The Consumer Financial Protection Bureau (“CFPB”) recently issued 293 pages of proposed changes (the “Amendments”) to the federal mortgage disclosure requirements it propounded in October 2015 commonly known as the TILA/RESPA Integrated Disclosure (“TRID”) or “Know Before You Owe” rule.  The changes are many, but the rulemaking is not intended to review policy decisions behind

On July 14, 2016, the Securities and Exchange Commission announced the settlement of an enforcement action against RiverFront Investment Group (“RiverFront”), an investment advisory firm, for failing to properly prepare clients for transaction costs.

At issue is a wrap fee program, in which a subadviser uses a sponsoring brokerage firm to execute their trades on

The Department of Justice has raised the bar on penalties for violations of federal immigration law.  On June 30, 2016, DOJ issued an interim final rule that goes into effect on August 1, 2016.  This rule, implemented as an inflation adjustment, increases the fines for employing unauthorized workers, for Form I-9 paperwork violations, and for

In April 2016, the Department of Justice (DOJ) announced its Foreign Corrupt Practices Act Enforcement Plan and Guidance, which includes a one-year pilot program to incentivize individuals and companies to voluntarily self-disclose Foreign Corrupt Practices Act-related (FCPA) misconduct, cooperate with DOJ investigations and remediate controls and compliance programs.  Under the guidance, the DOJ may

With policyholders facing increased losses from hacking and business email compromise, insurers are fighting hard to escape their obligations under financial institution bonds, crime policies and cyber insurance policies. In a case that  bolsters policyholders seeking coverage for digital fraud, the U.S. Court of Appeals for the Eighth Circuit held that a bank’s financial institution bond provided coverage for losses arising from the fraudulent transfer of $485,000 by computer hackers to a foreign bank, even though the bank’s employees were negligent in securing the bank’s computer network.
In its May 20 decision, issued in State Bank of Bellingham v. BancInsure, Inc., No. 14-3432, — F.3d —, 2016 WL 2943161 (8th Cir. May 20, 2016), the Eighth Circuit affirmed the District Court’s conclusion that the efficient and proximate cause of the loss was the criminal activity of the third-party hackers.
The Underlying Breach and Loss
In October 2011, an employee of the State Bank of Bellingham (the “Bank”) completed a wire transfer, which required several security steps, including the entry of the names and passwords of two Bank employees and the insertion of two physical tokens.  At the end of the work day, the employee left the two tokens in the computer and left the computer running.  Prior to the wire transfer, a Zeus Trojan horse virus had infected the Bank’s computer system.  This virus then allowed a computer hacker to access the Bank’s network and transfer funds to accounts in Poland (the “Loss”).
The Bank held a financial institution bond issued by BancInsure providing coverage for losses such as those arising from dishonesty and computer systems fraud.  The Bank submitted a claim and proof of loss to BancInsure seeking coverage for the Loss.  BancInsure denied coverage, relying on exclusions for (a) employee-caused losses, (b) theft of confidential information, and (c) mechanical breakdown or deterioration of a computer system.
The Litigation and the District Court Decision
The Bank filed suit seeking damages for the insurer’s breach of contract.  The U.S. District Court for the District of Minnesota granted the Bank’s motion for summary judgment, holding that the “computer systems fraud was the efficient and proximate cause of [Bank’s] loss,” and “neither the employees’ violations of policies and practices … the taking of confidential passwords, nor the failure to update the computer’s antivirus software was the efficient and proximate cause of [Bank’s] loss.”
The Eighth Circuit Decision

Recently, the Supreme Court handed down its much-anticipated opinion in Universal Health Services, Inc. v. United States ex rel. Escobar et al.—a case addressing the viability of the implied certification theory in FCA litigation.  Justice Thomas, writing on behalf of a unanimous Court, found that the implied certification theory can in fact serve as