In a series of recent conversations with industry colleagues around the world, one of the recurring themes has been the growing risk of regulatory investigation and enforcement action companies outside the U.S. are facing. One very particular aspect of the companies’ growing risk is that it frequently is the case that the increased risk may not be connected to regulators in their home country. Increasingly the source of the risk may involve regulators from the U.S.


The extraterritorial reach of U.S. regulators was on display in a September 17, 2013 article in the New York Times Dealbook column entitled “Wielding Broader Powers, S.E.C. Visits Hedge Funds in London” (here). The article notes that the SEC, which has “actively pursued actions by American banks and other financial institutions overseas, is broadening its reach by asserting its purview to foreign hedge fund managers.” Relying on authority given to the agency in the Dodd-Frank Act, the SEC is “paying visits to more than a dozen hedge fund managers registered with the S.E.C. to determine whether they are in compliance with American regulations.”


According to the article, the agency’s actions are raising “concerns that the visits would lead to the importation of American-style regulation to British hedge funds that have American clients.” The article explains that the actions in London follow increased regulatory activity involving hedge funds in the U.S., including in particular several high profile insider trading prosecutions. The article also explains that the actions arguably are not entirely random as the hedge funds that have been contacted are the ones, for example, with large numbers of U.S. clients. But the information that the agency has requested is “voluminous.”


Another recent article from the New York Times Dealbook column also highlighted the overseas reach of U.S. regulators. A  September 16, 2013 article entitled “Complying with U.S. Tax Evasion Laws is Vexing for European Banks” (here) discusses the difficulties that Non-U.S. banks are having complying with a new U.S. law, the Foreign Account Tax Compliance Act. The article reports that “foreign banks and financial firms are increasingly finding that complying with the law is a major headache.” Among other things, the banks are finding that they must install new computer systems in order to comply with the law’s reporting requirements.


According to the article, the new U.S. tax law


effectively makes all foreign banks and foreign financial institutions arms of the I.R.S. by requiring them to disclose data on American clients with accounts containing at least $50,000, or to withhold 30 percent of the dividend, interest and other payments due those clients and to send that money to the I.R.S. The law applies to banks and financial institutions even if their home countries have secrecy laws. Those that do not comply could face significant fines or be locked out of doing business with American clients.


Nor is this overseas imposition of U.S. regulation on Non-U.S. companies limited just to companies in the financial sector. A September 17, 2013 Wall Street Journal article (here) detailed how the U.S. Food and Drug Administration, as part of its effort to block exports to the United States from the Indian drug manufacturing plant of Indian-based Ranbaxy Laboratories Ltd due to alleged safety violations, the U.S. agency has required the company “to hire a third-party expert to inspect the Mohali facility and certify to the FDA that any violations have been addressed and that the company has processes in place to ensure continuing compliance.”


The extraterritorial reach of the Foreign Corrupt Practices Act has been well-established, with numerous high profile actions involving non-U.S. companies and non-U.S. executives. A recent post on the International Trade Compliance Update blog (here) details recent SEC and U.S. Department of Justice “clarifications on the FCPA’s application to non-U.S. companies.” The blog post explains that “U.S. authorities can more often than not find a jurisdictional ‘hook’ allowing them to pursue an anti-bribery enforcement action, as evidenced by the numerous FCPA cases brought against non-U.S. companies. Furthermore, recent SEC matters involving foreign nationals illustrate the broad interpretation by U.S. authorities of the scope of conduct sufficient to establish personal jurisdiction in the civil context.”


Other examples of the reach of U.S. regulators outside of the U.S. abound. Among more recent examples are the U.S. enforcement actions relating to the J.P. Morgan “London Whale” trades and the Libor manipulation scandal. In both cases the misconduct took place outside the U.S. but the U.S. authorities, rather than deferring to the authorities where the wrongdoing took place, are either taking an active role in the enforcement action or taking the lead.


The long and short of it is that U.S. regulators are actively asserting their authority outside of the U.S. In an environment where there already is a growing perception of increasing regulatory risk, the U.S. authorities’ vigorous assertion of regulatory authority outside the U.S. represents a particularly hazardous part.


These developments not only have important compliance implications for many non-U.S. companies. They also raise important issues about the liability exposures of the potentially affected companies as well as for their directors and officers. The liability exposures include not only the potential regulatory and enforcement risk but also the possibility of follow on civil actions, brought by shareholders or others. The “others” that might bring claims include supervisory board members in those jurisdictions with the dual-board structure.


These issues in turn raise important D&O insurance implications. The issues also present a particularly difficult challenge for D&O insurance underwriters involved in underwriting companies outside the U.S. as they must attempt to understand and anticipate these kinds of actions from U.S. regulators and how they may affect the companies under consideration.


Over the coming weeks, I hope to have several opportunities to discuss these growing regulatory concerns with industry colleagues in Europe, In the U.S. and elsewhere. I think these growing concerns represent a significant development in the world of D&O, with particular importance for those working with companies based outside the U.S. but with significant involvement with U.S. clients and customers.