May 24, 2024
“No man is entitled to the blessings of freedom unless he be vigilant in its preservation.” ~ General Douglas MacArthur | |
In this issue: | |
RFG Calendar | |
[Note: change in webinar title]
|
July 31, 12pm EST/9am PST | REGISTER
November 13, 12pm EST/9am PST | REGISTER |
RFG wishes to thank Amy Mushahwar, Anthony W. Raymundo, and Erich Kaletka of Lowenstein Sandler LLP for this article. Amy is a partner and Chair of the firm’s Data, Privacy & Cybersecurity practice. Anthony is a partner and works with the firm’s Emerging Companies & Venture Capital, Startup, Emerging & Growth Companies, and Venture M&A groups. Erich works on a variety of corporate matters, including fund formation, corporate governance, mergers and acquisitions, and other complex transactions.
Overview. In the rapidly evolving landscape of business communications, the acts of recording and transcribing conversations have become significantly easier than in the past. The shift toward remote work, the growth of video conferencing platforms, Voice over Internet Protocol (VOIP), and the proliferation of artificial intelligence (AI) have all increased ease of recording, making it crucial that companies and individuals are aware of the laws governing such actions.
This article will explore the recording of telephone and other electronically-conducted conversations, with a particular focus on recording in the context of the investment relationship between General Partners (GPs) and Limited Partners (LPs). We will trace recent technological developments that have changed the discussions on these topics, explore the governing laws, and offer advice as to best practices and other important considerations. We will also briefly discuss employee recordings.
From 2019 to 2023, Zoom, the largest video conferencing tool in the U.S. and Europe, grew its revenue an astounding 1,230% to more than $4.5 billion. Key to Zoom’s revenue growth is the ease of business integrations. Zoom integrates with many customer relationship management systems, like Salesforce, enabling features such as automated meeting summaries, bullet-point next steps, full and immediate transcripts, real-time access to these transcripts by multiple employees, and storage of conversations in multiple technology systems. The readily accessible nature of integrated communications platforms like Zoom has led to a dramatic increase in the number of conversations that are recorded and transcribed.
“Organizations need to be fully aware not only of the types of data they are keeping, but also of their obligations to retain and protect data under state, Federal, and international law. As platforms like Zoom become more integrated into operational software, organizations need to have an integrated approach to data storage and security policies,” says Amy Mushahwar, Partner and Chair of the Data, Privacy & Cybersecurity practice at Lowenstein Sandler.
While there are business benefits to recording or transcribing information, potential legal issues should also be considered, such as:
Anyone planning to record or transcribe discussions should evaluate their data protection environment and where they intend to store the transcripts and/or recordings. Since transcript functionality is often automatic, this data can be readily mined by threat actors who are aware of the frequently sensitive nature of transcripts. The implications of this quickly evolving area in companies’ internal policies is crucial. Let’s first start with the law regarding how to obtain consent for these recordings, and we can address the other legal issues from there.
General laws related to recording conversations and the underlying data in conversations. Unfortunately, there are many—sometimes somewhat overlapping—legal requirements that should be considered.
Consent laws: The legality of recording (audio and visual) and/or transcribing conversations depends on the consent laws of the specific jurisdiction(s) where the recording occurs—which are generally the originating and terminating destinations of a call or video call. In the U.S., the recording of conversation is governed by two main systems. Thirty-eight states are “one-party” consent states, while the remainder are “all-party” consent states. Regardless of the type of law in place, consent is only required in situations where a “reasonable expectation of privacy” exists.
In “one-party” consent jurisdictions, a person can legally record any conversation if the person recording is a party to the conversation, or when one of the parties to the communication has given prior consent (as is often the case with employees who are being recorded automatically).
“All-party” consent jurisdictions, on the other hand, require that all participants consent to any recording. Recording without consent in “all-party” states is generally illegal and could lead to criminal charges and/or civil lawsuits for invasion of privacy. One of the most high-profile instances of a criminal telephone recordings matter was the indictment of Linda Tripp for secretly recording her conversations with then-White House intern Monica Lewinsky in 1997 and 1998. Tripp received immunity from criminal charges given her cooperation in the impeachment investigation of former President Clinton and the pivotal role the Lewinsky tapes played in the investigation. With respect to visual recordings, jurisdictions have some requirements regarding visual recording of persons and/or places in specified circumstances, often focused on a reasonable expectation of privacy.
Data retention: Besides consent requirements, other U.S. laws may be relevant—specifically, state laws establishing minimum requirements that apply to entities that hold PII or investment-related information to satisfy state audit requirements. Once data is collected, the storing party may not be able to delete it immediately and should check its applicable retention requirements.
Reasonable security: If a company makes the decision to record conversations, especially those likely to contain sensitive information, there is an obligation to apply reasonable security to such data in accordance with law. For example, an entity would not want staffers to record conversations on their home equipment and keep information archives off a secure enterprise.
Data breach notification: The possibility that recordings might be breached and contain sensitive information that would trigger notification obligations under a partnership contract and/or applicable law presents yet another reason to secure recorded data and delete it after the applicable retention period. Most investor communications are unlikely to involve the disclosure of significant personal information that may create a data breach right, but it is easy to imagine significant discussions regarding an entity’s investment strategy that could be highly confidential and could result in a contractual breach right.
For the European market: The General Data Protection Regulation (GDPR) governs data protection and privacy in the European Union. The GDPR provides very strong privacy protections for individuals, and any recording of conversations would typically require a lawful basis beyond consent—one can view the EU as an “all-party-consent-plus” jurisdiction. Businesses must demonstrate that recording is necessary for a legitimate interest, and even then, they must consider less intrusive alternatives. Under the GDPR, consent must be “freely given, specific, informed, and unambiguous.” This means the person(s) being recorded must have a real choice in giving consent, and a blanket consent could be insufficient. Consent must also be as easy to withdraw as it is to give. Recording parties are required to be transparent about the data they collect. This includes informing recorded participants about why recordings are being made, how they will be used, and how long they will be stored. Alongside the GDPR, individual European countries may implement additional specific laws regarding workplace surveillance and recording. These can vary significantly from one country to another. These other jurisdictions may have similar or more stringent protective requirements. The EU also requires application of reasonable security and notification within 72 hours should a subject’s personal data be accessed or acquired without authorization.
The prudent position, whether in a “one-party” or “all-party” consent framework, would be to require written consent from all parties on the line before recording, and, in an abundance of caution, via contract should a representative forget to obtain consent on the line. Companies must also train employees to store these recordings securely and have secure spaces for them to do so. Companies must also make sure that if one party does not consent to recording on the line, the call is not recorded.
Recording conversations between managers (GPs) and investors (LPs). There are many reasons that GPs may want to record or transcribe conversations. GPs may want to track their performance during pitches and use such materials as a resource to collect sentiment data, or have AI analyze what pitches are most effective or how certain LPs respond to different approaches. Alternatively, they may want to be responsive to client needs, and the recording of conversations can help ensure that all people actively serving their clients are up to speed. The records can be detailed and searchable for all relevant employees. Retention of conversations can also serve important purposes, such as demonstrating that a GP adequately disclosed risks to investments, or otherwise providing support to positions taken in legal disputes.
LPs may want to record or transcribe conversations to ensure that GPs are staying within the agreed-upon investment strategy. LPs may also keep recordings for dispute resolution purposes, to demonstrate due diligence, and to show adherence to or interpretation of contractual terms.
The question as to whether GPs or LPs may record their discussions follows the consent frameworks described above for the U.S. and the EU, and the consequences for a breach of this information by a nefarious actor will follow the data privacy protections outlined above.
Sometimes GPs will seek to obtain a pre-emptive consent in transaction documentation. They may argue that financial services regulations require recording when a legal obligation to do so exists. As a practical matter, in the EU, advice from regulators is that all discussions between GPs and LPs should be recorded. In a consultation paper, the European Securities and Markets Authority (ESMA) states that “it is impossible to appreciate upfront whether the conversation will lead to the conclusion of a transaction.” Therefore, ESMA states that firms are expected to record relevant phone conversations from “start to end.” More specifically, in the EU and the UK, investment advisers are required to record investor calls if these calls involve discussions related to the dealing or arranging of transactions, the provision of investment advice that may lead to a transaction, or with respect to portfolio management. The purpose of this recording requirement is to enhance transparency, facilitate resolution in case of disputes, and provide comprehensive regulatory oversight to ensure that investment advisers comply with regulatory standards.
In the U.S., the SEC, via the Recordkeeping Rule, does not generally require investment advisers to record phone conversations, and GPs are generally not legally required to record conversations with LPs. However, in certain instances (see PDF pg. 43), GPs may be required to keep a record of a conversation, such as when there is a trade or financial transaction or when the call has already been recorded. While enforcement actions surrounding Zoom conversations have not yet been handed down, there is a possibility that the SEC may one day view Zoom meetings as proxies for in-person communication that may be subject to the Recordkeeping Rule.
Regarding oral advertisements by investment advisers, U.S. marketing rules do not explicitly require recordings. The adviser may instead retain a copy of any written or recorded materials used in connection with the oral advertisement. For compensated oral testimonials and endorsements, the adviser may instead make and keep a record of the disclosures provided to clients or investors.
To address practical business needs, both GPs and LPs might want to include a consent provision in transaction documentation. For example, an LP could include in relevant partnership onboarding documents a provision that requires a recording or transcribing GP to obtain written consent from the LP and each staff member in the conversation at least one business day in advance. “On the line or over a Zoom conference, if there is notice to participants that a call is going to be recorded, consent is implied if people on the call do not hang up,” said Mushahwar.
EU law requires that recorded individuals be able to access recordings of themselves: “Records kept … shall be provided to the client involved upon request,” as set forth in Article 16(7) of MiFID II (European Data Privacy Directive). The retention period for these records is five years. Conversely, if an LP were to record a GP’s discussion, the GP could ask for the recording under the Data Subject Access Request. Agreements should make clear that LPs may request their recordings at any time.
Before consenting to a recording, LPs may want to examine what data is collected, who has access, how it is utilized, and how it will be stored. If this scrutiny reveals any potential issues, the LP should have the opportunity to set contractual restrictions and protections on data usage. This proactive approach ensures that data handling aligns with the LPs’ security and privacy requirements. It may also allow LPs to insert additional indemnities (e.g., if there is a data breach), require audits, insert additional restrictions related to authorized access, and insert restrictions as to how the data is used. Recordings could occur in many contexts. However, given the proliferation of integration of video conferencing platforms into CRM programs, parties may want to focus on questions about the general usage and storage of video platforms and CRMs, in addition to more general questions about recordings. Some of those questions could include the following to strike a meaningful conversation regarding this issue and work toward effective policies and procedures.
The bottom line for LPs that want to record conversations. Any LP considering recording or transcribing conversations with managers, GPs, or frankly any other third party, should address these questions:
Is an employee allowed to record and/or transcribe conversations of other employees? Another issue that may arise is employees recording other employees. Given the ease with which employees can record each other, companies should consider having clear policies in place to restrict recordings. Employers in one-party consent states that wish to implement a legally permissible no-recording policy may want to include their legitimate reasons for implementing the policies, e.g., (i) promoting open employee communication in the workplace, (ii) protecting employees’ (and customers’) privacy interests, (iii) protecting the company’s proprietary and confidential information from unauthorized disclosure, and (iv) reducing the company’s legal liability.
Arnold & Porter has been monitoring developments in our nation’s capital over the past few months. This week’s report follows.
BIOSECURE Act advances through committee. On May 15, the House Oversight and Accountability Committee advanced an amended text of the BIOSECURE Act (H.R. 8333/S. 3558) by a vote of 40-1. The BIOSECURE Act would prohibit federal funding for research entities (which could include hospitals and universities) that engage with Chinese biotechnology companies such as BGI, MGI, Complete Genomics, Wuxi Apptec, and any subsidiary, parent affiliate, or successor of such entities. Chair James Comer (R-KY) indicated he expects the bill to receive a vote on the House floor in the next 30 days as part of a broader “China Week.” An earlier iteration of the bill was passed out of the Senate Homeland Security and Governmental Affairs Committee on March 6. Given the bipartisan support and pending floor action, the bill has a significant chance of being signed into law, either as a standalone bill or after being attached to a “must-pass” bill, such as the annual National Defense Authorization Act (NDAA).
For those seeking further explanation on the impact and consequences of the BIOSECURE Act on U.S. pharmaceutical companies, as well as how they can keep up with regulatory developments, see this interview.
House Armed Services Committee holds FY 2025 NDAA markup. On May 22, the House Armed Services Committee (HASC) marked up its version of the FY 2025 National Defense Authorization Act (NDAA), which provides defense authorization funding levels and policy directives. During the markup, HASC generally restricts consideration of amendments outside the Committee’s jurisdiction, which is limited to military and defense policy. As a “must-pass” bill, the NDAA could serve as a vehicle for proposals to limit U.S. investment in China and expand anti-money laundering (AML) and know-your-customer (KYC) requirements. We expect potential amendments to be introduced during House Floor consideration of the NDAA, which has been scheduled for June 10. Additionally, the Senate Armed Services Committee will hold its respective NDAA markups in mid-June.
On May 14th, the U.S. Department of Commerce issued an advisory warning U.S. citizens to be “alert” to the receipt of antiboycott requests from Turkey, which “announced that it will suspend all exports and imports to and from Israel until the Israeli government allows an uninterrupted and sufficient flow of humanitarian aid into Gaza.” Examples of recent boycott requests can be found here. For more information on antiboycott laws, see RFG’s prior article (third story).
RFG recently learned of a service that provides private foundations with benchmarking data on important financial metrics including investment performance, investment expenses, and operational expenses. If you file a form 990-PF, you can obtain this information for free! We wanted to share this resource with our private foundation members—and staff at other members that play a role at a foundation.
“Using information found in form 990-PF, FoundationMark has built the most comprehensive dataset on private foundations available, containing the complete financial statements of all foundations with over $1 million in assets, over 50,000 foundations in total,” says CEO John Seitz. FoundationMark uses this data to provide the nonprofit community with free peer group studies and customized reports.
Trustees and officers can request their report here. Check it out!
Here is a real-life example of a company suing a hedge fund for short-swing profits.
First, some background: Section 16 of the Exchange Act not only triggers reporting requirements, but also requires statutory insiders (which includes 10% shareholders) to disgorge “short-swing” profits earned through purchases and sales of equity securities within six months. A Section 16 “blocker cap” or “conversion cap,” which is sometimes included in various financing deals, seeks to avoid triggering the 10% threshold by contractually prohibiting conversion or exercise of rights to acquire stock to the extent that it would result in the insider becoming a 10% shareholder. Courts determine the validity of blocker caps on a case-by-case basis, weighing the factors particular to each case.
Now for Bed Bath & Beyond’s (BB&B) case against hedge fund Hudson Bay: As Matt Levine explains, shortly before bankruptcy, BB&B entered into a deal with Hudson Bay, where, in essence, Hudson Bay initially paid BB&B $225 million for convertible preferred stock plus warrants (with a Section 16 blocker cap), and BB&B agreed to deliver “some stock, over time, whenever Hudson Bay asked for it. At each delivery, Hudson Bay would get the stock at a discount to the current trading price. So intuitively it would get a little stock, it would sell it, it would come back for a little more stock, etc. Each time, it would sell the stock for more than the (discounted) price it paid for it, so it would make money.” Levine estimates that Hudson Bay made about $84 million in this trading and that if it had done all this at once, it would have owned 73% of BB&B stock. In its lawsuit to recover the short-swing profits from Hudson Bay, BB&B claims that (i) Hudson Bay used deceptive calculations on its holdings, (ii) the blocker cap was not enforced, and (iii) Hudson Bay repeatedly exceeded 10% in its holdings. Further, BB&B claims Hudson Bay’s profits were more like $300 million under Section 16 rules defining “profits.” Stay tuned.
Private credit continues to expand. Blackstone reports a “dramatic increase in demand,” particularly in loans to infrastructure businesses, clean energy projects, and digital communications. Apollo expects to originate $200 billion a year in new loans. Meanwhile, Goldman Sachs is stepping into the space left by last year’s collapse of regional banks after purchasing a $15 billion portfolio of loans from the failed Signature Bank during an FDIC auction. “The focus is to lend to large alternate asset managers, private equity sponsors… to create more stable revenue in our global banking and markets businesses,” a Goldman spokesman said. In comparison, America’s largest bank, JPMorgan Chase, holds $699 billion in non-consumer loans. However, the Wall Street Journal reports that big asset managers—such as Blackstone, BlackRock, and KKR—now control over two times the assets of U.S. banks, with the top firms even holding amounts higher than the GDP of some countries. With the growth of the asset firms comes a push into products traditionally offered by banks, essentially turning the investment companies into complex “financial supermarkets, mostly for institutions and the wealthy, but increasingly for middle-class investors as well.” WSJ notes that similar consolidation among banks occurred in the decade leading up to the 2008 financial crisis.
Understandably, some big banks are not excited about private credit taking over their turf. JPMorgan CEO Jamie Dimon warned in his annual shareholder letter that “the weaknesses of new products, in this case private credit loans, may only be seen and exposed in bad markets, which private credit loans have not yet faced.” Still, the bank’s different divisions are sending mixed messages: the Asset Management Group sees a rising default risk in the private credit market, but the Wealth Management Group says those concerns are overstated.
Other banks are eager to partner with their private credit counterparts. Wells Fargo and Centerbridge Partners, Société Générale and Brookfield Asset Management, and Barclays and AGL Credit Management have allied, giving the private credit firms access to the banks’ client lists while allowing banks to offer their clients access to more financing.
Regulators unsurprisingly seek more control. In May 17 remarks, Treasury Secretary Yellen urged Congress to provide her agency with more authority over nonbanks, particularly the nonbank mortgage industry. Yellen said that nonbanks are “especially susceptible to macroeconomic fluctuations in the housing market,... are more reliant than depository institutions on the value of mortgage servicing rights,... [and] can have high leverage, short-term funding, and operational risks.” Yellen said that in 2022, nonbanks originated approximately two-thirds of mortgages and serviced the majority of mortgage balances.
Subsequent to the meeting, FSOC published its 2024 Report on Nonbank Mortgage Servicing, which outlines the sector’s strengths and vulnerabilities. It also recommends that Congress establish an industry-financed fund for failing nonbank mortgage servicers, and give the Federal Housing Finance Authority and Ginnie Mae expanded regulatory oversight of nonbank lenders. Karen Petrou of Federal Financial Analytics says FSOC’s proposal shows that the Council has no real solutions to offer for systemic risk, and instead plans to rely on the American taxpayer to bail out companies and their investors when failures occur.
Finally, Moody’s in-depth examination of the state of the global private credit market says that the private credit industry has doubled in size since 2018 to $1.7 trillion, and will probably double again in the next four years. This high rate of growth will most likely lead to performance differentiation as some direct lenders manage credit and other risks better than others. Any sort of downturn will provide ammunition for Yellen and other regulators as they seek greater control over the industry.
Using holdcos in NAV facilities. A Proskauer and William Blair white paper explores how borrowers and lenders use holding company structure—in which one or more entities “below” the fund enter into the financing in order to shield tax-exempt investors from UBTI—to navigate collateral considerations and work with LPA terms. The paper also addresses how and when to (i) use fund-level guarantees and equity commitment letters, and (ii) use holdco structures to avoid concentration risk.
Asset-backed lending. A Castlelake white paper breaks down the strategy of asset-backed lending, in which a lender is repaid by contractual cash flow generated by a defined pool of collateral.
Marketing Rule challenges for private credit managers. The SEC’s Marketing Rule FAQ says that gross and net performance shown in an advertisement must always be calculated using the same methodology and over the same time period. Dechert says this poses a problem for private credit managers, because “unlike a buyout fund that makes a single investment funded by a subscription line and calls capital for that investment from LPs at a later date, private credit managers that utilize subscription lines typically draw on the line to fund multiple transactions without tying capital calls to specific transactions. Consequently, there is no easy way for private credit managers to calculate net performance based on the time of investments.”
Secondaries financing considerations. As secondary fund fundraising continues at a “record-breaking” pace due to the current downturn of exits and IPOs in the M&A market, Proskauer provides a guide for investors, fund managers, and lenders that explains all angles of debt financing in LP- or GP-led secondary transactions.
“Change of control” subject to technicality? When a portfolio company is offloaded to a continuation fund, “change of control” provisions in the company’s loan documentation apply. Usually this means that all amounts outstanding at the portfolio company are immediately due and payable. Dechert points out that a flexible definition of “Sponsor” as it applies in this context could fail to trigger the prepayment obligation, potentially undermining the lenders’ ability to demand payment.
Earlier this month, Johnson & Johnson announced a multibillion-dollar settlement over allegedly carcinogenic talcum powder. The Financial Times reports the company characterized the suit as frivolous and, notably, took a jab at “the unregulated and surreptitious financing of product litigation by financial institutions, including private equity and sovereign wealth funds.” Then last week, J&J went to federal court to subpoena Fortress Investment Group, which houses the plaintiffs’ backers—litigation funder Fortress Legal Assets. J&J asserts Fortress funding “distorted the bargaining process, with lawyers taking extreme positions because of the financial return requirements of their sponsor,” thus preventing a quicker settlement.
One mass tort expert interviewed by FT notes that case resolution has less to do with the quality of a plaintiff’s claims than how much pressure attorneys can exert on companies to settle. Ultimately, this is what litigation finance underwrites, and corporations are viewing this as a growing threat.
Indiana PE healthcare acquisition notification requirements. RFG has written about the growing state focus on acquisitions of healthcare entities by private equity firms. This week, Goodwin writes, “As of July 1, 2024, Indiana will join a growing number of states that have adopted advance notification and review requirements for certain healthcare transactions. Indiana’s law is broad enough to require ninety (90) days of notice for even relatively small healthcare entity transactions, including those involving private equity firms. However, SB 9 functions primarily as a notice regime and does not confer new powers to the Indiana Attorney General to block or delay transactions.”
Dutch football team in limbo over possible financing from sanctioned oligarch. The Dutch government is investigating possible financing ties between the Russian owner of football team Vitesse Arnhem and sanctioned Russian oligarch Roman Abramovich. (The EU sanctioned the oligarch in 2022, and information about his loans that enabled the purchase of the team have come to light in leaked documents known as the Cyprus Confidential files.) The Dutch Football Association, citing “indications” that Abramovich controlled the club and still maintains a secret financial connection, has removed the club from the Eredivisie (the top division). The Guardian writes that the club may face bankruptcy, could lose its license, and is anxiously searching for a new owner.
What to do with their equity when a management team member leaves? Goodwin explores some options for a portfolio company’s management team when an employee departs. The firm cites problems with both note and cash repurchases of an employee’s interest granted by the sponsor as compensation, and suggests an “equity freeze” as a better solution.
SIFMA explores shared ledger technology for multiasset transactions. SIFMA recently announced an initiative to explore the feasibility of a shared ledger to settle tokenized multi-asset transactions on a 24/7, programmable shared ledger.
Buyouts vs. growth equity transactions. A Goodwin article explains the structural nuances, risk considerations, and strategic objectives of M&A buyouts (majority ownership and full control) versus growth equity transactions (partnership without full control). Factors discussed include alignment of interests, capital adjustments at close, transaction expenses, risk mitigation (indemnities and RWI), and governance.
Copyright © 2024 The Regulatory Fundamentals Group LLC, All rights reserved. This material has been prepared exclusively for RFG Pathfinder® members and may not be distributed further without RFG’s prior written consent. RFG provides this material for the purpose of allowing clients to better identify issues concerning complex investment requirements. This material does not offer legal advice or legal services and the contents are not a substitute for legal counsel. If legal advice is required relating to a particular matter, an attorney should be consulted. RFG expressly disclaims all liability concerning actions taken or not taken based on this material. |
RFG Weekly Roundup – May 24, 2024 |