Global Connection - June 2015

by Snell & Wilmer
Contact

Dear Friend of Snell & Wilmer:

The latest edition of Global Connection offers insight into a potential money laundering crackdown in the real estate sector, information on the Federal Trade Commission’s approach to data breach investigations and a legal alert regarding the requirement of a U.S. person with a foreign affiliate to make specific tax filings. These articles demonstrate the continued importance of cyber security measures, as well as highlight new rules and regulations in the United States that have potential impact on companies and individuals abroad.

We hope this edition of Global Connection proves useful as you continue to seek out new opportunities at home and abroad.

Best regards,

Lindsey E. Martínez
Editor 

Money Laundering Crackdown in Real Estate Sector? 

The Director of the Financial Crimes Enforcement Network (also known as FinCEN) recently gave a speech in San Francisco regarding the agency’s investigative priorities. Director Jennifer Shasky Calvery’s comments drew media attention because she mentioned the need for more transparency of real estate transactions negotiated by professionals (like brokers, title companies, accountants and lawyers). Calvery suggested that real estate professionals should perform more due diligence and anti-money laundering (AML) scrutiny of large real estate transactions involving shell companies. For the past decade, federal law enforcement has been more aggressive in pursuing civil enforcement penalties and even criminal prosecution of financial institutions that are involved in aiding and abetting money laundering activities of bank customers. Now, it appears FinCEN has decided to scrutinize the beneficial ownership of real estate purchased and owned by shell companies.

Three months ago, the New York Times published a front-page investigative story that reported about suspected money laundering by international organized crime in the lucrative real estate market of Manhattan. Numerous multi-million dollar real estate transactions were conducted by shell companies that have no business operations or employees. This article may have drawn the attention of regulators and investigators at FinCEN.[1] Just this week, Law360 also published an article entitled “Real Estate Industry Poised for Money Laundering Crackdown.”[2] Shell corporations (often formed as limited liability corporations) do have legitimate business purposes as transactional entities for deals that involve tax reasons, limitations of financial liability and investor privacy. However, federal prosecutors and law enforcement agencies typically find shell companies are often utilized to disguise money laundering and hide illicit proceeds of criminal or fraudulent conduct.

FinCEN’s attention to the real estate market may prompt real estate professionals to do more due diligence and ensure they “know their customer” before engaging in transactions with shell entities. Even though the Bank Secrecy Act (BSA) does not apply to real estate transactions (that do not involve a bank mortgage), the federal money laundering statutes (18 U.S.C. 1956 and 1957) apply to everyone when proceeds from a specified unlawful activity are being used.

The director’s comments may signal a trend in real estate that follows the post 9/11 crackdown of financial institutions who ignore AML obligations (such as preparing suspicious activity reports and filing currency transaction reports) and run afoul of the BSA. Real estate professionals should be cautious of being willfully blind to who their customers are and where the cash is coming from for a lucrative real estate transaction. FinCEN is now looking more closely at these deals.

Note:
[1] The New York Times, “Towers of Secrecy: Stream of Foreign Wealth Flows to Elite New York Real Estate.” By Louise Story and Stephanie Saul (Feb. 7, 2015)
[2] The author of this article was interviewed by Law360’s reporter Natalie Rodriguez.

Inside Insight: How the FTC Approaches Data Breach Investigations

A data breach hurts in a myriad of ways – the tarnished image of the breached company, the diminished consumer trust and the bottom-line impact of remedial costs and lost business. The last thing a company already reeling from a data breach wants to see is a government agency knocking on the door to investigate its data privacy and security practices. Yet, such investigations are increasingly common following data breach disclosures; in the last year, various state Attorneys General, the Department of Health and Human Services and the Federal Communications Commission have all announced data security investigations and/or fines.[1]

On May 20, 2015, the Federal Trade Commission (FTC) provided an overview of what a company can expect if it is the target of an FTC investigation related to data security. In a blog post on the FTC website[2], FTC assistant director Mark Eichorn shed some light on what might otherwise be an opaque process. Once the FTC becomes aware of a breach, it typically will:

  • Conduct informal diligence by reviewing publicly available information or direct company contact;
  • If warranted, open a full investigation, seeking to understand the circumstances surrounding the breach by making formal request for company documents, conducting interviews with knowledgeable interviews and reviewing outside information from vendors or experts; and
  • Evaluate the results and if appropriate, make a recommendation to the Commission to take administrative action or bring a case in federal court.

Eichorn’s post provides some clarity on internal FTC investigation processes, but perhaps more important, it offers insight into the likely posture of the FTC toward the company subject to the investigation. Cooperation is key:

“We’ll also consider the steps the company took to help affected consumers, and whether it cooperated with criminal and other law enforcement agencies in their efforts to apprehend the people responsible for the intrusion. In our eyes, a company that has reported a breach to the appropriate law enforcers and cooperated with them has taken an important step to reduce the harm from the breach. Therefore, in the course of conducting an investigation, it’s likely we’d view that company more favorably than a company that hasn’t cooperated.”

Companies should note that this explanation is similar to guidance issued in April 2015 by the Department of Justice (DOJ), where the DOJ indicated that “companies from regulated industries that cooperate with law enforcement may be viewed more favorably by regulators looking into a data breach.”[3] Likewise, in late May 2015, FBI cybersecurity division Deputy Assistant Director Donald Good spoke at the Financial Industry Regulatory Authority annual conference[4] and clarified that the FBI was now treating breached companies more like victims rather than potentially negligent custodians of personal data. Because the FTC has made it clear that cooperating with law enforcement will be viewed as “an important step to reduce the harm from the breach”, each company should give serious consideration to the amount of cooperation (or lack thereof) it extends to law enforcement following a data breach.

So – can cooperating with law enforcement after a data breach keep the regulators and the civil lawsuits at bay? Probably not. But failing to cooperate may significantly increase the post-breach regulatory scrutiny, thus pouring salt on an already open wound.

Note:
[1] http://www.swlaw.com/blog/data-security/2015/03/06/another-good-reason-to-pay-heed-to-cyber-security/
[2] https://www.ftc.gov/news-events/blogs/business-blog/2015/05/if-ftc-comes-call
[3] http://www.justice.gov/sites/default/files/opa/speeches/attachments/2015/04/29/criminal_division_
guidance_on_best_practices_for_victim_response_and_reporting_cyber_incidents.pdf

[4] http://www.law360.com/articles/660693/fbi-won-t-treat-data-breach-victims-as-targets-official-says

New Requirement to File BE-10: Benchmark Survey of U.S. Direct Investment Abroad

Any U.S. person with a foreign affiliate is required to file the 2014 Form BE-10, Benchmark Survey of U.S. Direct Investment Abroad by June 30, 2015 or face civil penalties between $2,500 and $25,000. Further, a willful failure to file can result in a separate criminal penalty of not more than $10,000 and imprisonment for not more than one year. This penalty structure applies to U.S. persons holding investments and to officers, directors, employees or agents who knowingly participate in such failures. The requirement to file Form BE-10 has caught many persons by surprise because the Form was previously only required to be filed upon request. The original filing date of the 2014 Form was May 29, 2015, but was extended to June 30, 2015 for first time filers.

The instructions to Form BE-10A state that any person who is resident in the United States or subject to the jurisdiction of the United States must file Form BE-10A if such person had direct or indirect ownership or control of at least 10 percent of the voting stock of an incorporated foreign business enterprise, or an equivalent interest in an unincorporated foreign business enterprise, at any time during the 2014 fiscal year. If the U.S. person filing Form BE-10A (termed a “U.S. Reporter”) is a corporation, Form BE-10 must cover the fully consolidated U.S. domestic business enterprise.

Note that the definition of “U.S. person” for this purpose is not the same as the definition of a “United States person” provided for in the Internal Revenue Code in 26 U.S.C.A. 7701(a)(30) for federal income tax purposes. Instead, the instructions to Form BE-10 state that an individual is considered a resident of, and subject to the jurisdiction of, the country in which the individual is physically located, subject to certain qualifications regarding temporary assignments. Thus, it appears that a U.S. citizen who permanently resides abroad does not need to file the current version of Form BE-10A.[1]

A U.S. person’s ownership of foreign real estate, however, is defined as a business enterprise that must be reported as a foreign affiliate, regardless of whether the property is held in a foreign entity. The filing is required unless the property is held exclusively for personal use and not for profit-making purposes. There is some flexibility in the definition of “exclusively” if the property is a personal residence, but is rented out while the U.S. person resides in the U.S.

In addition to Form BE-10A, Forms BE-10B, BE-10C or BE-10D must be filed, as appropriate, for certain foreign affiliates. More than one form may be required to be filed by a foreign affiliate, including for reason that the foreign affiliate operates outside the country of its incorporation. Form BE-13, Survey of New Foreign Direct Investment in the United States, may also be required to be filed in certain circumstances. The completion and filing of Forms in the BE series are overseen by the U.S. Department of Commerce, Bureau of Economic Analysis.

Note:
[1] Such persons may need to file other forms, however, or be subject to civil and criminal penalties, such as Form 5471, Information Return of U.S. Persons with Respect to Certain Foreign Corporations, and Form 8938, Statement of Specified Foreign Financial Assets, among others.

 

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Snell & Wilmer | Attorney Advertising

Written by:

Snell & Wilmer
Contact
more
less

Snell & Wilmer on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):
hide

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.

Security

JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.