Photo of Caroline Brown

Caroline E. Brown is a partner in Crowell & Moring’s Washington, D.C. office and a member of the firm’s White Collar & Regulatory Enforcement and International Trade groups and the steering committee of the firm's National Security Practice. She provides strategic advice to clients on national security matters, including anti-money laundering (AML) and economic sanctions compliance and enforcement challenges, investigations, and cross border transactions, including review by the Committee on Foreign Investment in the United States (CFIUS) and the Committee on Foreign Investment in the U.S. Telecommunications Services Sector (Team Telecom).

Caroline brings over a decade of experience as a national security attorney at the U.S. Departments of Justice and the Treasury. At the U.S. Department of Justice’s National Security Division, she worked on counterespionage, cybersecurity, and counterterrorism matters and investigations, and gained unique insight into issues surrounding data privacy and cybersecurity. In that role, she also sat on both CFIUS and Team Telecom and made recommendations to DOJ senior leadership regarding whether to mitigate, block, or allow transactions under review by those interagency committees. She also negotiated, drafted, and reviewed mitigation agreements, monitored companies’ compliance with those agreements, and coordinated and supervised investigations of breaches of those agreements.

In this episode, host Kate Growley and Caroline Brown talk about the regulatory risks of violating sanctions and anti-money laundering laws when considering whether to make a payment to ransomware attackers. Those risks extend beyond the victims of the ransomware attack themselves to include ransomware insurance businesses, payment processors, and companies involved in digital forensics

In an Advance Notice of Proposed Rulemaking (ANPRM) published in the Federal Register on Monday, March 29, 2021, Commerce announced that it is soliciting public comment on a licensing process for companies seeking pre-clearance for information and communications technology and services (ICTS) transactions subject to Commerce’s broad new authority to block or unwind such transactions, as implemented in the interim final rule, “Securing the Information and Communications Technology and Services Supply Chain.” That interim final rule, which was published on January 19, 2021, became effective on Monday, March 22, 2021, and broadly defines transactions to include acquisition, importation, transfer, installation, dealing in or use of ICTS. We previously discussed that interim final rule here.
Continue Reading Commerce Publishes ANPRM Seeking Comment on the Licensing Process for ICTS Transactions

On January 13, 2021, the Federal Communications Commission (FCC) published a final rule that requires advanced communications providers to review their equipment and services within their networks and either: (1) certify that they do not include any covered equipment; or (2) file an annual report with the FCC that identifies covered communications equipment or services

Today, Commerce has published an interim final rule (IR) which, effective March 22, 2021, will implement the May 15, 2019 Executive Order 13873 that relied on the International Emergency Economic Powers Act (IEEPA) to authorize sweeping power to block or undo any transaction – including use, purchases or importation – of virtually any “information and