Existing rules in Europe require, and proposed rules in the U.S. would require, companies and financial institutions to have in place effective clawback policies.  Under such policies, employers have the ability to recover compensation paid to employees when certain events occur or information comes to light that could have an adverse effect on the employer.  The aim, of course, is to create a direct link between reward and conduct so as to promote good corporate behavior and ensure effective risk management.

Clawback provisions have been around for a number of years and they are now a fairly well-known feature in a variety of different bonus and equity incentive programs. They often complement other measures that employers can deploy to address adverse events and circumstances, the most common of which is the ability to forfeit or downward adjust unvested compensation. With executive scrutiny and accountability on the rise, the significance of these policies and their effectiveness will undoubtedly be put to the test.  This article looks briefly at the legal and practical challenges companies face at each stage of a clawback policy – from design and implementation to operation and enforcement.


Continue Reading Learning to Live with Clawbacks: The New, Long String on Executive Compensation

The federal government has been encouraging employers to adopt best practices to address both external and internal threats to critical business information and infrastructure. These best practices have included an important human resources element, including policies and programs covering current and former employees.

For example, the Obama Administration opened its initiative to combat trade secret theft with a report that listed human resources policies as one of four areas in which employers need to adopt best practices. Similarly, the Framework for Improving Critical Infrastructure Cybersecurity developed by the National Institute of Standards and Technology and the recently published Best Practices for Victim Response and Reporting of Cyber Incidents developed by the U.S. Department of Justice include multiple recommendations regarding human resources policies needed to manage cybersecurity risks. As we have noted before, employees can be among the best protectors of employers’ critical information, or its worst threat.


Continue Reading Will Cybersecurity Best Practices Morph into Cyber Mandates?

As we have previously discussed, companies face a growing threat that trade secrets and other critical business information will be taken by employees and other insiders.  Protecting business critical information is not simple.  Companies need a holistic approach that implicates multiple areas of the law, including data security, privacy, intellectual property, white collar crime,