Phil Mattera

Biometric Battles

The Alabama IVF court ruling and the move for a national abortion ban highlight the rising threat to reproductive freedom. Another battle over bodily autonomy is taking place in the corporate world. It revolves around the question of whether companies have the right to gather biometric information about employees or customers without their full consent.

Collection of fingerprints and voiceprints is not as oppressive as restricting the right to terminate a pregnancy, but it raises a legitimate privacy concern nonetheless. This is especially true as more companies embrace facial recognition, iris scanning and the like.

Disputes over biometric data collection frequently end up in court, where plaintiff lawyers bring class action claims and often win substantial settlements. For example, the Presence Health Network in Illinois just agreed to pay $2.6 million to settle litigation alleging that the privacy rights of employees were violated by requiring them to scan their fingerprints for timekeeping without first obtaining consent.

Violation Tracker documents 30 similar fully resolved lawsuits with total settlements of $1 billion. These cases are typically brought under the Illinois Biometric Information Privacy Act, a 2008 law that is the strictest in the nation. BIPA cases can be brought in state court in Illinois, but in certain circumstances they can be filed in federal court.

Some of the biggest settlements have come in federal cases. The largest of all is the $650 million payment by Facebook in 2021 to resolve claims that its collection of facial data from users violated BIPA. The following year TikTok paid out $92 million in a similar case.

The largest state court settlement was the $100 million paid by Google in connection with facial data collected by its photo service. In another state case, Six Flags agreed to pay $36 million to resolve claims it improperly collected fingerprint data from pass-holders.

Large employers which have entered into biometric settlements include Walmart, which paid $10 million to resolve claims it improperly collected worker handprints, and the Little Caesar pizza chain, which agreed to pay nearly $7 million to settle litigation alleging it violated BIPA by using a fingerprint-based timekeeping system without getting informed consent from employees.

BIPA lawsuits rarely go to trial. The risks for companies of refusing to settle are illustrated by a case brought against BNSF by a class of 44,000 truck drivers who claimed the railway company improperly collected their fingerprints. In 2022 a federal jury found in favor of the plaintiffs and awarded up to $228 million in damages. That award was thrown out for technical reasons, but the company recently agreed to settle the matter for $75 million.

Cases arising out of BIPA have prompted other states to consider adopting their own biometric privacy legislation, yet none have begun to match the Illinois law. Efforts in Congress to pass a national law have also made little progress.

For now, BIPA class actions are the main thing standing in the way of the corporate effort to turn us all into human bar codes.

PFAS Payouts

BP and its drilling partners were hit with over $60 billion in fines and settlements in connection with the 2010 Deepwater Horizon disaster in the Gulf of Mexico. That remains the largest payout in any environmental case, but the legal costs associated with another issue are starting to catch up.

That issue is the widespread contamination of drinking water supplies with synthetic chemicals called per- and polyfluoroalkyl substances (PFAS). These substances, which are considered possible carcinogens, do not break down in the body or the environment and thus have been dubbed forever chemicals. Detectible level of PFAS can be found in just about everyone alive.

PFAS cases first gained attention in relation to the effort in West Virginia, dramatized in the film Dark Waters, to hold DuPont accountable for contaminating water with chemicals used as coatings for non-stick cookware. In 2017 DuPont and its spinoff Chemours each paid $335 million to settle litigation over the issue.

Now the settlement amounts have grown larger. Last year, 3M agreed to pay over $10 billion to public water suppliers around the country. The case is awaiting final court approval.

Final approval was recently given to a $1.85 billion settlement reached by DuPont, Chemours and DuPont’s other spinoff Corteva with a group of municipal water suppliers relating to contamination caused by PFAS in firefighting foam.

There have also been numerous settlements below $1 billion but still substantial. Last year the Belgian chemical company Solvay agreed to pay $393 million to the state of New Jersey for PFAS contamination at a plant in Gloucester County. The footwear company Wolverine World Wide paid a total of $96 million in two lawsuits connected to contamination in Michigan.

Saint-Gobain Performance Plastics, Honeywell International and 3M agreed to pay a total of $65 million in another firefighting foam case in upstate New York. DuPont is also a defendant in the case but has refused to settle.

It is encouraging to see these companies held responsible for their role in the proliferation of PFAS, but it is unclear whether the payouts will be sufficient to pay for the long-term cost of exposure to the chemicals. That is because we still don’t know the full extent of contamination, and there is growing evidence that the problem is massive. For example, NRDC has just come out with a report estimating that in California alone, water systems serving some 25 million residents—over 60 percent of the state’s population—are contaminated. The levels are likely higher in other parts of the country that have been less aggressive in limiting PFAS use.

Under pressure from lawsuits, regulators and activists, many companies have been phasing out their use of the chemicals. 3M has promised to cease its use of PFAS by the end of 2025. Yet many products containing the chemicals are still being imported from countries with less restrictive practices.

The Deepwater Horizon disaster caused widespread harm in the Gulf of Mexico and the communities along its shores, but the scope of PFAS contamination appears to be much wider and could end up standing with global warming as the two leading environmental crises of our era.

Blowing the Whistle on Procurement Fraud

A federal judge recently ordered Gen Digital Inc. to pay $53 million in damages for cheating the federal government. The case against the company—formerly known as NortonLifeLock, a spinoff of Symantec Corp.—originated in a lawsuit filed by whistleblower Lori Morsell, who stands to receive a share of the payout. While working at Symantec more than a decade ago, Morsell discovered that the company was failing to provide federal agencies the discounts it made available to other customers.

Gen Digital is the latest in a long line of federal contractors whose misconduct has been punished through what are known as qui tam lawsuits. (Qui tam is derived from a Latin phrase meaning “who sues on behalf of the king as well as for himself.”) These are cases enabled by the False Claims Act in which someone with information about fraud against a public entity can file a suit on behalf of the government. The practice in the U.S. dates back to the Civil War era.

In many situations, the Justice Department will choose to intervene in the matter, in effect taking over the prosecution, but the whistleblower is typically awarded a portion of the damages or settlement. A large portion of the more than 2,500 False Claims Act cases documented in Violation Tracker, which account for $60 billion in penalties, began as qui tam actions.

Federal prosecutors do not intervene in every whistleblower case. Given that the plaintiff may not have the resources to pursue the matter independently, most of these cases end up being dropped. Yet substantial settlements are sometimes achieved without government involvement, though the feds share in the proceeds. Here are some examples.

In 2022 State Farm Fire & Casualty Co. agreed to pay $100 million to settle allegations it violated the False Claims Act in connection with claims improperly submitted to the National Flood Insurance Program after Hurricane Katrina.

In 2011 Medline Industries agreed to pay $85 million to settle allegations that it violated the False Claims Act by paying illegal kickbacks to healthcare providers who purchased its medical supplies using federal funds.

In 2016 Novartis agreed to pay $35 million to settle allegations it violated the False Claims Act by marketing the eczema cream Elidel for use on infants, even though it was only approved for older patients.

Also in 2016, Ocwen Loan Servicing agreed to pay $30 million to settle allegations that two of its subsidiaries violated the False Claims Act by submitting incorrect information to the Treasury Department’s Home Affordable Modification Program.

Successful qui tam cases have become so common that it is easy to take them for granted and assume that this practice is widespread in other countries. That is not the case, even in the United Kingdom, where the practice originated centuries ago but later fell into disuse.

This could change. Recently, Nick Ephgrave, the director of the UK’s Serious Fraud Office gave a speech in which he endorsed the idea of compensating whistleblowers. Such a move would give a major boost to the prosecution of procurement fraud in the UK, which lags far behind the United States in dealing with this perennial problem.

Back here, the legal status of whistleblowers has been strengthened even as the power of regulatory agencies has been challenged. This applies both to False Claims Act cases and those brought under other laws with whistleblower provisions, such as the Sarbanes-Oxley Act. Recently, the U.S. Supreme Court ruled unanimously that whistleblowers seeking compensation after being fired for exposing misconduct do not need to prove an employer acted with retaliatory intent.

The U.S. has a long and impressive history of using qui tam whistleblower cases to fight corporate fraud against the public. The UK would do well to revive its own use of this effective tool.

Tax Credits and Fraud

The relentless corporate pursuit of special tax breaks is bad for the fiscal health of cities and states, but it is usually completely legal. An exception to this rule is taking place in New Jersey, where a well-connected company has been the target of a criminal investigation.

Holtec International, the company in question, is involved in various energy-related businesses, including the decommissioning of defunct nuclear power plants. In 2014 it was the recipient of a $260 million tax-related subsidy from the Grow New Jersey Assistance Program to create jobs at a facility in the struggling city of Camden. As the advocacy group New Jersey Policy Perspective pointed out, the deal had weak provisions relating to local hiring, training programs and even the number of jobs the company would actually have to create to get the tax benefits.

Despite benefitting from that largesse, Holtec got itself in trouble when it allegedly tried to cheat a different tax incentive program, the Angel Investor Tax Credit. The company qualified for a credit based on a $12 million investment it made in the battery company Eos Storage. That credit is capped at $500,000.

According to the New Jersey Attorney General Matthew Platkin, Holtec sought to circumvent that limit by trying to make it appear that it and a related company called Singh Real Estate Enterprises had each separately invested $6 million in Eos and thus could each claim the $500,000 credit. Holtec allegedly did so by submitting misleading documents to the state’s Economic Development Authority (EDA).

In announcing the resolution of the case against Holtec, the AG recently said: “We are sending a clear message: no matter how big and powerful you are, if you lie to the State for financial gain, we will hold you accountable — period.”

Yet Holtec is getting off easy. The AG allowed the company to enter into a deferred prosecution agreement instead of facing criminal charges. Under that agreement, Holtec must pay $5 million in penalties, forgo the angel investor credit and retain an independent monitor to oversee future dealings with the state.

Instead of showing appreciation for the leniency agreement, Holtec issued a sharply worded statement alleging that the entire investigation was retaliation after the state failed in a previous legal action against the company relating to that $260 million subsidy deal. The EDA had sought to rescind the award because the agency said it belatedly discovered that the company’s original application had not disclosed a disciplinary action brought against it by the Tennessee Valley Authority. That action, a temporary debarment, stemmed from a case in which Holtec was linked to improper payments made to a TVA manager to help secure a contract.

Holtec’s claim that its failure to mention the TVA debarment was inadvertent was accepted by the New Jersey courts and the tax credit was upheld.

This entire episode should serve as a reminder of the drawbacks of a system in which companies come to believe they have an absolute entitlement to tax breaks—and states don’t do enough to monitor the eligibility of applicants and the compliance of recipients. It also raises the question of whether there is more fraud in the economic development subsidy system than we have assumed.

Philips Exits a Scandal-Ridden Business

It has taken a long time, but Royal Philips finally did the right thing with regard to its troubled machines for sleep apnea and other respiratory problems: the company has stopped selling the devices in the United States.

The Dutch company took the step as part of a settlement it has been negotiating with the Justice Department and the Food and Drug Administration, which pressed the company to deal more aggressively with a longstanding defect in its continuous positive airway pressure (CPAP) machines. The problem stemmed from an industrial foam used in the devices to reduce noise but which could break apart and cause users to inhale potentially dangerous particles.

This issue has been known for years. In 2021 Philips voluntarily recalled several million devices, but it appears the company was aware of the foam problem long before taking that action. An investigation by ProPublica and the Pittsburgh Post-Gazette found that the company was receiving complaints as early as 2010, yet it failed to make the FDA aware of the magnitude of the problem as the volume of those complaints reached into the thousands: “Again and again, previously undisclosed records and interviews with company insiders show, Philips suppressed mounting evidence that its profitable breathing machines threatened the health of the people relying on them, in some cases to stay alive.”

Philips is likely to end up paying billions of dollars in legal settlements. It has already agreed to a $479 million settlement with plaintiffs claiming economic damages from having to replace defective machines affected by the recall. Tens of thousands of personal injury cases have been filed and will probably get aggregated. The monetary penalties in the settlement with the Justice Department are not yet known.

This scandal is a major blow to the reputation of a company once known for benign products such as electric shavers and video cassette recorders. Yet in recent years the company has had other problems as well. As documented in Violation Tracker, it has paid over $450 million in fines and settlements over the past two decades.

About half of this total comes from cases involving alleged price-fixing of electronic equipment, and $62 million comes from a Foreign Corrupt Practices Act case stemming from allegations of making improper payments to officials in China to promote sales of medical equipment.

Another $151 million in penalties stems from False Claim Act cases in which the company was accused of defrauding the federal government. Half a dozen of these cases involved the Respironics business Philips acquired in 2008 as its way into the CPAP field. Philips paid over $50 million to settle allegations that it gave illegal kickbacks to medical equipment suppliers to induce them to order its products.

Given this track record, the accusation that Philips tried to cover up the magnitude of the foam problem does not come as a surprise. What is surprising is that it has taken the Justice Department so long to resolve its case against Philips, while it remains unclear whether the company will face criminal charges. Many of its customers would like to see that happen.

A Challenge to Intrusive Workplace Monitoring

One of the drawbacks of the growing presence of electronic technology in the labor process is the ability of managers to conduct continuous surveillance of workers. Those who toil at computers have their keystrokes measured and evaluated, while others are monitored via handheld scanners or other devices.

U.S. corporations think they have every right to use these techniques in the pursuit of maximum output and higher profits. As Amazon.com has just learned, that may not be so easy when it comes to their European operations. The e-commerce giant was just fined the equivalent of $35 million for employing an “excessively intrusive” system of electronic monitoring of employee performance at its warehouses in France.

The French Data Protection Authority (CNIL) said it was illegal for Amazon to measure movements of workers to such an extent that they would have to justify every moment of inactivity. CNIL condemned Amazon not only for using what it called “continuous pressure” but also for retaining the monitoring data for too long.

CNIL’s case was based on the European law known as the General Data Protection Regulation (GDPR), which includes a principle largely unknown in the United States: data minimization. Americans are used to giving up vast amounts of personal information to corporations. In Europe, companies are supposed to restrain their data appetites.

That message has not gotten through to American firms operating in the EU, especially the tech giants. Meta Platforms, the parent of Facebook, has been fined more than $5 billion for GDPR penalties—far more than any other company. Alphabet Inc., parent of Google, has racked up over $900 million in fines. Even Amazon has previously run afoul of the law. In 2021 it was fined over $800 million for misusing the personal data of customers. An appeal is pending.

What is relatively unusual about the latest fine against Amazon is that it involves GDPR violations in the relationship between employers and workers, as opposed to companies and their customers. Employment-based cases are not unheard of. In fact, Amazon itself was fined over $2 million for improperly doing criminal background checks on freelance drivers.

What makes the new case even more remarkable is that it concerns not only personal information but also the labor process. The CNIL’s challenge to Amazon’s monitoring is a challenge to its ability to control what workers do every moment they are on the job.

By restricting intrusive employee monitoring, the GDPR is being used to shield workers from the worst forms of exploitation. And because excessive monitoring pressures workers to do their job in an unsafe manner, the law also protects against occupational injuries. In other words, it is challenging management domination of the workplace.

It remains to be seen whether the CNIL and the other agencies enforcing the GDPR in Europe go after other employers engaged in intensive monitoring or if they treat Amazon as an outlier requiring a unique form of enforcement. For now, at least, the CNIL has shown the possibility of using privacy regulation to enhance the liberty and well-being of workers.

Koch Industries and the Attack on Regulation

Donald Trump’s rants about the deep state are designed to deflect attention away from his own transgressions. An even more sinister attack on the legitimacy of the federal executive branch is taking place in the U.S. Supreme Court, and the result could strike a serious blow against corporate accountability.

The Court just heard oral arguments in two cases that were purportedly brought by commercial fishermen protesting their obligation to help pay for the cost of monitoring compliance with the Magnuson-Stevens Fishery Conservation and Management Act.

Instead of addressing that narrow issue, the cases are being used to challenge one of the bedrocks of federal regulation—the 40-year-old Chevron doctrine under which courts have given deference to agencies in interpreting laws relating to the environment, consumer protection, and the like.

It is standard procedure for Corporate America to use small businesses as a wedge for achieving changes that provide a lot more benefit to large companies. There was little doubt this was the dynamic at play in the fishing case.

The New York Times made this even more evident in an article revealing that the supposed public interest law firm bringing the fishing case is closely linked to billionaire Charles Koch, who has long sought to weaken government oversight of business as part of a broad rightwing agenda. Charles Koch and his late brother David bankrolled libertarian think tanks such as the Heritage Foundation and the Cato Institute as well as activist groups such as Americans for Prosperity.

This crusade has not been solely a matter of ideology. There is also a great degree of self-interest involved. That’s because Koch is the chairman of Koch Industries, a privately held industrial conglomerate that has for decades clashed with regulators and prosecutors.

In the period since January 2000, the company has, as documented in Violation Tracker, been involved in hundreds of federal, state and local regulatory cases and has had to pay more than $1 billion in fines and settlements.

Most of these penalties have been paid by Koch’s numerous subsidiaries, which do business in industries that often run afoul of environmental and workplace safety rules. These include Flint Hills Resources (petroleum), Georgia-Pacific (pulp and paper), Guardian Industries (glass and coatings), and Invista (polymers and fibers).

Koch Industries has long used its political influence to try to protect the company against the consequences of its regulatory infringements. For example, in 2000 a federal grand jury in Texas returned a 97-count indictment against the company and four of its employees for violating federal air pollution and hazardous waste laws in connection with benzene emissions at the Koch refinery near Corpus Christi.

The company was reportedly facing potential penalties of some $350 million, but in early 2001 it got the newly installed Bush Administration’s Justice Department to agree to a settlement in which many of the charges were dropped and the company pled guilty to concealing violations of air quality laws and paid just $10 million in criminal fines and $10 million for environmental projects in the Corpus Christi area.

Now Koch is trying to achieve a lot more through its friends on the Supreme Court. A decision that overturns the Chevron doctrine would severely weaken the ability of federal regulators to do their job and would be a boon to serial offenders such as Koch.

Targeting the Poultry Conspirators

High food prices have been one of the most contentious issues of the past few years, causing many people to remain negative about the U.S. economy even as other indicators have improved. Grocery inflation has several cases, but one that does not receive enough attention is the ability of large corporations to set prices at will.

Price escalation is possible because of the enormous amount of concentration in the food sector. Not only can major producers hike up prices on their own, they conspire with their few competitors to do so in tandem. This is known as price-fixing, and since the passage of the Sherman Act of 1890 the practice has been illegal under federal law. States bring prosecutions as well.

One state that has been particularly aggressive in this arena is Washington. Its Attorney General, Bob Ferguson, has targeted the poultry industry, which is believed to be a hotbed of anti-competitive practices. In 2021 Ferguson’s office sued 19 companies said to account for 95 percent of the broiler chickens sold in the entire country, alleging they conspired to restrain production, manipulate price indices, rig bids and exchange proprietary information with one another. The defendants included familiar names such as Tyson Foods, Pilgrim’s Pride and Perdue Farms.

Over the past two years, Ferguson has racked up an impressive record. Last April, 14 of the corporate defendants agreed to pay settlements totaling $35 million. The largest shares came from Pilgrim’s Pride ($11 million), Tyson ($10.5 million) and Perdue ($6.5 million).

Since then, Ferguson has kept up the pressure on the other defendants. Most recently, House of Raeford Farms agreed to a $460,000 settlement. The two remaining holdouts, Foster Farms and Wayne-Sanderson Farms, are scheduled to go on trial later this year.

They may change their minds about going to court. All of the settling defendants have agreed to cooperate with Ferguson’s office in producing evidence that can be used in that trial. Those defendants have also signed consent decrees under which they commit to changing their practices and acknowledge that the AG can seek additional fines if they fail to do so.

Ferguson wants to have even stronger tools at his disposal. Recently, he joined with several state legislators to propose legislation that would increase the maximum penalty for price-fixing and other anti-competitive practices.

At the same time the big poultry companies work to keep prices high, they have been accused of conspiring to keep pay low. The U.S. Justice Department has been targeting the industry for the improper exchange of compensation date, a practice that amounts to wage-fixing. One company, George’s Inc. agreed last year to pay $5.8 million to DOJ. The feds are seeking other settlements.

There has also been private litigation on this issue, resulting in large settlements such as a $29 million payout by Pilgrim’s Pride and $12 million by Simmons Foods.

It remains to be seen whether the federal and state prosecutors, together with plaintiffs’ lawyers, can get the poultry industry to stop colluding on prices and wages. Yet these cases should serve as a reminder of the extent to which food inflation is the result of corporate power and greed.

A New Emissions Cheating Scandal

Cummins Inc. waited until just before the Christmas holiday to announce that it had “reached an agreement in principle to resolve U.S. regulatory claims regarding its emissions certification and compliance process for certain engines primarily used in pick-up truck applications.” After insisting it cooperated fully with regulators, the company went on to claim it “has seen no evidence that anyone acted in bad faith and does not admit wrongdoing.”

That vague and tortuous statement was clarified when the U.S. Justice Department put out its own release saying that Cummins was close to signing an agreement with DOJ and the State of California under which it would pay $1.7 billion to settle allegations it violated the Clean Air Act by installing defeat devices on hundreds of thousands of engines.

Cummins, which produces engines for trucks and heavy equipment, has thus joined the roster of large companies accused of installing technology meant to yield deceptive results on emissions tests and thus conceal the true amount of pollution being generated. DOJ stated that the devices installed by Cummins allowed the engines to produce thousands of tons of excess emissions of nitrogen oxides, which are linked to respiratory conditions such as asthma.

The defeat device revelations began, of course, with Volkswagen. The German automaker has paid out over $20 billion in fines and settlements around the world since the accusations of emissions cheating first emerged in 2015.

Yet there are a number of other large companies that have faced similar allegations. In 2019 Fiat Chrysler (now Stellantis) reached an agreement with federal and California regulators under which it paid over $300 million in fines and spent about $200 million to recall vehicles and make them compliant.

In 2020 Daimler AG (now the Mercedes-Benz Group) reached a similar settlement under which it agreed to pay $945 million in penalties and spend $534 million on vehicle modifications.

Automotive suppliers have also gotten caught up in the controversy. Robert Bosch has paid several hundred million dollars in settlements for its role in producing the defeat devices for Volkswagen. In 2018 IAV GmbH, a German company that designs automotive systems, pled guilty to one criminal felony count and paid a $35 million criminal fine as a result of its work for VW.

After-market companies have also been targeted. The EPA has fined dozens of small firms around the country for illegally installing defeat devices, while the DOJ has gone after some medium-sized suppliers. For example, in 2022, Allied Exhaust Systems, which sells to individuals nationwide, agreed to pay a $1.1 million penalty.

Such cases suggest a remarkable willingness of companies large and small to violate environmental regulations. These are not situations in which firms accidentally exceeded emissions limits. From Volkswagen and Cummins down to the small automotive shops, the defendants were accused of deliberately thwarting emission controls.

The use of defeat devices does not simply involve infringement of abstract standards. They cause vast amounts of extra pollution to be spewed into the air and thus represent a corporate crime against the public’s health.

The 2023 Corporate Rap Sheet

The splashiest corporate crime prosecutions in 2023 came in the crypto sector. Binance pleaded guilty to charges of violating anti-money-laundering regulations and paid over $4 billion in criminal and civil penalties; its founder and CEO Changpeng Zhao was also charged personally and admitted guilt. The Justice Department won a conviction on fraud and conspiracy charges of crypto mogul Sam Bankman-Fried in connection with the collapse of his FTX exchange.

Otherwise, the DOJ has not had many blockbuster cases this year, and many of its bigger successes have involved foreign-based corporate defendants. Among the latter are a $1.4 billion settlement with the Swiss bank UBS in a toxic securities case that originated during the financial crisis a decade ago and a $629 million settlement with British American Tobacco involving a scheme to evade economic sanctions against doing business with North Korea.

While major convictions and settlements lag, DOJ has stepped up its dubious policy of corporate leniency. This includes frequent use of non-prosecution and deferred prosecution agreements under which companies are allowed to sidestep criminal pleas by agreeing to pay monetary penalties and promising to change their behavior—promises that are often broken.

During this year, DOJ has offered companies NPAs and DPAs at least 17 times. Among these are the British American Tobacco case cited above, a price-fixing case against Teva Pharmaceuticals, and a foreign bribery case against the chemical company Albemarle. A DPA was also used by the Occupational Safety and Health Administration to resolve a case against a construction company called Skinner Tank on charges of willfully ignoring safety regulations and creating conditions that led to the death of a worker.

DOJ is also making increasing use of another form of leniency known as a declination. Companies that self-report illegal behavior that occurred under their roof are given a guarantee they will not be prosecuted and are allowed to pay a reduced fine. A DOJ webpage lists three declinations for this year, but a report by Public Citizen suggests that the department may be agreeing to keep some of these deals confidential.

Among most other federal agencies, this year has seen only a sprinkling of large case resolutions against major companies. For example, the Commerce Department’s Bureau of Industry and Security fined Seagate Technology $300 million for export control violations in its sale of disk drives to China’s Huawei Technologies. The Federal Reserve fined Deutsche Bank $186 million for failing to comply with previous consent orders involving sanctions compliance and anti-money-laundering practices.

Although most of its penalties are below $100 million, the Consumer Financial Protection Bureau has brought a steady stream of cases against financial predators. These include a $90 million penalty against Bank of America for imposing unfair overdraft fees, withholding reward bonuses explicitly promised to credit card customers, and misappropriating sensitive personal information to open accounts without customer knowledge or authorization.

The Securities and Exchange Commission has kept up its case volume, but the number of large resolutions in 2023 has been down from the previous year. And a larger portion of those major cases involve civil add-ons to criminal bribery cases brought by the Justice Department under the Foreign Corrupt Practices Act. There are also signs that the SEC is joining the leniency bandwagon. Recently, the agency waived a $40 million penalty against the drug company Mallinckrodt in a case related to its failure to disclose loss contingencies linked to an investigation of its Medicaid billing practices.

The Federal Trade Commission has also tended toward smaller settlements this year, though that agency handles many matters—including merger reviews—that may not involve monetary penalties. The biggest fine it imposed this year was $25 million in a case against Amazon.com for violating the Children’s Online Privacy Protection Act Rule.

The Environmental Protection Agency has held steady in 2023. Its largest settlement has been a $242 million deal with BP in which the oil giant paid a $40 million penalty and agreed to spend $197 million on emission control upgrades at its Whiting refinery in Indiana.

Major cases have been down at the state level. There have been about two dozen resolutions involving penalties of $50 million or more, compared to the previous year’s total of 50, which included numerous opioid-related settlements. This year there has been one such settlement involving a $1.4 billion deal with supermarket chain Kroger.

Year to year changes do not tell the whole story, yet it is discouraging to see a drop-off in successful major enforcement actions. Let’s hope that in 2024 both federal and state regulators and prosecutors find the means to step up the pressure on rogue corporations.

Note: Details on the cases cited above and many more are in Violation Tracker.