Insights

On January 14, 2026, State Senator Zellnor Myrie proposed legislation in the New York State Senate that would amend New York law to make it a criminal offense to operate a virtual currency business in New York without the proper license. By introducing the possibility of criminal penalties, Senate Bill S. 8901, the Cryptocurrency Regulation Yields Protections, Trust, and Oversight Act (CRYPTO Act), would mark a significant regulatory shift in the state’s oversight of virtual currency businesses, given New York’s prominence in virtual currency regulation in the U.S.

AI tools have significantly transformed how companies operate, but they come with serious legal risks that are only now taking shape. A recent ruling by a federal judge in the U.S. District Court for the Southern District of New York highlights one such risk: certain inputs and outputs from commercial AI models may not be considered privileged attorney-client communications or protected by the work-product doctrine.

On January 29, 2026, the U.S. Department of Justice (DOJ) Antitrust Division (Division) and U.S. Postal Service announced the first-ever payment under the antitrust whistleblower rewards program, awarding $1 million to an individual whose information led to a $3.28 million fine as part of a deferred prosecution agreement with EBLOCK Corporation, an online auction platform for used vehicles.

On January 13, 2026, Miami-based pharmaceutical wholesaler Atlantic Biologicals Corporation entered into a two-year DPA, admitting to conspiracy to distribute and dispense controlled substances, including more than 14 million opioid doses to “pill mill” pharmacies in Texas at a markup. The DOJ and DEA underscored the company’s deliberate evasion of compliance checks and disregard for red flags signaling diversion.

On January 8, 2026, the Trump Administration announced the creation of a new Division for National Fraud Enforcement within the Department of Justice (DOJ). The division will be led by a newly appointed Assistant Attorney General (AAG), pending Senate confirmation, who will report directly to both the President and Vice President and operate out of the White House. Such a reporting structure is unprecedented in the history of the DOJ.

On January 5, 2026, District of Colorado Magistrate Judge Cyrus Chung issued a recommendation that the district court grant a motion to quash a Department of Justice (DOJ) administrative subpoena that sought records about the provision of gender-related care by Children’s Hospital Colorado (Children’s) in In re: Department of Justice Administrative Subpoena No. 25-1431-030, U.S. District Court for the District of Colorado, No. 1:25-mc-00063. The court concluded that the DOJ had failed to carry its “light” burden, noting that no other courts that had considered the more than 20 similar subpoenas issued by DOJ had ruled in the DOJ’s favor.  

On December 19, 2025, the Department of Justice (DOJ) announced a $54.4 million settlement with Ceratizit USA, LLC, a distributor of tungsten carbide products, resolving allegations that the company violated the False Claims Act (FCA) by evading customs duties on products imported from China. This settlement is believed to be the largest ever customs-related FCA resolution, and this high-water mark underscores the government’s heightened enforcement focus on tariff evasion.

On October 3, 2025, the Sixth Circuit reaffirmed that the attorney-client privilege and the work-product doctrine protections apply to materials created during attorney-led internal investigations. In re FirstEnergy Corp., No. 24-3654 (6th Cir. Oct. 3, 2025).

U.S. Government and private sector sources continue to report efforts by Democratic People’s Republic of Korea (DPRK) nationals to infiltrate companies around the world by posing as information technology (IT) professionals, in order to get hired by U.S. and other businesses and gain access to sensitive company systems. Crowdstrike, a U.S. cybersecurity company, has reported a 220% increase in the number of companies infiltrated by North Korean threat actors over the last 12 months. In particular, a DPRK-affiliated group known as “Famous Chollima” has leveraged artificial intelligence and deepfake technology to generate synthetic identities, as well as resumes and CVs, draft communications, and conduct job interviews. Enforcement actions brought by the U.S. Department of Justice identify victims in the cryptocurrency sector, including decentralized finance (“DeFi”) projects. In addition, media reports indicate that North Korean hackers are purportedly offering fake job offers targeting employees in the cryptocurrency sector, with the goal of stealing crypto.

On August 19, 2025, the U.S. Senate Committee on Finance (“Senate Finance Committee”) sent Paul Atkins, Chairman, U.S. Securities and Exchange Commission (“SEC”) a letter calling on the SEC to investigate White River Energy Corp (“White River”). In the letter, the Senate Finance Committee confirmed a criminal investigation into White River related to the sale of so-called “tribal tax credits” that according to both Congress and the IRS, do not exist. The letter further states that White River allegedly earned millions of dollars selling these credits and has not been forthcoming with investors regarding the existence of the criminal investigation. According to the Senate Finance Committee, White River has failed to file financial disclosure documents with the SEC since March 15, 2024, missing six consecutive reporting periods. The letter instructs White River to disclose the existence of the DOJ criminal tax investigation, and calls on the SEC to take action if White River fails to do so.

On August 29, 2025, the Department of Justice (DOJ) and the Department of Homeland Security (DHS) launched a cross-agency Trade Fraud Task Force to expand efforts to target importers and other parties committing trade-related fraud. As stated in a press release issued on August 29, the Task Force will augment the existing coordination mechanisms within the DOJ and DHS, for instance through partnerships with CBP and Homeland Security Investigations, to “aggressively” take enforcement measures against parties that commit tariff evasion or attempt to smuggle prohibited goods into the U.S.

On August 19, 2025, the Office of Personnel Management (OPM) informed insurers participating in the Federal Employees Health Benefits or Postal Service Health Benefits programs that gender-affirming care would no longer be covered for federal workers starting in 2026. This coverage decision is the Trump Administration’s latest action stemming from Executive Order 14187 which aims to prevent certain treatments, such as gender-affirming hormone therapy, surgeries, and puberty blockers for those under the age of 19. As previously discussed, the Administration has also signaled its intent to use various law enforcement tools against gender-affirming care, including  Section 5 of the Federal Trade Commission Act to police false or unsupported claims by medical professionals about gender-affirming treatments.

On August 11, 2025, the U.S. Department of Justice (“DOJ”) announced that it had unsealed an indictment against two Mexican businessmen for alleged violations of the Foreign Corrupt Practices Act (“FCPA”).  DOJ asserts that the defendants, both Mexican nationals living in Texas, paid bribes to officials at Petróleos Mexicanos (“PEMEX”), and its subsidiary, PEMEX Exploración y Producción (“PEP”) to secure contracts worth an estimated $2.5 million.  These charges come amidst a period of uncertainty regarding FCPA enforcement following the Trump administration’s temporary pause on FCPA enforcement and the subsequent issuance of new investigation and enforcement guidelines.

On July 28, 2025, Cadence Design Systems Inc. (“Cadence” or “the Company”), a global electronic design automation (“EDA”) technology company based in San Jose, California, agreed to plead guilty in a settlement with the U.S. Department of Justice’s National Security Division (“NSD”) and the U.S. Attorney’s Office for the Northern District of California. Through its guilty plea, Cadence agreed to resolve charges that it committed criminal violations of export controls by selling EDA hardware, software, and semiconductor design intellectual property (“IP”) technology to the National University of Defense Technology (“NUDT”), a Chinese military university on the U.S. Entity List since 2015 due to its involvement in military and nuclear simulation activities. In addition, Cadence simultaneously resolved a civil enforcement action brought by the U.S. Department of Commerce, Bureau of Industry and Security (“BIS”) related to the same underlying conduct.

On July 29, 2025, Attorney General Pam Bondi issued new guidance to all federal agencies entitled “Guidance for Recipients of Federal Funding Regarding Unlawful Discrimination” (“Guidance”). The Guidance purports to “clarif[y] the application of federal antidiscrimination laws to programs or initiatives that may involve discriminatory practices, including those labeled as Diversity, Equity, and Inclusion (‘DEI’) programs.” It declares that “[e]ntities receiving federal funds . . . must ensure that their programs and activities comply with federal law and do not discriminate on the basis of race, color, national origin, sex, religion, or other protected characteristics,” and identifies a series of “‘Best Practices’ as non-binding suggestions to help entities comply with federal antidiscrimination laws and avoid legal pitfalls.” The Guidance is the most comprehensive articulation of the Administration’s view of what constitutes unlawful DEI released since President Trump’s Executive Order, Ending Illegal Discrimination and Restoring Merit-Based Opportunity, issued on January 21, 2025.

Current political priorities in Congress will continue to push many industries under the microscope of Congressional investigations, including universities, tech companies, entities that receive federal funds, and energy-sector companies. When the chambers of Congress and the executive branch are controlled by the same party, Congressional oversight of the executive branch is less intense and instead public and private sector, state, and local entities are more likely to find themselves in the crosshairs. If a chamber of Congress changes hands in the midterm elections, the focus of the oversight may shift to reflect the policy priorities of the moment and include more executive branch oversight, but even the executive branch is often contending with requests for information that may implicate their dealings with third parties; for example, there is a risk that agency oversight triggers requests for privileged material belonging to a government contractor or grantee. The topics and industries of highest interest may play musical chairs, but entities across sectors would do well to incorporate a few best practices that will mitigate their risk should they end up in the hot seat, either directly or through a government partner.

Briefing. The Trump administration continues to raise the stakes for importers and other actors in the international trade space. Bloomberg Law reports that the Department of Justice has tasked its MIMF (Market Integrity and Major Frauds) Unit with investigating fraud schemes by companies dodging U.S. tariffs. The MIMF Unit is already well-versed in financial fraud investigations, is set to grow significantly with the addition of prosecutors previously assigned to consumer protection matters, and now is shifting resources to tariff evasion cases.

On July 8, 2025, the Department of Justice Antitrust Division announced a new program to provide rewards to individuals who report antitrust violations related to the Postal Service. This is the first program of its kind to provide a monetary reward to individuals who assist in the prosecutions of antitrust crimes. Under the new initiative, whistleblowers will have the opportunity to receive up to 30% of any criminal fines recovered for violations affecting the Postal Service, its revenues, or its property. 

 

On June 9, 2025, U.S. Department of Justice (“DOJ”) Deputy Attorney General Todd Blanche issued new Foreign Corrupt Practices Act (“FCPA”) enforcement guidelines (“the Guidelines”). DOJ issued the Guidelines in response to the Trump Administration’s February 2025 Executive Order (“EO”), which paused FCPA enforcement pending the issuance of new guidance from the Attorney General. The new Guidelines resolve lingering doubts about the future of FCPA enforcement under the Trump administration and provide important insights into the key factors DOJ will consider when deciding whether to pursue FCPA investigations or enforcement actions.