Tag Archive for: business and corporate law

Whistling Past the Pandemic: The Increasing Trend of Whistleblower Reports during COVID-19

Whistling Past the Pandemic: The Increasing Trend of Whistleblower Reports during COVID-19

Whistling Past the Pandemic: The Increasing Trend of Whistleblower Reports during COVID-19

One of the collateral impacts of employee anxiety due to COVID-19 has been an increase in whistleblower reports to the Securities and Exchange Commission (SEC). According to Steven Peikin, Co-Director of the Division of Enforcement, the SEC received 35% more tips, complaints and referrals for investigation between mid-March and early May 2020 than during the same period in 2019. This uptick may lead to additional SEC enforcement actions and penalties, giving SEC-regulated companies cause for concern.

The SEC’s Whistleblower program

The SEC’s Whistleblower program, initiated as a result of the 2010 Dodd-Frank Act, accepts information from members of the public regarding potential violations of the securities laws. Such violations may arise from activities by publicly-traded companies, as well as securities industries professionals like registered investment advisers and broker-dealers. 

Since August 2011, the SEC has awarded more than $500 million for tips that led to monetary sanctions of more than $1 million. Three of the ten largest awards were issued in the last six months: an award of $50 million in June and awards of $27 million and $18 million in April. According to the SEC’s most recent annual report, the money available for payouts to whistleblowers was about $400 million as of September 30, 2019.

Clearly, the SEC’s whistleblower program is here to stay, and conditions created by the pandemic may increase whistleblowing activity. For companies that are regulated by the SEC, this has important implications. 

Considerations for SEC-regulated companies

  1. Both the Dodd-Frank Act and Sarbanes-Oxley Act of 2002 prohibit retaliation against whistleblowers. The U.S. Supreme Court has held that the broader whistleblower protections of Dodd-Frank only apply when the whistleblower made a report to the SEC, not if the matter was only reported internally. But it would be a rare case indeed for an employer to know that an employee submitted a tip to the SEC hotline. As a result, employers must use care in handling any potential whistleblower, both to avoid employee claims and to avoid a possible SEC action for retaliation.

  2. The SEC has taken enforcement action against companies whose employment agreements contain language that can be read to discourage whistleblower reports to the SEC. All employment agreements (including severance agreements), compliance manuals, and codes of ethics should be drafted and reviewed carefully to avoid such a finding.

  3. Regulated companies should continue to investigate potential violations of the securities laws, including those where a potential SEC whistleblower may be involved. Any internal investigation must avoid disclosure of the whistleblower’s identity, if discovered, and retaliation. But good governance and risk mitigation both require critical self-examination, and internal investigations fill that role. In the event of an SEC investigation, companies can receive cooperation credit for investigating and remediating, as well as self-reporting, potential violations of the securities laws. 

As businesses navigate the COVID-19 pandemic, responding to increased whistleblower activity does not require a new playbook, just good execution of existing strategies.

Mary O'Connor | Farrow-Gillespie & Heath LLP | Dallas, TX

Mary L. O’Connor’s practice focuses on representing companies and their officers and directors in commercial litigation and arbitration, securities litigation, internal investigations, and regulatory investigations and enforcement proceedings. Mary is currently listed among the Best Lawyers in Dallas by D Magazine, and the Best Lawyers in America by US News and World Report.

COVID-19 and Social Justice on Non Profit Corporate Governance

Potential Impact of COVID-19 and Social Justice Issues on Non-Profit Corporate Governance

COVID-19 and Social Justice on Non Profit Corporate Governance

The novel coronavirus (COVID-19) pandemic and the resurgence of social justice movements are likely to have lasting repercussions on how non-profit entities approach corporate governance. The very-intense national conversations about the following issues should cause non-profit boards of directors to expect certain traditional governance practices to change in response to the lessons and experiences gained from these issues:

  1. Lines of Authority
    Non-Profit boards and management traditionally work together to allocate decision making between the two parties. However, the line separating the responsibility of the board from the responsibility of management tends to blur in times of crisis.  Boards and management should analyze how they worked together during the COVID-19 crisis and social justice protests to ascertain whether work is needed to avoid future crisis-related confusion.
  1. Workforce Culture and Hiring Practices
    Special efforts should be made to address workforce culture and to have meaningful oversight of hiring practices. Improving diversity in employment is critical, but so are practices relating to recognizing culturally-significant issues and events. Board engagement in acknowledging social justice issues, regardless of the nature of the non-profit’s mission, setting realistic goals, and insisting on management focus will need to be ongoing.
  1. Focus on Risk to the Enterprise and Oversight of Business “Resiliency”
    The pandemic validates the need for strong board involvement in risk identification and disaster response. There is a heightened obligation to exercise oversight of the future business “resiliency” of the non-profit. Federal loans have helped many non-profits during the COVID-19 crisis but the next crisis may not have this resource to help the non-profit “bounce back.” Boards will need to monitor management’s plans to recover from future catastrophes or social justice activities, not only from a financial perspective but also a “brand image” perspective.
  1. Oversight of Patron Safety
    The pandemic has shown the need for enhanced focus on customer safety in many lines of for-profit business, primarily retail and restaurants. Non-Profits also have patrons/visitors whose safety must be protected. A greater board collaboration with management on the quality of patron engagement matters should result in shifts that include more awareness and increased oversight of the resources necessary for emergency preparedness, infection control, and regulatory compliance.
  1. Reliability of Key Technology
    Depending on the nature of the non-profit’s mission and business model, directors will want to exercise greater diligence on the acquisition and implementation of key technologies and more detailed contingency planning for the possibility of critical technology, equipment, or personnel being unavailable.
  1. Employee Health and Safety
    Addressing employee concerns for workplace health and safety matters is now an important element of the board’s oversight of workplace culture. Employee concerns in this regard are likely to remain a key part of business resiliency planning long after the advent of a vaccine or other treatments for the COVID-19 virus.

In short, non-profit boards should anticipate, for the foreseeable future, an increased level of engagement with their governance responsibilities. This higher level of engagement will be necessary to assure that the non-profit has, in fact, rebounded, and evaluated potentially broader changes to accomplishing its mission in light of “lessons learned.”

Scott Chase is Board Certified in Health Law by the Texas Board of Legal Specialization and has practiced health law, corporate law, and intellectual property law for more than 40 years. His primary practice focus is business transactions for physicians and healthcare facilities, as well as healthcare regulatory issues, such as the Affordable Care Act and HIPAA. Mr. Chase also handles general corporate matters and trademark/copyright issues for a variety of non-healthcare clients.

PPP Loan Program and Certification Guidance

PPP Loan Program: Am I in Trouble? What the New Certification Guidance Means for You *********Update 5/06/2020*********

Information regarding PPP loans are constantly changing. New updates are highlighted in red.

PPP Loan Program and Certification Guidance

Last week, an additional $310 billion in funding was approved for the Paycheck Protection Program. Given that the initial $349 billion was used within weeks, it’s likely the second tranche will go quickly as well.

Meanwhile, though SBA updates its Frequently Asked Questions nearly daily and periodically releases additional interim rules, we still await more detailed guidance on loan forgiveness.

A few recent updates to the FAQ about the borrower certification has drawn a lot of attention:

31. Question: Do businesses owned by large companies with adequate sources of liquidity to support the business’s ongoing operations qualify for a PPP loan?

Answer: In addition to reviewing applicable affiliation rules to determine eligibility, all borrowers must assess their economic need for a PPP loan under the standard established by the CARES Act and the PPP regulations at the time of the loan application. Although the CARES Act suspends the ordinary requirement that borrowers must be unable to obtain credit elsewhere (as defined in section 3(h) of the Small Business Act), borrowers still must certify in good faith that their PPP loan request is necessary. Specifically, before submitting a PPP application, all borrowers should review carefully the required certification that “[c]urrent economic uncertainty makes this loan request necessary to support the ongoing operations of the Applicant.” Borrowers must make this certification in good faith, taking into account their current business activity and their ability to access other sources of liquidity sufficient to support their ongoing operations in a manner that is not significantly detrimental to the business. For example, it is unlikely that a public company with substantial market value and access to capital markets will be able to make the required certification in good faith, and such a company should be prepared to demonstrate to SBA, upon request, the basis for its certification.

Lenders may rely on a borrower’s certification regarding the necessity of the loan request. Any borrower that applied for a PPP loan prior to the issuance of this guidance and repays the loan in full by May 14, 2020*. will be deemed by SBA to have made the required certification in good faith.”

Then, a few days later, with #37, SBA stated that businesses owned by private companies with adequate sources of liquidity to support the business’s ongoing operations are also covered by the guidance in #31.

And then the next day came #39:

39. Question: Will SBA review individual PPP loan files?

Answer: Yes. In FAQ #31, SBA reminded all borrowers of an important certification required to obtain a PPP loan. To further ensure PPP loans are limited to eligible borrowers in need, the SBA has decided, in consultation with the Department of the Treasury, that it will review all loans in excess of $2 million, in addition to other loans as appropriate, following the lender’s submission of the borrower’s loan forgiveness application. Additional guidance implementing this procedure will be forthcoming. The outcome of SBA’s review of loan files will not affect SBA’s guarantee of any loan for which the lender complied with the lender obligations set forth in paragraphs III.3.b(i)-(iii) of the Paycheck Protection Program Rule (April 2, 2020) and further explained in FAQ #1.

Why did we get this new guidance?

Well, you might think of this as the “Ruth’s Chris” rule. When the initial tranche of loan funds ran out, many small businesses were left on the outside looking in. That frustration led to anger once stories broke about the large loans received by Ruth’s Chris Steak House and other publicly traded companies. In response to the backlash, Ruth’s Chris and many other companies returned their loan funds and SBA added this additional guidance about the borrower certification on the loan application.

While this guidance is given to all borrowers it’s written with a fairly narrow target audience in mind: big companies, both public and private, with other options, and particularly those taking large loan amounts. You know those emails that go out to the whole office about not burning popcorn in the microwave when it’s just one person who does it? It’s kind of like that. If you’re not the monster who assaults your colleagues’ olfactory senses, it’s not really directed at you.

What does it mean?

I’ve had several clients ask me what to make of this new guidance. What does it mean for the loan request to be necessary? Must you be at the point where you’d be forced to close your doors tomorrow to qualify for a loan? Does this mean that a borrower who reasonably believed their business would be impacted by the pandemic, took a loan, and then doesn’t suffer the business impact they feared is now in trouble?

I don’t believe that this new guidance is intended to suggest that SBA is going to second-guess a small business who applied in good faith but whose business conditions look better today than when they applied, or that businesses must be at the brink of ruin to be eligible. Rather, it’s intended to remind potential borrowers that this is a taxpayer-funded program of limited resources intended to help businesses in need. PPP isn’t meant to support big companies with ample funding options but rather a lifeline for businesses that might otherwise be seriously impacted by COVID-19.

The key sentences in the FAQ are here:

“Specifically, before submitting a PPP application, all borrowers should review carefully the required certification that “[c]urrent economic uncertainty makes this loan request necessary to support the ongoing operations of the Applicant. Borrowers must make this certification in good faith, taking into account their current business activity and their ability to access other sources of liquidity sufficient to support their ongoing operations in a manner that is not significantly detrimental to the business.”

Let’s look at that certification language again, this time broken out into subparts:

Borrowers must [certify] that current economic uncertainty makes this loan request necessary to support [ongoing operations]

  • in good faith, taking into account
    • their current business activity and
    • their ability to access other sources of liquidity sufficient to support their ongoing operations in a manner that is not significantly detrimental to the business.

So, you might think of this certification as a two-pronged “good faith” test. The first prong refers to current business activity; that is, how is the borrower’s business as of the date of application? Has business declined compared to a typical month? Has the business had to lay off employees or reduce hours? Is it reasonably likely that the decline may continue? A business that, as of date of application, has seen a decrease in sales and/or had to reduce staff can likely meet that prong of the good faith test.

The second prong mentions the ability to access other sources of liquidity in a manner not significantly detrimental to the business’s ongoing operations. What does that mean? Notably, while other SBA loans apply a Credit Elsewhere test, PPP does not.

But, going back to the Ruth’s Chris example, if your business is sitting on piles of cash or has ready access to capital on favorable terms, it may be hard to show the good faith needed for a PPP loan. If, however, your only other options are to burn through your limited capital reserves or to take a loan elsewhere on unduly onerous terms, you can likely meet this second prong. After all, supporting ongoing operations means taking prudent steps today that will enable your business to ride out the crisis and remain in operation once this is over.

If you are still unsure if your application is in good faith, consider this: Imagine the local paper ran a story announcing you’d gotten an SBA loan. What would your reaction be? Would you be worried about a PR disaster, or proud to share that you’re doing all you can to keep your business going and your employees paid?

What should you do?

This new guidance reminds borrowers to keep good documentation not only of how loan proceeds are used but also of the circumstances that gave rise to the loan request in the first place. My advice to SBA borrower clients is to gather such documentation so that if the need arises to explain why you applied, you’re not relying on your memory to recreate the record after time has passed.

For example, records showing that your business activity had declined significantly, or that you’d had to lay off employees, or been declined for credit elsewhere, would be strong evidence that the application was made in good faith. In other words, I think it’s important for borrowers to have evidence that they carefully considered their options.

While SBA has expressly stated it will review loans over $2 million, borrowers of any amount should be prepared to provide documentation. In general, I believe, the larger the loan amount and/or the borrowing company, the more likely it is to be reviewed.

Should my business give back its loan funds in light of this guidance?

The FAQ offers a “safe harbor” to borrowers who return their loan funds by May 14. If you give the loan back right away, SBA will deem you to be in compliance, no questions asked. This has led some borrowers to wonder if they should pay their loans back now out of an abundance of caution.

For some eligible borrowers, it may be worth the peace of mind to repay now, and those with loans of $2 million or more should evaluate this option knowing that their loans will be reviewed if they keep them. But if you’re a small business owner who applied in good faith and have the appropriate documentation, this warning is not directed at you. And, these warnings do not mean that a business which received a large loan should automatically give it back, only that you should carefully consider your options.

If you’re a bigger business, public or private, with ample reserves or credit options, though, this certification should make you think twice about applying or prompt you to consider returning loan funds you’ve already received. Those are the proverbial popcorn-burners that the all-office email is meant for.

After all, the guidance says, “it is unlikely that a public company with substantial market value and access to capital markets will be able to make the required certification in good faith, and such a company should be prepared to demonstrate to SBA, upon request, the basis for its certification.” To me, that’s a pretty clear warning that if you’re nominally an eligible borrower but don’t need the loan, you should think carefully about proceeding.

No one wants to be the popcorn-burner.

*The repayment date has been extended from May 7, 2020 to May 14, 2020.

For more information regarding SBA loans and the PPP program, please visit: https://fghwlaw.com/covid-19-sba-loan-update-04-15-2020/

Ellen Daniel Williamson | Farrow-Gillespie Heath Witter LLP

Ellen Williamson is of counsel at Farrow-Gillespie Heath Witter LLP. She has more than fifteen years of experience as an attorney, and has practiced probate, estate planning, and guardianship law since 2013. She spent much of her early career with the Small Business Administration Office of Disaster Assistance as liaison with federal law enforcement in the investigation and prosecution of disaster loan fraud. She earned a J.D. from SMU Dedman School of Law.

SBA Loan for COVID-19

COVID-19? There’s an SBA loan for that *****UPDATE 04/15/2020*****


On April 3, the Paycheck Protection Program launched with much fanfare and some speed bumps as lenders struggled to adapt to new Interim Final Rule which had been released late the night before. Many applicants reported that their banks were not taking applications or were only taking from customers who had existing loans, and some bank websites couldn’t handle the heavy traffic. Meanwhile, the Interim Final Rule was short on detail on many important aspects, creating confusion as lenders and businesses struggled to get up to speed.

But as we get closer to the 2 week mark, with every passing day we get a little more guidance about the PPP loans. The Treasury Department has a Frequently Asked Questions page which is updated daily or nearly so with new questions added at the end. I would imagine that at some point, the questions will be reorganized topically rather than sequentially in the order answered. The SBA has also indicated intention to give more details about the loan forgiveness aspect of the program and the process of applying for it.

As the initial $349 billion in funding provided by the CARES Act gets closer to being fully obligated, negotiations continue between the House and Senate on providing additional funding and related measures. It’s also possible that the program may be amended to provide for more than 8 weeks of funding and to continue beyond the current June 30 end date. 

Meanwhile, the EIDL program has had speed bumps of its own. While loan eligibility was for up to $2 billion and a $10,000 emergency grant was to be given to applicants within 3 days of applying, this program too is in need of further funds. Borrowers report that loans are being capped at $15,000 for now and that, rather than $10,000 per business, grants are being given for only $1,000 per employee up to $10,000. SBA has not stated as much officially, but borrowers have reported this response.

I’m reminded of an occasion in my time at SBA Disaster Assistance when we were awaiting new funding to be available before we could approve more loans and obligate the funds. That morning, loan officers had reviewed the loans and recommended them for approval and the attorneys reviewed them and, if approvable, worked them right up to the point of obligation. Then, once word came that the funds were available, we obligated a slew of loans. I wonder if something similar may be happening now, where loans are ready to obligate for higher amounts once the funding is there. If that’s the case, I would expect the loans to be increased relatively quickly once more funding is available.

If this seems like a lot to understand, it is! In the past few weeks I’ve listened to two webinars, read the CARES Act, the Interim Final Rule, and supporting documents, plus dozens of articles. I’ll continue to update this page as new information comes in.

SBA Loan for COVID-19

In the wake of the COVID-19 pandemic, there’s been a lot of discussion of two different types of loans offered by the Small Business Administration (SBA) to help affected businesses.

The first, economic injury disaster (EIDL) loans, are offered through the SBA Office of Disaster Assistance and were made available through disaster declarations relating to COVID-19. The second, Paycheck Protection Program (PPP) loans, are offered through the traditional SBA 7(a) loan program and were authorized within the CARES Act recently passed by Congress and signed into law.

These two programs share the same broad goal of helping small businesses get through the coronavirus pandemic but differ in several important respects. While each is an SBA loan in name, they are different products, administered in different ways in different offices. It’s as if Ford Motor Company sold cars at some dealerships and motorcycles at others. While both are modes of personal transportation bearing the Ford name, they serve different needs.

Here’s a quick overview of these programs and how they work:

What’s the purpose of this loan?

EIDL:    To provide working capital to help businesses cover financial obligations and operating expenses it would have been able to meet during the disaster period had the COVID-19 disaster not occurred.

PPP:     To help small businesses meet payroll and other short-term operating expenses, such as rent, utilities, mortgage interest (not principal), and interest on debt existing before 2/15/2020. 

Who’s eligible to apply?

EIDL:    Certain small businesses, generally defined as having fewer than 500 employees and less than $35 million in revenue, private nonprofits, and Native American tribal small businesses. Some organizations, including lending or investment concerns, multilevel marketing (MLM) concerns, casinos, and religious organizations are not eligible.

PPP:     Small businesses, nonprofits, and veterans’ organizations, generally defined as those which employ no more than the greater of 500 employees or the size standard established by the SBA for certain industries.

What’s the maximum loan amount?

EIDL:    $2 million

PPP:     $10 million. The PPP loan program was funded with $349 billion in the CARES Act.

What are the loan terms?

EIDL:    Up to 30 years at 2.75% (nonprofits) or 3.75% (small businesses). Repayment deferred 6 months with interest accruing. As with all SBA disaster loans, COVID-19 EIDL loans have no fees or closing costs.

PPP:     2 years at 1% (Note: CARES Act had authorized up to 10 years at 4%, but Treasury has set terms at 2 years and 1% as of late April 2). 6-month deferral with interest accruing. No SBA fees, but lenders may have processing fees.

Is collateral required?

EIDL: Yes, general security interest in business assets will be used as collateral. Loans under $25,000 need not be secured. Note: this is an exception to SBA Disaster loan typical practice to require real estate as collateral.

PPP:     No.

Must the owner(s) personally guarantee the loan?

EIDL:    Yes, owners of >20% must guarantee the loan, for loans over $200,000.

PPP:     No. But per Treasury guidelines: “***However, if the proceeds are used for fraudulent purposes, the U.S. government will pursue criminal charges against you.***”

Can the loan be forgiven?

EIDL:    No. But, you can get the first $10,000 as an emergency advance grant, which does not need to be repaid.

PPP:     Yes, amount of forgiveness is calculated based on the amount spent on payroll costs, interest payments on mortgages, and payment of rent and utilities. It’s expected that to qualify for forgiveness, no more than 25% of proceeds should be used for uses other than payroll costs. Note that if you received a $10,000 EIDL emergency advance grant, the $10,000 grant will be subtracted from the forgiveness amount.

How can I apply? How is the loan administered?

EIDL:    EIDLs are direct loans of US Treasury funds. Apply with the SBA Office of Disaster Assistance, not through a bank. The application form is online.

PPP:     You can apply through an SBA-approved lender. These are SBA-guaranteed loans administered through banks and other lenders. Some banks are limiting PPP loan availability to only existing customers, while others will allow new customers.

Can I apply now? How long does the loan application process take?

EIDL:    Yes. This program is already up and running. Applications are typically taking 2-3 weeks on loan processing to approval decision, plus another 5 or so for funding. Emergency grants are to be issued within 3 days of application to eligible applicants.

PPP:     The CARES Act was signed into law on Friday, March 27. PPP loans are available from participating lenders as early as Friday, April 3, for small businesses and sole proprietorships and Friday, April 10, for independent contractors and self-employed individuals.

Some lenders are planning with a goal to approve, close, and fund loans on the spot, though mileage may vary on that. However, as Treasury did not release the final interim guidance on PPP loans until late on April 2, there are reports that some lenders are having issues with the roll-out on April 3, so some borrowers may find they cannot get applications in until next week.

Can I get both EIDL and PPP loans?

Yes. If you took out an EIDL between February 15, 2020-June 30, 2020, you can refinance it into a PPP loan and add the outstanding loan amount to the “payroll” portion of the PPP loan. Also, as noted above, if you accept the $10,000 EIDL emergency grant and then secure a PPP loan, the $10,000 grant will be subtracted from the forgiveness amount (with result that the EIDL grant was then, in effect, an advance on the PPP loan.)

It’s important to note that disaster loans, in general, must not duplicate benefits received from another source, and the PPP also does not allow for duplication of benefits.

What should I do?

Given SBA rules about duplication of benefits, if a business has already borrowed under PPP, some or all of that business’s EIDL eligibility may be reduced by the amount of the PPP loan, to the extent that the PPP loan covered losses the EIDL would otherwise cover. So, getting PPP first may obviate need or eligibility for EIDL.

However, you need not delay applying for EIDL. You generally have 60 days from loan approval to decide to accept an EIDL and can get extensions to give more time to consider. If you later qualify for a PPP loan you may be able to refinance that EIDL loan, which isn’t forgivable, into a forgivable PPP loan. So, to the extent your EIDL loan covered items which would be PPP-eligible, it appears your PPP loan would replace the EIDL loan.

Given that PPP loans can be for up to $10 million and EIDLs max out at $2 million, it’s possible that even if you get the max EIDL loan, you may still be able to get PPP funds. Likewise, you may have a need that isn’t eligible for PPP funds but for which you could get an EIDL. Put another way, if you created a Venn diagram of EIDL eligibility and PPP eligibility, there would be a great deal of overlap but not necessarily 100%.

Thus, it may be helpful to think about loan funding in several tiers. First, loan funds that need not be repaid. This includes the first $10,000 of EIDL funding and any portion of a PPP loan that is forgivable. Businesses should plan carefully to maximize this tier.

Second is loan funds that are not eligible for forgiveness. Under PPP, these loan funds incur 1% interest and have a 2 year repayment term. For needs that don’t fit within the PPP loan’s relatively narrow definitions, EIDL funds may serve as a backstop, with repayment terms of 2.75% (nonprofits) or 3.75% (businesses) of up to 30 years.

Some organizations may be eligible for one type but not the other. Religious organizations, for example, may apply for PPP but not EIDL. And some loan uses may be covered under EIDL but not PPP.

For more information on how to determine if you are eligible for the Paycheck Protection program, click here for the useful infographic prepared by the U.S. Chamber of Commerce.

Ellen Daniel Williamson | Farrow-Gillespie Heath Witter LLP
Ellen Williamson

Ellen Williamson is of counsel at Farrow-Gillespie Heath Witter LLP. She has more than fifteen years of experience as an attorney, and has practiced probate, estate planning, and guardianship law since 2013. She spent much of her early career with the Small Business Administration Office of Disaster Assistance as liaison with federal law enforcement in the investigation and prosecution of disaster loan fraud. She earned a J.D. from SMU Dedman School of Law.

Hemp and CBD legal obstacles

The Legal Obstacles of Hemp and CBD Retail Sale in Texas

Hemp and CBD legal obstacles

Texas has legalized hemp and cannabidiol oils (CBD) this year by passing House Bill 1325 (Texas Hemp Bill). However, the new legislation is not a blanket legalization of hemp products. For example, the bill outlaws all hemp products designed for smoking. The Texas Hemp Bill classifies CBD as a consumable hemp product, making it a food, not a drug or controlled substance. This designation generally means no special license is required to sell products. However, retailers of CBD products must still register with the Texas Department of State Health Services (DSHS). 

The new law provides for significant regulation of CBD, but the required regulations are still under development. For example, the Texas Hemp Bill places extensive labeling and testing requirements on all CBD products. All consumable hemp products that are sold in Texas must be tested for pesticides, heavy metals, harmful microorganisms, and THC concentration. Usually, these tests will be the responsibility of the grower or manufacturer, but retailers are responsible for testing any products which are not tested prior to entering their inventory. A URL linking to each product’s testing information must be on its container along with the name of the manufacturer, a hemp batch identification number, batch date, product name, and certification that the THC concentration is within the legal range. Further, all this information must be located on each unit intended for individual sale. CBD products produced out of state are allowed to be sold in Texas if they were produced legally in that state.

Several significant problems exist, however. For example, none of the policy and procedures to get the required testing or enforce the labeling requirements has been implemented by the State. Until the regulatory framework is in place, there is no practical way for retailers to comply with the requirements or for the state to enforce them.

Among several major enforcement issues, police departments currently lack the equipment to test THC levels in the field. The current field test deployed by most departments in Texas only report the presence of THC, not its concentration. Therefore, in order for police to check if a product is over the legal THC level, they would need to confiscate it and send it to a lab. This could create problems; especially for CBD products coming into Texas from states where marijuana is legal. 

In order to comply with federal law, the Texas Hemp Bill must still be approved by the U.S. Department of Agriculture (USDA). The USDA has stated they will likely not approve any state legislation relating to hemp or CBD until 2020. Federal law explicitly grants the Food and Drug Administration (FDA) full authority to regulate all medical claims related to hemp and CBD and the use of CBD in food and drugs. The FDA is preventing many CBD distributors and producers from making therapeutic claims without an FDA approved study. Further, the FDA is pressuring state health departments to crack down on the sale of CBD food and drink. 

Because it is so new, most of the necessary procedures and regulations needed to run and enforce the Texas Hemp Bill have not yet been implemented. Significant equipment upgrades are needed because, prior to the bill, law enforcement treated CBD the same as marijuana in most cases. DSHS is waiting until the USDA approves the Texas Hemp Bill, to start any implementation. The reasoning is federal law requires the USDA approval before most of the bill can go into effect, and the USDA may require Texas to makes some changes. Until the Texas Hemp Bill is approved by the USDA and the infrastructure to implement the bill is set up, CBD will occupy a grey area in the law.

Farrow-Gillespie Heath Witter provides a full range of business and corporate law services to companies from local start-ups to the Fortune 1000. These business law services include LLC formations, copyright and trademarks, corporate governance, general counsel services, and more.  

Summer Intern Stephen Chance

Stephen Chance was an intern at Farrow-Gillespie Heath Witter, LLP. Mr. Chance is a law student at SMU Dedman School of Law in Dallas, Texas, where he is a Lead Articles Editor for SMU Law Review and the Treasurer of the Student Bar Association. Prior to law school, Mr. Chance taught high school world history in Garland, Texas. He holds a B.A. in Historical Studies from the University of Texas at Dallas.

Five Key Internal Investigation Considerations

Internal investigations are used by companies to learn the facts, identify legal and compliance issues, and resolve concerns across a number of areas, ranging from employment practices to health and safety to financial reporting.  When a company determines to conduct an internal investigation, thinking through these five key issues will help assure a thorough and objective investigation.

  1. Identify the right process owner. This is not the person who will conduct the investigation but the one who authorizes it, receives the report, and takes action on it. The process owner needs to be someone who is independent in the matter. For example, if the investigation involves alleged misconduct by an officer, a committee of the board of directors may need to authorize and oversee the investigation.
  2. Preserve evidence promptly. Take immediate steps to preserve obviously relevant documents and other evidence for the investigation. Making relevant evidence available to the investigator and preserving it for later review is a key step to gaining credibility for your investigation if regulators decide to review the same issues at a later date or if stakeholders question the neutrality of the investigation.
  3. Develop a plan of investigation. A well-thought-out plan of investigation helps establish a baseline understanding between the investigator and the process owner. The plan should establish an initial scope of the investigation, i.e., identify the issue(s) to be considered. The plan should also identify the types of documents that will need to be collected and reviewed and the witnesses who should be interviewed.  In some instances, the plan may identify experts that should be consulted. As the investigation progresses, the scope may need to be expanded, based on consultation between the investigator and the process owner, and additional witnesses or experts may be identified. 
  4. Consider the privilege. If the company wants to conduct an investigation that is protected by attorney-client privilege, steps should be taken from the outset to establish and protect the privilege. In many jurisdictions, the privilege is more likely to be upheld if outside counsel serves as the investigator. An engagement letter or memorandum to the file from the process owner or in-house counsel should be written at the outset and should state that the purpose of the investigation is to obtain legal advice. Witness interviews should include appropriate instructions about the privileged nature of the investigation and need for confidentiality. Potential waivers of privilege should be considered before they arise and discussed between the investigator and the process owner. Careful planning can allow the investigator to take steps to minimize or avoid the potential for privilege waiver.
  5. Decide on the form of report. Sometimes a written report is the best format. But finalizing a written report can take time. In some instances, e.g., an accounting restatement where investors have been told not to rely on the company’s existing financial statements, the need for prompt answers may be better served by an oral report or a simple slide show format. As with other key decisions, the investigator should advise and consult the process owner on the form of the final report.

By attending to these five key issues, the investigator and process owner help assure the integrity of the investigation and avoid costly “do-overs.”

Mary O'Connor | Farrow-Gillespie & Heath LLP | Dallas, TX

Mary L. O’Connor’s practice focuses on representing companies and their officers and directors in commercial litigation and arbitration, securities litigation, internal investigations, and regulatory investigations and enforcement proceedings. Mary is currently listed among the Best Lawyers in Dallas by D Magazine, and the Best Lawyers in America by US News and World Report.

Data Breach? Your Obligations under the Texas Identity Theft Enforcement and Protection Act

Illustration by attorney Christopher Elam

For any business – big or small – customer confidence is critical for success in today’s competitive marketplace.  But in the event your company’s security is breached and consumer information is stolen, you may have a legal obligation to notify your customers.  Admitting a data breach can be embarrassing, but failure to comply with the law can be devastating to your reputation and your bottom line. 

The Texas Identity Theft Enforcement and Protection Act

The Texas Identity Theft Enforcement and Protection Act (Tex. Bus. Com. Code §§521.001 et seq.) applies to anyone who conducts business in Texas and “owns or licenses computerized data that includes sensitive personal information.”  Texas businesses are required under the Act to protect the sensitive personal information of their staff and customers.   As used in the Act, the term “sensitive personal information” includes unencrypted identifying information, such as an individual’s name in combination with other information, such as a social security number, driver’s license number, or credit card information.  The term also includes an individual’s health care information.

The Act requires you to notify the affected individuals as soon as possible after you discover or reasonably believe that there has been a data breach.  A data breach isn’t just limited to your computer systems being hacked – the Act’s notification requirements could also be triggered if, for example, an unscrupulous employee steals a customer’s credit card information, or if a customer using your website receives another customer’s information as a result of a coding error.  If the data breach affects more than 10,000 individuals, you must also report the incident to consumer reporting agencies.

The Penalties

The penalties for not complying with the notification requirements can be steep.  For each violation, the State of Texas can impose a civil penalty of anywhere between $2,000 and $50,000.  Plus, for every person that should have received notification of the data breach but did not, there’s an additional penalty of up to $100 per person.  If you fail to react appropriately to an extensive data breach, you could be on the hook for up to $250,000 in fines alone.  Although individuals themselves cannot bring a lawsuit to enforce the law, the Texas Attorney General may bring an action to recover the penalties and may even seek an injunction.  The Attorney General is also entitled to recover reasonable expenses, including attorney’s fees, court costs, and investigatory costs.

If your business collects or maintains the sensitive personal information of its customers such as credit card information or healthcare information, you need to take extra precautions to collect, store, and secure that data properly.  If you have experienced a data breach, or even if you suspect one has occurred, we strongly recommend seeking the advice of an experienced attorney to help you avoid the perils of an inadequate response.

Christopher Elam is an attorney at Farrow-Gillespie Heath Witter LLP. Mr. Elam has experience in business transactions, corporate governance, trademarks and real estate transactions, as well as mergers and acquisitions. He graduated from SMU Dedman School of Law in 2010.

Farrow-Gillespie Heath Witter

The CCPA: California’s Follow-up to the GDPR

Farrow-Gillespie Heath Witter

Illustration by legal assistant Charles Jackson

Following the enactment of the European Union’s GDPR, California has passed the California Consumer Privacy Act of 2018 (CCPA) that will go into effect January 1, 2020. The CCPA is intended to protect California residents’ personal information, which is defined as any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. This includes identifiers such as name or email address, commercial information, personal property records or purchase history, biometric information, search history, professional information and educational information. However, the CCPA does not apply to information already regulated under HIPAA, the Graham-Leach Bliley Act, the FCRA, or the Drivers’ Privacy Protection Act.

The CCPA applies to companies that:

  • Conduct business in California
  • Collect the personal information of California residents
  • Satisfy at least one of the following:
    • Produce annual gross revenues in excess of $25,000,000
    • Buy, receive, sell, share, or a combination thereof, the personal information of 50,000 or more consumers, households, or devices for commercial purposes
    • Obtain 50% or more of their annual revenue from selling, releasing, or renting consumer personal information to a third party for monetary consideration

Under the CCPA, California residents will know what information companies are collecting about them, why the data is being collected, and with whom they are sharing the data.  California residents will have the power to demand that their data is deleted and not stored, and that their data cannot be sold or shared with any third parties.  Further, California residents can opt out a company’s terms of service without losing access to its offerings.  The CCPA also restricts companies from selling the data of anyone under the age of 16 without explicit consent.

To hold companies accountable for consumer data, California residents will be able to sue companies subject to the CCPA for up to $750 for each data breach violation. In addition, the California attorney general can sue for $7,500 for each intentional violation of privacy.

The CCPA also requires the expansion of privacy disclosures that companies provide when collecting or using consumers’ personal information.  The disclosures must include a description of the rights California residents have about their personal information, how they can exercise such rights, as well as information on how the companies will collect, use, and share their data.  In addition, the company must provide a link to a “Do Not Sell My Personal Information” page that allow consumers to opt-out and is accessible on all relevant platforms.

For companies that are subject to CCPA, more requirements may be coming, as the law gives the California Attorney General the authority to implement new regulations.  If you believe you are subject to the CCPA, consult an attorney familiar with data privacy to ensure compliance.

For full documentation of the CCPA, please visit the website of the California legislature.


Tahlia Grassie | Farrow-Gillespie & Heath LLP | Dallas, TXTahlia Clement is a clerk at FGHW. Ms. Clement is a 2019 candidate for a Juris Doctor at SMU Dedman School of Law, where she is the Editor-in-Chief for SMU’s Science and Technology Law Review. She holds a B.A. in journalism and mass communications from Arizona State University.

The IRS’s Trust Fund Recovery Penalty: A Perilous Trap for the Unwary

Under the Internal Revenue Code (the “IRC”), employers must withhold certain taxes from employee pay. These monies are referred to as “trust fund taxes” because they are held in trust on behalf of the government, and employers must turn these withheld amounts over to the government on a regular basis.

For various reasons, employers sometimes fail to remit these trust fund taxes to the government when they are supposed to. For example, struggling businesses facing challenging financial decisions as to which creditors will be paid to keep the business afloat, may fail to pay withheld taxes and instead “borrow” from the government to pay other creditors first. This may be a perilous path not only for the employer but also for individuals within the organization who have decision-making authority. While other creditors may have to rely on veil-piercing concepts to collect the company’s liability from anyone other than the company, the federal government does not.

To allow the IRS to collect, Congress authorized § 6672 of the IRC which allows IRS to collect directly from the personal assets of certain control individuals. As was stated in Wright v. United States, “[t]he statute is harsh, but the danger against which it is directed—that of failing to pay over money withheld from employees until it is too late, because the company has gone broke—is an acute one against which, perhaps, only harsh remedies are availing.” 809 F.2d 425, 428 (7th Cir. 1987).

In a nutshell, § 6672 provides that any person required to collect, account for, and pay any tax imposed under the IRC who willfully fails to do is liable for a penalty equal to the total amount of the unpaid tax. Thus, liability under § 6672 attaches if an individual both (i) qualifies as a “responsible person”; and (ii) “willfully” fails to pay over the amount due.

Section 6672 has been interpreted by the courts quite broadly to encourage individuals to stay abreast of their companies’ withholding and employment taxes. As such, the penalty has ensnared many an unsuspecting charitable board member, officer, bookkeeper, accountant, investor, or other person associated with a taxpaying organization. Thus, it is important for anyone in such a position to bear in mind that their title carries significant risk. Even where such a person is completely non-complicit in the discouraged activity, they may still bear the burden of mounting a legal defense against IRS claims.

It is also important to understand that each such responsible person is liable for 100% of the trust fund recovery penalty. Perhaps the only significant limitation on the IRS’s latitude is that, while it may assess any and all responsible persons until the amount due has been paid, it can collect the tax due only once. Also, IRS claims preempt state law, rendering for example, creditor protections for homestead real property inapplicable.

While the government bears the burden of proving that the taxpayer is a responsible person, taxpayers bear the burden of proving a failure was not willful. Willfulness has been defined as the “voluntary, conscious, and intentional decision to prefer other creditors over the United States.” Ruscitto v. United States, 629 Fed. Appx. 429, 430 (3d Cir. 2015).

Illustration by legal assistant Charles Jackson

The willfulness requirement is satisfied when the responsible person makes the deliberate choice to pay the withheld taxes to other creditors, instead of paying the government. Where the responsible person does not segregate the trust fund taxes but uses them to cover operating expenses (such as employees’ wages and claims of other creditors), each payment may be a voluntary, conscious, and intentional decision to prefer other creditors over the government. This requirement is satisfied with something as simple as making payroll. Thus, in most business scenarios, negating willfulness can present a significant challenge.  Importantly, § 6672 is a civil, and not a criminal, statute. Its criminal analogue, § 7202, requires the additional concept of “known legal duty” to comply with due process of law requirements under the Constitution. However, no such requirement is associated with § 6672, so it is much easier for the government to meet its burden of proof.

To sum up, it is absolutely critical for all control persons within any taxpaying organization (including nonprofits and government entities, which are nonetheless subject to withholding requirements and employment taxes) make themselves aware of applicable deadlines and other procedural requirements. Failure to do so can result in life-altering penalties being assessed against personal assets including homesteads and other property which is generally considered exempt from creditor claims. Could you write a personal check for 100% of your organization’s employment taxes?

If you have questions regarding the Trust Fund Recovery Penalty or are facing other IRS issues, please reach out to FGHW for a consultation.

Christian Kelso | Farrow-Gillespie & Heath LLP | Dallas, TX

Christian S. Kelso, Esq. is a partner at Farrow-Gillespie Heath Witter LLP.  He draws on both personal and professional experience when counseling clients on issues related to estate planning, wealth preservation and transfer, probate, tax, and transactional corporate law. He earned a J.D. and LL.M. in taxation from SMU Dedman School of Law.

How the EU’s New Privacy Law Affects You

The General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is the European Union’s (EU) new privacy law set to go into effect on May 25, 2018. For the EU’s single market countries, the GDPR establishes protection for the privacy and security of an individuals’ personal data. However, because of extraterritorial jurisdiction, United States (US) organizations accessing and using EU citizen information could be subjected to the GDPR.

Controller vs. Processor

The GDPR has direct extraterritorial reach of a “controller” or “processor” organization located outside the European Union if the organization offers goods or services, even for free, to individuals in the EU. As defined by the GDPR, a “controller” is an organization that determines the purpose and means of processing information. A “processor” organization processes personal data on behalf of the controller under the controller’s instruction. For example, a bank (controller) collects the data of its clients when they open an account, but it is another organization (processor) that stores, digitizes, and catalogs all the information produced by the bank.

GDPR Website Regulations

An organization using a website to offer goods and services to EU individuals also falls under GDPR regulations. These websites can be identified by their use of language, the ability to order goods and services in the currency of one or more EU member states, and the acknowledgment of consumers who live in the EU. Therefore, an English-language website marketed to US consumers or US business-to-business transactions in terms of American dollars only would not be subjected to the GDPR.

A website can circumvent the GDPR by avoiding the collection of “identifiable” personal information of EU citizens. Identifiable information is information that can be used to identify any individual, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or two one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual. Therefore, a website needs to have access to more than an individual’s email address. Websites often collect identifiable information through the use of cookies and/or sign-up forms. If an organization’s website uses cookies to collect information from an EU citizen, even if the organization is not doing anything with the information, the organization will be subject to the GDPR.

There are still many questions on how the EU will enforce actions against US organizations that do not follow the GDPR requirements, but it is important that you review by May 25th all aspects of your organization’s physical and digital data processing if you are accessing EU citizen information.

Scott Chase | Farrow-Gillespie & Heath LLP | Health LawAuthor Scott Chase is a health law and corporate attorney at Farrow-Gillespie & Heath.  Scott has been named to the lists of Best Lawyers in America, Texas Super Lawyers, and Best Lawyers in Dallas in every year for more than a decade.


Tahlia Grassie | Farrow-Gillespie & Heath LLP | Dallas, TXCo-author Tahlia Clement is an intern at Farrow-Gillespie & Heath LLP.  A second-year law student, she currently serves as Editor in Chief of the SMU Dedman School of Law’s Science and Technology Law Review.

Investment | Farrow-Gillespie & Heath

Uncertainty Continues Around “Fiduciary Rule” Protections for Retirement Investors

The last 40 years have seen a marked change in retirement benefits, with fewer employer-sponsored defined benefit plans, more defined contribution plans (including 401(k) plans and Simplified Employee Pension (SEP) plans), and a proliferation of individual retirement accounts (IRA). These changes have raised questions among regulators about the protections available to employees who are now increasingly responsible for managing their own retirement funds.

The US Department of Labor’s Fiduciary Rule

The US Department of Labor (DOL) wrote rules in the 1970s to regulate trustees of pension funds and those providing investment advice to the funds as fiduciaries. DOL began working on updated regulations under President George W. Bush and again under President Barack Obama to address a perceived gap between the standards applied to pension fund investments and to newer forms of retirement accounts. The resulting “Fiduciary Rule” became final in April 2016 and was scheduled to phase in by January 1, 2018.  President Trump asked for a review of the rule shortly after taking office, and implementation has been delayed.

A key feature of the Fiduciary Rule imposes a fiduciary standard not only on investment advisers (who provide ongoing advice for a fee) but also broker-dealers and insurance agents who may recommend a single security or transaction to a retirement investor. The Fiduciary Rule requires all of these professionals to recommend only transactions that are in the best interest of the retirement investor. Under the Fiduciary Rule, unless an exemption applies, professionals cannot receive commissions for those transactions, because commissions create a conflict of interest between the professional and the investor. Finally, the Fiduciary Rule exempts commissions on the sale of fixed rate annuities under more lenient provisions than fixed indexed and variable annuities.

The Fiduciary Rule in Court

Because brokers and insurance agents are traditionally paid on a commission basis per transaction, rather than receiving fees for ongoing advice, the DOL’s Fiduciary Rule raises concerns among those professionals about costs of compliance and potential lost revenue. Several lawsuits have challenged provisions of the Fiduciary Rule and DOL’s authority to write the rule.  In a decision issued March 13, 2018, the United States Court of Appeals for the Tenth Circuit upheld the Fiduciary Rule against a challenge to its provisions differentiating fixed indexed annuities from fixed rate annuities.  Two United States District Courts, one in Texas and one in the District of Columbia, also upheld the Fiduciary Rule in decisions issued February 8, 2017, and November 4, 2016, respectively. Unlike the Tenth Circuit case, the Texas and DC cases challenged the entirety of the Fiduciary Rule as beyond DOL’s authority.

The Texas case was appealed to the United States Court of Appeals for the Fifth Circuit, which issued an opinion on March 15, 2018 that vacated the Fiduciary Rule. Two members of a three-judge panel found that the statutes relied on by DOL do not authorize it to write the Fiduciary Rule. DOL has until April 30 to move for rehearing before the full Fifth Circuit, and it has until June 13 to ask the United States Supreme Court to review the decision.

Regardless whether DOL challenges the Fifth Circuit ruling, other regulators are poised to write protections for self-directed retirement accounts. The United States Securities and Exchange Commission has already said that it is looking at regulating in this area and may announce a rule in the second quarter of 2018. State regulators may become more active, as well, if they feel that federal protections are not forthcoming or not robust. For now, investors and financial services professionals should watch for DOL’s decision on whether to challenge the Fifth Circuit decision as a sign of how DOL views its future role in protecting retirement investors.


On April 18, 2018, the United States Securities and Exchange Commission proposed rules that would require all broker-dealers and associated persons to act in the best interest of retail customers when recommending a securities transaction or investment strategy, in addition to requiring enhanced disclosures from both broker-dealers and registered investment advisers of the nature of their services, the fees and costs for those services, and conflicts of interest. The SEC’s rules are broader than the DOL’s Fiduciary Rule in that they are not limited to retirement accounts. They also lack the specific restrictions on commissions and certain annuities that have made the Fiduciary Rule so controversial.

DOL failed to seek rehearing by the full Fifth Circuit by the April 30 deadline. While it is still possible that DOL will ask the U.S. Supreme Court to review the decision, it appears likely that any effort to revive the Fiduciary Rule will require intervention by investors or others representing their interests.

Mary L. O'Connor | Farrow-Gillespie & Heath LLP | Dallas, TXMary L. O’Connor’s practice focuses on representing companies and their officers and directors in commercial litigation and arbitration, securities litigation, internal investigations, and regulatory investigations and enforcement proceedings.

During the course of her career, Mary has been named to the list of Best Lawyers in Dallas by D Magazine, and to the list of Texas Super Lawyers (a Thomson Reuters service) by Texas Monthly Magazine.

Two Major Developments for Employers

Employment law has seen two recent major developments that affect employers. The first involves nondisclosure limitations in sexual harassment settlements. The second rewards employers who conduct internal wage and hour audits.

Recent Development #1: New Tax Law Nondislosure Limitations

One of an employer’s primary motivations in resolving an employment claim is to obtain the employee’s promise to keep the settlement and the allegations underlying the claim confidential. The recently-passed federal tax law may interfere with an employer’s interest in maintaining the confidentiality of such agreements.

In response to the recent “me too” movement, Section 13307 of the tax law (signed December 22, 2017) disallows tax deductions for an employer’s payment of a sexual harassment or sexual assault settlement if the settlement is subject to a nondisclosure agreement. The deduction restriction applies not only to the settlement amount, but also to the employer’s payment of related attorneys’ fees. While many experts predict some modification of the provision, employers should be mindful of this deduction restriction when considering whether to resolve a claim of sexual harassment or sexual assault.  Until the provision is revised, an employer either should negotiate any confidential settlement agreement with the understanding that the payment will not be tax deductible, or should resign itself to having no nondisclosure provision in the agreement.

Recent Development #2: DOL Payroll Audit Independent Determination Program

On March 6, 2018, the U.S. Department of Labor (DOL) announced a new pilot program aimed at providing employers with an opportunity to voluntarily correct payroll errors that may have resulted in inadvertent violations of the Fair Labor Standards Act (FLSA). Recognizing that employers who discover a failure to pay overtime or the misclassification of employees are often hesitant to take corrective action because of potentially expansive liability exposure, the DOL has adopted the Payroll Audit Independent Determination (PAID) program. The program allows employers to avoid potential litigation and liquidated damages by conducting internal audits and self-reporting any violations to the DOL.  DOL’s Wage and Hour Division (WHD) will assist employers in correcting mistakes and will facilitate the exchange of back wages payment for enforceable releases of liability from the affected employees.

The WHD plans to implement the PAID pilot program nationwide for six months, then evaluate the results. The PAID program is not available to settle ongoing FLSA litigation and is not accessible to employers with recurring violations.

For more information regarding either of these new developments, contact Julie Heath.

Julie Heath | Farrow-Gillespie & Heath LLP | Dallas, TXJulie E. Heath practices primarily in the area of employment litigation and counseling. In addition to litigation and arbitration defense, she counsels HR departments and businesses of on all aspects of employment law. Julie has been named to the list of Texas Super Lawyers (a Thomas Reuters service) in every year since 2012.

The 5 Most Important Decisions in a Physician Employment Agreement

Over the years, physician employment agreements have become very standardized. However, there are several provisions in such agreements that the to-be-employed physician must review carefully with his/her attorney. The following is a brief summary of what I consider to be the 5 most important provisions for a physician to understand and negotiate with the employer.

1. Compensation

First and foremost, the compensation needs to be clearly written and understood. Many compensation models are based on “Work Relative Value Units (WRVUs),” which are calculated by independent third parties and can be a trap for the unwary. For example, the calculation of WRVUs can change from year to year and the employment contract usually provides for the current WRVU value to be the compensation model. What happens if the WRVU value decreases substantially in a given year? Answer: The physician’s pay could decrease substantially as well. Careful negotiation of the compensation provision could ameliorate that occurrence.

Additionally, compensation usually includes employee benefits, e.g., vacation, health insurance, and those can sometimes be negotiated as well. Attention should also be paid to the reimbursement of expenses such as CME, credentialing fees and professional society fees.

2. Non-Compete

Texas has a statute specifically addressing physician non-competes, i.e., restrictions on where and when a physician can practice his/her specialty after termination of the employment agreement.  However, the statute does not mandate the time period, extent of the restricted area, or the exact type of physician actions that would constitute a violation of the non-compete.  Furthermore,
certain termination circumstances could be negotiated that would render the non-compete unenforceable or inapplicable. Thus, the non-compete should be negotiated in that it provides ample opportunities to advocate for favorable terms on the physician’s behalf.

3. Outside Activities

Most physician employment agreements require the employed physician to work full-time and often provide that any outside fees earned, e.g., expert witness fees, belong to the practice.  However, many physicians have pre-existing consulting arrangements, charitable activities or other professional endeavors that should be excepted from the restrictions on outside activities and ownership of fees. Again, this is a provision that can and should be negotiated.

4. Working Facilities and Staff

An employed physician needs adequate facilities, equipment, supplies and staff to fulfill his/her responsibilities. Yet, most employment agreements do not contain a provision that requires the employer to provide those items.

The adequacy of staff could also affect compensation. Consider a scenario in which the employed physician is on a bonus system that relies on collections of his bills by the practice. The contract should contain a provision that the employer will have adequate billing and collection services.

5. Liability Insurance

The employment agreement will generally contain a provision for the employee/doctor to purchase “tail” insurance in case the agreement is terminated. Tail coverage can be a substantial cost and, thus, the contract should be written to ensure the employee is not responsible for that coverage in all circumstances, e.g., in case of termination for cause by the physician. This provision is also one that can and should be negotiated.

Physician employment contracts are one of the most important financial undertakings in a doctor’s life. While tedious, provisions should be reviewed, understood, and negotiated to the fullest.  The entire contract should be carefully reviewed but the above items should receive the most attention.

Scott Chase | Farrow-Gillespie & Heath LLPScott Chase has practiced health law, corporate law, and intellectual property law for over 35 years. Mr. Chase is Board Certified in Health Law by the Texas Board of Legal Specialization.

Scott’s primary practice focus is business transactions for physicians and healthcare facilities, as well as healthcare regulatory issues such as the Affordable Care Act, HIPAA and peer review. Mr. Chase handles general corporate matters and trademark/copyright issues for physicians and also for a variety of non-healthcare clients.

Luxury Property | Yacht | SPE | Special Purpose Entities

Luxury Property Special Purpose Entities

Portions of this article were originally printed in Dallas Bar Association Headnotes, December 2017.

Luxury Property | Yacht | SPE | Special Purpose Entities

When it comes to luxury property, such as beach houses, lake houses, ski condos, hunting leases, aircraft, watercraft, limousines, and the like, two rules almost always apply: First, they are expensive to own and operate. Second, they tend to sit dormant much of the time. In order to spread out costs, decrease waste, and mitigate damage, it often makes sense for multiple owners to combine resources and share ownership of this type of property.

Whether friends or family, parties wishing to maximize these advantages often hold the property in special purpose entities or “SPE”. But ownership of luxury property involves legal and practical problems that differ from those of the standard, for-profit world. The tips below will help practitioners recognize and address the problems.

Entity Choice

LLCs are generally the entity of choice for luxury property SPEs in Texas. General partnerships lack appropriate liability protection, while limited partnerships are more expensive and complicated.  Although double taxation may not be an issue, corporations nonetheless raise tax concerns, such as increased potential for violating the nonrecognition provisions of IRC §351. Also, LLCs provide a level of privacy which can be valuable.

Usage Rules

Parties to a luxury property SPE must determine how, when, and by whom the property can be used. Options include reservation systems, drawing lots, or simply a first come, first served rule.  Similarly, guests, family members, pets, and smoking should be addressed. Parties should also expressly permit or forbid outside rental of the property.


Rules for sharing costs and expenses are also very important. Who will determine what expenses are proper? How and when will contributions be required? Should costs be shared pro rata, per capita, or otherwise? Many usage charges are difficult to track, which leads to infighting.  Requiring users to pay for fuel may be appropriate, but allocating a hangar fee may not. Also, budgeting for expenses well in advance and providing limitations on increases can provide comfort.

Penalties are another important concern. Unlike for-profit entities, luxury property SPEs require regular cash contributions for upkeep, taxes, and other expenses, so mechanisms are required to hold owners to their obligations. Thus, interest charges, as well as forfeiture of usage, voting rights, or even the ownership interest itself may be appropriate.

Contributions must be carefully defined. If Uncle Bob takes his favorite recliner to the ski condo for a few years, is it contributed or can he take it back? Answers to such questions will depend on the circumstances and may change over time.


Especially where many owners are involved, appointing and empowering capable managers is important. Expecting family factions to agree on a cable package for the old family homestead is unrealistic.

Managers’ powers should provide flexibility because they may need to make quick decisions. A company agreement can provide broad direction and allow managers to set specific policies and procedures internally, allowing for simpler, quicker amendments.

Ownership and Voting

Permissible owners of luxury property SPEs should be well defined. Transfers within this class should be easily made, while transfers outside the class should be difficult, but not impossible. Similarly, assignees’ rights should be clearly defined, particularly in the context of unintended transfers. For example, should assignees hold usage rights? Also, it may be helpful to limit ownership by disallowing fractionization of interests. For example, transferees receiving less than a whole unit might can be made assignees until the entire unit is held by one person.

Voting rights present other problems. Small luxury property SPEs will likely function better with a per capita voting whereas larger ones work best where votes are cast pro rata. Also, the threshold for supermajority voting should typically be lower with a luxury property SPE than with a for-profit enterprise because the entity represents a liability to its owners and they should have a more available exit strategy.

To summarize, many of the above considerations either play out differently or simply do not apply in the context of for-profit companies. Further guidance can be found in the rules applicable to social clubs and fraternal organizations. Unlike those organizations, however, additional flexibility is required with a luxury property SPE. If the parties are willing to exercise good planning, show a little patience, and adapt their systems, they will reap great benefits.

Christian Kelso | Farrow-Gillespie & Heath LLP | Dallas, TX

Christian S. Kelso, Esq. is a partner at Farrow-Gillespie Heath Witter LLP.  He draws on both personal and professional experience when counseling clients on issues related to estate planning, wealth preservation and transfer, probate, tax, and transactional corporate law. He earned a J.D. and LL.M. in taxation from SMU Dedman School of Law.

What You Need to Know About Copyrights

Most people have heard the word “copyright” or at least have seen the symbol “©” – but what exactly is a copyright?

Overview of Copyrights

A copyright protects an original work of authorship that is fixed in a tangible form of expression or medium, including literary, dramatic, musical, and artistic works. Copyrighted materials may include books, songs, movies, TV shows, plays, choreography, paintings, computer software, and architecture.

To satisfy the test for being “fixed in a tangible form of expression,” the work must have been recorded or written in some fashion – even if only on one’s computer. A copyright does not protect ideas. Furthermore, a copyright does not protect names, titles, slogans, or logos (although these may be protected as trademarks).

If you have ever wondered why you are prohibited from recording a movie in a theatre, or downloading free music from a disreputable website, it is because that movie or music is copyrighted. Creating an item that qualifies for copyright entitles you to legal rights under the law. By holding a copyright, you exclusively hold the following five rights; (1) to reproduce the work; (2) to distribute copies of the work to the public; (3) to prepare derivative works, or create adaptations based upon the work; (4) to perform the work publicly; and (5) to display the work publicly.

Copyright exists to encourage people to create original works by rewarding them with an exclusive right to profit from that work. Without copyright, there would be no financial incentive to create original works, and your original works could be reproduced and used freely by anyone for profit.

Obtaining a Copyright

Unlike trademarks and patents, you are not required to register your copyright in order to obtain the legal protections it grants. Your work is under copyright protection the moment it is created and fixed in a tangible form. However, in order to bring a lawsuit for infringement of a U.S. work, you must first register your copyright with the U.S. Copyright Office. A registered copyright may entitle its owner to statutory damages and attorney’s fees in successful litigation.

Notice of a copyright is given by using the “©,” followed by the first year of publication for a given work and the authors name, on the work itself. While this notice is no longer a legal requirement for protection, it can be used for evidence that the work is, in fact, under copyright protection.

Once obtained, a copyright lasts for the life of the author and expires on the seventieth anniversary of his or her death. When the author of copyrighted material dies, the copyright generally passes to his or her heirs. Until expiration, copyrights are generally transferrable; transfer can be recorded by submitting documentation to the Copyright Office.

In the event that you create a work within the scope of your employment, or the work was specifically ordered or commissioned in a certain, specified circumstance, the work is considered a “work made for hire.” In this situation, the employer or commissioning party is considered to be the author, and therefore, holder of the copyright. A copyright for a work for hire lasts for 95 years from the date of first publication, or 120 years from year of creation, whichever date occurs first. When a copyright expires, the underlying work enters the public domain. Once a work is a part of the public domain, anyone can reproduce, and use the work freely.

Copyright Infringement

When you believe someone has infringed on your copyright, you can protect your rights by filing a civil lawsuit in federal district court. However, there are two ways someone can use a copyrighted work without being liable for infringement.

First, a user can gain permission to use the work from the copyright holder. If you want to use someone’s copyrighted work, you may simply ask them for permission. To find out who holds a copyright to a certain work, a search can be done through the Copyright Office. For copyrights registered before 1978, a manual search must be conducted. For copyrights registered after 1978, the search can be done online through the Copyright Office’s website. Generally, permission to use a copyright is granted by a license.

The second protection that users can claim is the “fair use doctrine.” This doctrine allows use of a sample or section of a copyright work without permission of the copyright holder when the copying is deemed a “fair use.” Criticism, commenting, news reporting, teaching, and scholarship or research purposes are all considered fair use. There is no certain length of sample or section where the line is drawn between fair use and copyright infringement.

When determining whether the use of a work is considered fair use, four factors must be considered; (1) the purpose and character of the use; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used; and (4) the effect of the use upon the potential market. These four factors will be considered when determining if an infringement occurred, or the use was lawful under the fair use doctrine.

If you believe your copyright has been infringed, make sure your copyright is registered with the Copyright Office and consult an attorney familiar with copyright infringement suits. Taking these key steps will help to ensure that you protect your copyright.

Health Law | Farrow-Gillespie & Heath LLP | Dallas, Texas

$2.5M Settlement Shows that not Understanding HIPAA requirements Creates Financial Risk

Health Law | Farrow-Gillespie & Heath LLP | Dallas, TexasThe U.S. Department of Health and Human Services, Office for Civil Rights (OCR), recently announced a Health Insurance Portability and Accountability Act (HIPAA) settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI).  In 2012, CardioNet, a company that remotely monitors patients at risk for cardiac arrhythmias, reported to the HHS Office for Civil Rights (OCR) that a workforce member’s laptop was stolen from a parked vehicle outside of the employee’s home.  The laptop contained the ePHI of 1,391 individuals.  The settlement was not reached until 2017, indicating the length of time that some HIPAA investigations can take, with its attendant costs.

CardioNet has agreed to settle potential noncompliance with the HIPAA Privacy and Security Rules by paying $2.5 million and implementing a corrective action plan.  This settlement is the first involving a wireless health services provider, based, in part, on CardioNet’s failure to comply with basic HIPAA rules that are applicable to all “covered entities” and “business associates”. Thus, the compliance steps outlined below for mobile devices are applicable to any device used to store PHI or ePHI.

OCR’s investigation into the impermissible disclosure revealed that CardioNet had insufficient risk analysis and risk management processes in place at the time of the theft.  Additionally, CardioNet’s policies and procedures implementing the standards of the HIPAA Security Rule were in draft form and had not been implemented.  Further, the organization was unable to produce any final policies or procedures regarding the implementation of safeguards for ePHI, including those for mobile devices.

HHS and OCR have published a very helpful 5-step guideline for establishing compliance with HIPAA.  While the following actions relate specifically to mobile devices, these five steps are applicable to all PHI.


Decide whether mobile devices will be used to access, receive, transmit, or store patients’ health information or used as part of your organization’s internal networks or systems (e.g., your EHR system).

Understand the risks to your organization before you decide to allow the use of mobile devices. Risks (threats and vulnerabilities) can vary based on the mobile device and its use. Some risks may be:

  1. A lost or stolen mobile device
  2. Inadvertent downloading of viruses or other malware
  3. Unintentional disclosure to unauthorized users when sharing mobile devices with friends, family and/or coworkers
  4. Use of an unsecured Wi-Fi network.


Assess how mobile devices affect the risks (threats and vulnerabilities) to the PHI your organization holds.

Conduct a risk analysis to identify the risks to your organization. If you are a solo provider, you may conduct this risk analysis yourself. If you work in a larger organization, the organization may conduct the risk analysis.

A risk analysis will help determine the safeguards, policies, and procedures your organization needs. It should include reviewing risks created by all mobile devices used to communicate with your internal networks or systems, regardless whether the devices are personally owned or provided by the organization.

Perform a risk analysis periodically and whenever there is a new mobile device, a lost or stolen device, or suspected compromised health information.

After conducting a risk analysis, document, in writing:

  1. Which mobile devices are being used to communicate with your organization’s internal networks or system (g., the EHR system or Health Information Exchange (HIE)), and
  2. What information is accessed, received, stored, and transmitted by or with the mobile device.


Identify your organization’s mobile device risk management strategy, including privacy and security safeguards.

The purpose of a mobile device risk management strategy is to develop and implement mobile device safeguards to reduce risks (threats and vulnerabilities) identified in the risk analysis. The risk management strategy should include evaluation and maintenance of the mobile device safeguards you put in place.

Develop, Document, and Implement

Develop, document, and implement the organization’s mobile device policies and procedures to safeguard health information.

Organizations should develop and implement reasonable and appropriate policies and procedures to safeguard health information, including those specific to mobile devices. Here are some topics and questions to consider when developing mobile device policies and procedures:

  1. Has the organization identified all the mobile devices that are being used in the organization? How is the organization keeping track of them?
  2. Should the organization let providers and professionals use their personally owned mobile devices within the organization?
  3. Should providers and professionals be able to connect to the organization’s internal network or system with their personally owned mobile devices, either remotely or on site?
  4. Does the organization restrict how providers and professionals can use mobile devices?
  5. Will the organization institute standard configuration and technical controls on all mobile devices used to access internal networks or systems, such as an EHR?
  6. Are there restrictions on the type of information providers and professionals can store on mobile devices?
  7. Does the organization have written procedures for addressing misuse of mobile devices?
  8. Does the organization have procedures to wipe or disable a mobile device that is lost or stolen or when providers and professionals end their employment or association with the organization?
  9. How is the organization training its workforce (management, doctors, nurses, and staff) on policies and procedures and holding them accountable?


Train and conduct mobile device privacy and security awareness and training for providers and professionals.

Providers and professionals who use mobile devices must have privacy and security awareness and training, on an annual basis, to avoid costly mistakes that can result in loss of patient trust.

Privacy and security awareness and training should include a discussion of the following topics:

  1. How to assess risks (threats and vulnerabilities) when using mobile devices for work;
  2. How to secure mobile devices;
  3. How to protect and secure health information;
  4. How to avoid mistakes when using mobile devices.

Finally, the organization should train its workforce so that they understand the organization’s mobile device policies and procedures and how to follow them.

Jennifer Snow | Farrow-Gillespie & Heath LLP | Dallas, TX

Jennifer Snow practices in the areas of health care law and business litigation. She is the author of numerous articles on health care law. Jennifer represents physicians and physician groups in health law matters, and she represents companies and executives in business litigation.

Ms. Snow has been named to the list of “Rising Stars” by Texas Monthly Magazine and Texas Super Lawyers (a Thomson Reuters service) in every year since 2014.

Scott Chase | Farrow-Gillespie & Heath LLPScott Chase has practiced health law, corporate law, and intellectual property law for over 35 years. Mr. Chase is Board Certified in Health Law by the Texas Board of Legal Specialization.

Scott’s primary practice focus is business transactions for physicians and healthcare facilities, as well as healthcare regulatory issues such as the Affordable Care Act, HIPAA and peer review. Mr. Chase handles general corporate matters and trademark/copyright issues for physicians and also for a variety of non-healthcare clients.

Puttering on About Drones

Subsequent to the posting of this article, the U.S. Court of Appeals for the District of Columbia, in a case styled John A. Taylor v. Michael P. Huerta and the Federal Aviation Administration vacated the requirement that drones flown for recreational purposes must be registered with the FAA. Therefore, the new requirements referenced in the article requiring recreational users to register, to pay fees, to provide information, and to display identification are no longer of any force and effect.  Requirements as to commercial drone operators remain in place.  At the present, it is unknown if the FAA will pursue an appeal or if congress will move to modify the current legislation. But as of right now, if you are a recreational user, as Emily Litella would say: “Never mind.”

Spring showers are slowly evaporating, breezes are still slightly cool, and so in Texas many people find this the ideal time to engage in family outdoor activities. One traditional such activity during this time of year was the flying of kites in the still temperate winds.

But this is the 21st century.  Mary Poppins and outdoor flying activity find the kite an anachronism replaced by the sci-fi allure of scores of drones whizzing all around like deranged mutant mosquitoes.

Unlike kites, they are untethered, can move in infinitely more directions, and most importantly have a number of federal and state regulations that must be complied with before takeoff. Charlie Brown certainly did not need a legal consult as his greatest aeronautical adversary was a kite-eating tree, but the perils to an uninformed drone operator can be significantly worse. For example, if that drone were to hit someone then there could be a lawsuit. The person who was hit could go to a law firm, such as the Nehora Law Firm and sue that person for causing an injury.

This brief article seeks to acquaint the recreational user with some of the legal requirements of drone operation.

Federal Aviation Agency

First and foremost, the Federal Aviation Administration (FAA) considers even recreational drones (described in government-speak as Unmanned Aircraft Systems and usually referred to by the acronym UAS) to be aircraft falling within their jurisdiction.

Therefore, the first FAA requirement is encountered upon the initial purchase of a UAS. Most recreational users are most likely to purchase a UAS weighing between 0.55 and 55 pounds. UAS within this weight category must be registered. This may be done online at registermyuas.faa.gov. You will need to provide your name, address, email address, the make, model, and serial number of your new UAS and pay a fee of five dollars. In exchange, you will receive an FAA registration certificate and number. Your UAS, even though it may weigh only a couple of pounds, and to most people would be considered a toy, must nevertheless be registered and carry the registration number just as if it were the family Cessena, Beechcraft, or Southwest Airlines Boeing 737. Furthermore, the registered operator must be the one flying the UAS, and must carry the certificate of aircraft registration at all times while flying. Any federal, state, or local law enforcement officer is entitled to see the registration upon request.

Hobby and Recreational Use

Now you are ready for your first flight. There are specialized rules even for hobby or recreational use. The first rule, obviously, is that recreational use does not encompass any kind of remuneration for performance of any aspect of the flight and be solely for relaxation, refreshment, or diversion.

All flights must be in accordance with a set of community-based safety guidelines, such as those promulgated by the major model aircraft flight associations.

The operator must know and obey any restrictions to airspace contained in any Notice to Airman (NOTAM), whether or not temporary or permanent. To assist in learning of these restrictions, the FAA has established a mobile app called B4UFLY, which will assist in determining where flight restrictions are; however, certain areas such as within five miles of any airport are always restricted unless prior notification to the airport is provided.

Other regulations require all flights to be within visual line of sight, and should not be flown in a reckless manner. The minimum age for operating a drone is thirteen years of age, and if the owner is less than thirteen, someone thirteen or older must register the UAS.

Reckless Operations

The FAA may take the position that the following may be evidence of reckless UAS operations, and severe criminal penalties may result:

  • Flying higher than four hundred feet
  • Flying your UAS out of sight
  • Flying near other aircraft
  • Flying over groups of people, sports events, or scenes of disaster

In addition, Texas has certain state laws concerning protection of an individual’s privacy that prohibits surveillance of individuals without their permission for the purposes of photographing that individual.


Additionally, operators should take into account that accidents may occur. Homeowners should check with their insurance agent or attorney to review their liability policies to determine if coverage is afforded for damages caused by the use of a UAS. In certain situations, accidents caused by a UAS can even qualify as intentional torts. Consult with Dallas personal injury lawyers specializing in intentional torts if a drone injured you or your family.


This article is only meant to highlight some of the basic issues involved in the operation of a UAS and is not intended to be, nor is it, legal advice. Nor does it cover all legal requirements and circumstances of UAS operation.

Now where did I put that ball of twine? It’s a bit breezy outside.

Henry Wehrmann | Farrow-Gillespie & Heath LLP Henry S. Wehrmann practices in the primary areas of employment litigation defense, trade secrets and other intellectual property litigation, personal injury litigation defense, and products liability litigation defense. He is Board Certified in Personal Injury Trial Law by the Texas Board of Legal Specialization and is a former chair of the Sports & Entertainment Law section of the Dallas Bar Association.

Mary O'Connor | Farrow-Gillespie & Heath LLP | Dallas, TX

The SEC’s Reach May be Longer than you Think

Privately-owned businesses and individuals can be surprised to receive a subpoena from the U.S. Securities and Exchange Commission requiring them to produce extensive documents or give testimony. What does the SEC do, and how does it touch on private companies and private individuals?

The Role of the SEC in Enforcing Securities Laws

By its own description, “The SEC oversees the key participants in the securities world, including securities exchanges, securities brokers and dealers, investment advisors, and mutual funds.” To provide this oversight, the SEC interprets federal securities laws; issues rules; oversees the inspection of securities firms, brokers, and investment advisers; and enforces the federal securities laws.

The SEC brings hundreds of civil enforcement actions each year against individuals and companies for violations of the securities laws, ranging from insider trading to accounting fraud to providing false or misleading information about securities. The SEC’s Enforcement Division identifies subjects for potential investigation, recommends the commencement of an investigation, conducts the investigation, and recommends the filing of civil lawsuits by the Commission based on its investigation.  Although the SEC does not itself file criminal cases, it works closely with law enforcement agencies to bring criminal cases for securities law violations where appropriate.

Ways in Which the SEC’s Reach Extends to Private Companies and Individuals

The SEC’s mission clearly reaches the country’s securities exchanges, companies who list their securities on the exchanges, and brokers and dealers who trade in those securities. But private companies and individuals can get caught up in SEC enforcement activity in several ways:

Sale of Unregistered Securities

Individuals or entities who are offering or selling “securities” may violate the federal securities laws if the securities are (1) not registered with the SEC and (2) don’t qualify for an exemption from registration. The legal definition of “securities” includes more than just stocks and bonds and picks up limited partnership interests, many general partnership interests, notes, fractional interests in oil and gas ventures, and other types of passive investments. Many people unwittingly run afoul of the federal securities laws by offering interests in their business ventures without first confirming that the interests either are not securities or taking the steps to qualify for an exemption.

Antifraud provisions

The federal securities laws prohibit selling securities (again, think of this word broadly to cover any type of passive interests in your own business or someone else’s) through false statements. These antifraud provisions apply whether the security is required to be registered or not. So, even if your securities are exempt from registration, your company could still be subject to SEC investigation for misstatements made in the course of offering or selling the securities.

Sales activity by an unregistered person

Persons raising money for someone else’s business who serve as an intermediary in the transaction and receive per transaction compensation (e.g., commissions) are subject to SEC registration requirements as brokers or dealers. This is one of the issues the SEC raised when it filed suit against Texas Attorney General Ken Paxton for his efforts to promote a computer hardware company and recruit his friends and business associates as investors for its private offering, activities for which he received company stock.  Paxton was not registered as a broker with the SEC at the time of these activities.

Aiding and abetting a violation by someone who is subject to SEC regulation

A person who assists someone else in a violation of the federal securities laws can himself be swept up in an SEC enforcement action. For example, if a privately-owned business that buys products from a public company provides a false confirmation to the company’s auditors about the terms of the purchases, the private business (and any executive involved) could be subject to an SEC civil action for aiding and abetting a violation of the securities laws.

Insider trading

Individuals who trade in public company securities based on information that is not public can be charged with violating the securities laws if they know the information was obtained in violation of a duty of trust and confidence. This typically involves trading on tips from officers, directors, or employees of the company issuing the securities, or from the company’s lawyers, investment bankers, or the printers working on an offering.

How to Avoid Running Afoul of the SEC:

Here are some suggestions to avoid getting caught up in an SEC investigation.

First, if you are offering interests in your business to others, get your offering materials reviewed by counsel who can advise about possible registration requirements and how to qualify for an exemption.  This is a classic example of the saying, “an ounce of prevention is worth a pound of cure.”  Selling unregistered securities or failing to comply with the requirements for an exempt offering can result in having to return every dollar raised, not to mention statutory interest and penalties.

Second, have written back-up for all claims you are making to potential investors about the business and its prospects. This applies to both entities issuing securities and to persons helping to sell those interests. The SEC generally has five years to pursue claims, and defending what you said to potential investors is much easier if you have contemporaneous, written records.

Third, verify any information you provide to a public company with which you do business, including any confirmations you provide to their auditors.

Fourth, don’t act on or share rumors about stocks. The SEC has greatly expanded its technological capability to identify unusual trading that coincides with important announcements about public companies.  Settling a civil insider trading charge with the SEC routinely requires full repayment of all profits made, plus a penalty equal to that amount; criminal charges may result in jail time as well.

Finally, if you do get an SEC subpoena someday, act immediately to preserve all relevant hard copy and electronic data and consult an attorney familiar with the SEC Enforcement Division processes. Whatever issues the SEC may be looking at, taking these key steps will help you put your best foot forward.

Mary L. O'Connor | Farrow-Gillespie & Heath LLP | Dallas, TXMary L. O’Connor’s practice focuses on representing companies and their officers and directors in commercial litigation and arbitration, securities litigation, internal investigations, and regulatory investigations and enforcement proceedings.

During the course of her career, Mary has been named to the list of Best Lawyers in Dallas by D Magazine, and to the list of Texas Super Lawyers (a Thomson Reuters service) by Texas Monthly Magazine.

BEC: the Phishing Email Impersonating Your Boss

That flowery email from a Nigerian Prince who can’t spell has been supplanted by a far more dangerous phish — the Business Email Compromise (“BEC”). According to the FBI, in the past two years over 8,000 businesses, small and large, have been victimized by BEC attacks for combined losses of over $1.2 billion.

What is BEC? BEC is a sophisticated hack in which a scammer (usually impersonating the boss) instructs an employee to send money or sensitive data to what appears to be a vendor or other plausible business recipient. In some cases, the hacker infiltrates the company’s email system and sends the email from a recognized address. In others, the email address has only a minor difference. BEC hackers also research social media and company websites to mimic communication styles and to reference actual company matters.

The best defense against BEC is solid HR training: require in-person confirmation of payment requests; educate personnel in cyber-security; and train employees never to deviate from normal checks and controls.

Farrow-Gillespie Heath Witter LLP provides employment law training and HR counseling for cyber-related issues, along with insurance policy review for coverage related to cyber attacks.

Christian Kelso | Estate Planning | 663(b) distributions

It’s Time to Make Your 663(b) Trust and Estate Distributions!

Trusts and estates often pay more tax than individuals in like circumstances.  This is not because they are taxed at higher rates, but rather because the same rates applicable to individuals are “compressed,” meaning that each marginal rate increase happens at a lower level of income than it does for individuals.  For example, the highest rate of income tax for both trusts and individuals for 2016 was 39.6%, but whereas this rate only applies to income over $415,050 for single individual filers, for trusts and estates, this rate applies to all income over $12,400.  Other tax burdens, such as the 3.8% Net Investment Income Tax (a/k/a the “Obamacare Tax”) and higher rates of capital gains tax follow suit along similar lines.  Obviously, these add up to a significant potential tax burden.

Fortunately, there is a way to mitigate this tax burden.  Trusts and estates may take a deduction for “distributable net income,” which is generally the amount of income that is distributed from the trust to a beneficiary.  When this happens, the income is effectively shifted from the trust to the beneficiary, who simply adds it to their personal return and pays at whatever rate is applicable to them (including the distributed trust income, of course).

Since large amounts of unnecessary tax can be avoided by shifting income to beneficiaries in this manner, it is common practice for trustees to make distributions for this purpose, assuming, of course, that such distributions are permissible and proper under the terms of the trust.  But there is a problem:  How does the trustee know how much income to distribute from a given trust before the close of a given tax year?  Unfortunately, it is impossible, to know exactly how much income a trust has until after the tax year has closed, at which point, it’s too late to distribute all the income.

Enter IRC §663(b).  Under this special provision, a trust or estate may elect to treat any distribution made within the first 65 days of a given tax year as having been made on December 31 of the previous year.  In other words, the trustee gets 65 days after the actual close of the year to calculate how much income should have been distributed and then actually make that distribution.  The trustee then makes an election on the trust or estate’s income tax return (Form 1041) and voila, the problem is solved!

Although §663(b) distributions may provide a significant benefit, the can also represent a significant danger to trustees.  On the one hand, any distribution from a trust should only be made if and to the extent it is proper under the terms of the trust.  Even if such a distribution is permissible, it may not be in the best interests of a given beneficiary, as taxes are only one of many considerations.  On the other hand, a §663(b) distributions can save a significant amount of tax, so failing to make such a distribution, if permitted, could subject a trustee to liability for waste.

Making the right decision requires careful analysis.  The fiduciary attorneys at Farrow-Gillespie & Heath, LLP are well-versed with the applicable law and have the practical experience to understand the nuanced process that is involved with make the right decision.  If we can help you with this, please don’t hesitate to call.

The trust and estate planning attorneys at Farrow-Gillespie Heath Witter LLP, located in downtown Dallas, serve all of your trust and estate planning needs, including:

  • Estate planning for small estates
  • Estate planning for large, taxable estates
  • Trust review and modification
  • Trust and estate administration
  • Trust litigation
  • Will contests
  • Probate
  • Heirship proceedings
  • Guardianships

Fooling Mother Nature Requires a Texas License

By Maria Folkerth
July 27, 2016
Maria Folkerth was a summer intern at Farrow-Gillespie Heath Witter LLP.

wxmodSection 301.11 of the Texas Agricultural Code provides that a person must have a license and fill out an application for a permit to modify the weather. Cloud seeding is the most common form of weather modification in the state of Texas.

Cloud seeding is the use of silver iodide or dry ice to create larger clouds that produce more rain[1]. The reason Texans use cloud seeding is to make a good source of water for crops, especially in a drought or throughout dry seasons. Silver iodide copies the ice nuclei that allow water droplets to form. Cloud seeding uses aircraft as well as artillery guns. Aircraft are the most direct and efficient way to seed clouds. Using artillery guns is effective as well; however, that approach does not directly hit the clouds and takes longer to seed.

Cloud seeding is widespread in South and West Texas[2]. The cloud seeding season is from early spring to early fall.

People have tried to use cloud seeding in one other way: hail prevention. Hail is a form of weather that can completely obliterate crops. Farmers in Hale County and Lamb County believed that cloud seeding could also reduce the number of hailstorms. Instead of releasing small amounts of silver iodide into the clouds, they experimentally released larger amounts into clouds before large hail stones were formed. Unfortunately the experiments not only reduced the hail, but also reduced the amount of rain[3].

According to studies conducted, cloud seeding is not harmful to the environment or humans[4]. The main reason for this is that the amount of silver iodide used for cloud seeding is significantly below the 50 micrograms that is allowed per liter of water[5].

There is no discernible difference between normal non-seeded rain and seeded rain.


[1] https://weather.com/science/news/can-we-control-weather-20130616#/1

[2] https://www.tdlr.texas.gov/weather/weathermod.htm

[3] https://tshaonline.org/handbook/online/articles/ymwed

[4] www.weathermodification.org/images/AGI_toxicity.pdf

[5] http://www.wichitafallstx.gov/DocumentCenter/View/21261

Public/Private Partnerships

by Angela Hunt
April 28, 2016

During my eight years on the Dallas City Council, I saw many economic development projects make their way through City Hall’s complex approval process. There is a myriad of economic development tools used by the City of Dallas to incentivize redevelopment and encourage improvements to the public realm. Based on my experience, the most successful mechanism is the public-private partnership.

Generally speaking, public-private partnership is a legal contract between a public sector entity and a private company, with the partners sharing both the risks and rewards of a given project. For example, if both parties decided to put shares on the stock market using a company like Stocktrades, then it is deemed both of their responsibility and they must both acknowledge the risks of this type of investment, as well as the benefits. Public-private partnerships can be used to encourage real estate development and revitalization in underserved areas, to significantly improve public infrastructure through cost sharing with developer or community organization, or to create affordable housing opportunities in targeted areas. Importantly, public-private partnerships require an entity other than the city to take on financial risk, which tends to weed out boondoggles and projects that are less likely to succeed.

There are two public-private partnership types that have proven to be particularly effective in revitalizing Dallas: Public improvement districts and tax increment financing districts.


Public improvement districts, or “PIDs,” allow property owners in a particular geographic area to place an additional property tax on all of the real estate in their area for exclusive use within their boundaries. PID funding can be used for additional security, street lighting, beautification efforts, marketing, and other public improvements. Property owners seeking to create a PID must get approval from property owners representing 60% of the land value AND from either 60% of all record owners OR 60% of the land area. PIDs are governed by property owner-elected boards and managed by a specifically formed non-profit organization or homeowners’ association. We currently have a dozen PIDs in Dallas, including the Downtown PID, Uptown PID, and Deep Ellum PID.


Tax increments financing districts, or “TIFs,” are very different animals. Like PIDs, they affect particular geographic areas and they involve redirecting property taxes back to the area. But they’re a bit more complicated. Initiated by the city, but typically in partnership with one or more real estate developers, TIFs are premised on the idea that the target area is going to experience significant redevelopment that will increase property values and therefore increase the amount of property taxes received by the city. A fund reflecting this incremental increase in property taxes is used to provide financial incentives to developers to redevelop in the area.

TIFs have a life cycle, and in Dallas, it’s generally twenty years. In year one, property values are frozen in the area. The city continues to receive property taxes based on that base value for the life of the TIF. But as the area redevelops, property values increase. Property taxes from this “incremental” increase don’t go to the city, but instead go to a special fund that the city doles out to real estate developers seeking TIF funding for their project.

TIF funding is not just a general grant to the developer to help fund the project. TIF funding must be used for particular kinds of improvements that have some public benefit:

  • “Public” improvements such as new streets, alleys, sidewalks, street lighting, pedestrian lighting, water main lines, waste water main lines, and storm water improvements
  • Utility relocation/burial
  • Demolition of existing buildings, structures, and fixtures
  • Restoration of historic building facades
  • Acquisition, clearing, and grading of land for public improvements
  • Fees paid for architectural, planning, and engineering work related to eligible TIF funded pubic improvements
  • Environmental impact studies/environmental remediation
  • Additional costs incurred for high density projects

TIF funding is a competitive and complex process. Developers must file an application with the City of Dallas and work with the Economic Development Department in determining the amount of funds that a project may qualify for (based on its estimated value at completion). Developers are encouraged to meet the community and obtain their support.

Once the application is complete and the developer has engaged the community, the application is presented to the board that oversees that particular TIF (a volunteer board appointed by the City Council). The project is next briefed to the Council’s Economic Development Committee, which will make a recommendation for approval or denial to the full Council. Finally, the Dallas City Council votes on whether to grant the project the requested funding.

Importantly, TIF funding recipients do not receive a big check all at once. First, they have to complete their project as presented to the city, then they will begin receiving the increment TIF funds for their project on an annual basis over several years. Funds are dispersed annually after all the property owners in the TIF pay their property taxes. In the early years, projects generally just get to “keep what they kill,” receiving back the incremental property taxes that they paid on their own property above the base amount. But as the area improves, the TIF funding pot increases and TIF projects receive more and more increment.

Creating PIDs and obtaining TIF funding from the City of Dallas are complicated Processes. My experience on the Dallas City Council representing more TIFs and PIDs than any other part of town helped me understand these economic incentive tools work from the inside. I welcome the opportunity to help my clients navigate City Hall bureaucracy and secure public-private partnerships in support of their projects.