors and grant recipients, including for providing...more
10/14/2021
/ Compliance ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
Subcontractors
On Wednesday, May 12, 2021, President Biden issued an ambitious and sweeping Executive Order focused on combating digital threats to US networks and infrastructure. The Executive Order on Improving the Nation’s Cybersecurity...more
5/17/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Federal Contractors ,
Information Technology ,
National Security ,
NIST ,
OMB ,
Supply Chain
WilmerHale podcast co-host and Partner John Walsh welcomes Partner Jason Chipman, who moderates a discussion between fellow WilmerHale lawyer Matthew Ferraro and special guest Nina Schick on “deepfakes”—using synthetic media...more
On March 10, 2021, the Federal Bureau of Investigation (FBI or Bureau) issued a Private Industry Notification (PIN) advising companies that “[m]alicious actors almost certainly will leverage synthetic content for cyber and...more