The UK Treasury is drafting rules to bring crypto under the FCA supervision, starting in 2027. Digital assets will be regulated similar to other financial products under the legislation, the finance ministry said in a statement.
Reuters reported Monday that Britain is moving to formally regulate crypto from October 2027.
The move would provide “clear rules of the road” and keep “dodgy actors” out of the market, said Chancellor Rachel Reeves. She added that the rules will hand “strong consumer protections.”
“Bringing crypto into the regulatory perimeter is a crucial step in securing the UK’s position as a world-leading financial centre in the digital age,” the Chancellor noted.
Britain seeks to collaborate with the US to foster crypto regulation and innovation through the “Transatlantic Taskforce”. The UK will introduce a draft bill into Parliament later today.
Crypto Regulation Under FCA Supervision
The new set of rules would place crypto firms, including exchanges and digital wallets, under the purview of the Financial Conduct Authority (FCA).
This means the crypto services are regulated in the same way as other financial products, including by being subject to transparency standards, The Guardian reported.
Lucy Rigby, the minister for the City of London, said that these new rules “will give firms the clarity and consistency they need to plan for the long term.”
Besides, recent data from the financial regulator shows around 12% of UK adults hold some form of cryptocurrency, a figure that has risen steadily in recent years.
As a result, the UK formally recognized Bitcoin and crypto assets as legal property under a new Act of Parliament. Under the law, digital assets can be owned, inherited, and recovered.
The Japanese far-right has emerged as a radical challenger to the conservative socio-political landscape, long dominated by the incumbent Liberal Democratic Party.
In federal courtrooms across America, a pattern has emerged in cases in which immigrants are being rounded up and jailed without a hearing. That’s a departure from fundamental constitutional protections in the U.S. that provide the right to a hearing before indefinite imprisonment.
Japan is preparing its most sweeping overhaul of crypto oversight in almost a decade, setting the stage for a system that would treat digital assets far more like traditional investment products.
The move follows months of government deliberations and a series of regulatory proposals that have emerged steadily across 2024 and 2025.
Together, they show a decisive shift in how the country intends to manage trading activity, exchange operations, and investor protection.
FSA Pushes for Stricter Token Disclosure to Address Speculation and Risk
The latest step came this week after the Financial Services Agency released a detailed report from the Financial System Council’s Working Group.
The document lays out a plan to move crypto regulation away from the Payment Services Act, which has governed the sector since 2016, and into the Financial Instruments and Exchange Act.
This change would place cryptocurrencies under the same legal umbrella used for securities trading, disclosures, and market conduct rules. Regulators said the shift reflects how the market has changed, noting that most users now engage with crypto as an investment.
Government data shows more than 86% of domestic users trade with an expectation of long-term price gains, while deposits across registered platforms have surpassed five trillion yen.
The Working Group concluded that the current framework no longer matches the risks posed by a sector dominated by speculative trading, large investor inflows, and complex token issuance schemes.
By placing crypto inside the securities rulebook, authorities intend to impose stricter disclosure requirements, particularly for token sales conducted by exchanges.
The report singles out initial exchange offerings, stressing the need for pre-sale information, independent code audits, and clearer descriptions of who controls a project.
Even fully decentralized assets would come under closer scrutiny, with exchanges responsible for giving users neutral risk assessments based on verifiable data.
These provisions would apply to exchange employees, token developers, and other related parties who may access undisclosed information.
The approach mirrors ongoing reforms in Europe and South Korea, where authorities have already introduced insider-trading standards for the digital asset sector.
Japan Opens Door for Financial Giants’ Subsidiaries Under the New Rule
Exchanges operating in Japan would face standards similar to brokers dealing in securities. They would be required to assess users’ risk tolerance before permitting complex or highly volatile trading.
The plan also introduces investment limits for token offerings that have not completed financial audits, an effort to prevent retail users from being exposed to sudden selling pressure once trading begins.
Traditional financial institutions are expected to play a greater role as well. While banks and insurers will remain barred from running exchanges directly, regulators intend to let their subsidiaries offer crypto trading through highly supervised channels.
The planned transition comes alongside a series of related policies that have unfolded over recent months.
In November, the FSA proposed a registration system for custody providers and outsourced trading software firms after last year’s DMM Bitcoin breach exposed weaknesses in third-party systems.
Japan intends to require crypto exchanges to hold reserves to cover customer losses, tightening safeguards against hacks and operational failures.#Japan#CryptoRegulationshttps://t.co/g9rmxG2kbw
Tax reform is also advancing. The government is preparing to replace the current progressive tax rate, which can rise to 55%, with a flat 20% levy on crypto gains beginning in 2026.
The US Treasury’s Financial Crimes Enforcement Network (FinCEN) has fined peer-to-peer crypto marketplace Paxful $3.5 million.
Key Takeaways:
FinCEN fined Paxful $3.5M for willfully enabling over $500M in suspicious crypto transfers.
Regulators said Paxful ignored basic AML rules, including MSB registration and SAR filings.
Paxful later shut down amid regulatory pressure, staff losses, and internal legal disputes.
The regulator accused the company of willfully violating federal anti-money laundering laws and allowing more than $500 million in suspicious transfers linked to high-risk jurisdictions and criminal activity.
According to FinCEN, Paxful facilitated transactions tied to Iran, North Korea, Venezuela, and even Backpage.com, the notorious classifieds site seized in 2018 for enabling sex trafficking.
Regulators said Paxful failed to implement even the most basic requirements of the Bank Secrecy Act (BSA), including registering as a money services business, maintaining an anti-money-laundering program, and filing suspicious activity reports.
“For years, Paxful disregarded its BSA obligations and facilitated transactions associated with illicit activity and high-risk jurisdictions,” FinCEN Director Andrea Gacki said.
Paxful acknowledged that it willfully violated federal law. The consent order highlights major compliance lapses during the years in which Paxful operated without adequate oversight, largely due to failures by former leadership.
FinCEN said the company has since taken steps to correct past misconduct, including firing senior figures responsible for the violations and conducting an internal review to identify suspicious activity previously left unreported.
Regulators from multiple federal agencies assisted in the case, including the Justice Department’s Money Laundering and Narcotics section, the US Attorney’s Office for the Eastern District of California, and Homeland Security Investigations.
— Financial Crimes Enforcement Network (FinCEN) (@FinCENnews) December 9, 2025
The agency emphasized that firms involved in digital assets must adjust their controls to match the risks inherent in dealing with crypto, especially exposure to sanctioned jurisdictions and anonymous transfers.
CEO Ray Youssef cited multiple factors behind the shutdown, including major staff departures, increasingly burdensome US regulatory requirements, and a lawsuit filed by a co-founder, reportedly Artur Schaback.
He said compliance demands had grown so intense that even dedicating a quarter of Paxful’s workforce to compliance was not enough.
The company also lacked the resources to continue operating while blocking US users, making a full marketplace suspension unavoidable.
B.C. Seizes Over $1M in Gold, Cash Linked to QuadrigaCX Co-Founder
As reported, British Columbia has secured a major legal victory after obtaining a court order to seize more than $1 million in gold, cash, and luxury goods tied to QuadrigaCX co-founder Michael Patryn.
The forfeiture comes under the province’s unexplained wealth order regime, which requires individuals to prove their assets were acquired lawfully.
Patryn chose not to contest the action, allowing authorities to move forward with liquidating the seized items.
The seized assets were discovered in a Vancouver safety deposit box and included 45 gold bars, luxury watches, jewelry, and a loaded .45-caliber pistol.
At today’s prices, the gold alone is worth over $800,000. The province’s civil forfeiture office alleges these items were purchased using misappropriated QuadrigaCX customer funds, citing evidence gathered during a broader RCMP investigation.
미국 정부가 25%의 수출세를 부과하는 조건으로 엔비디아의 H200 AI 칩의 중국 수출을 허용하기로 했다. 이번 정책 변화가 세계 최대 AI 시장 중 하나인 중국으로 글로벌 수요를 일부 재편시키고, 이미 부족한 GPU 재고 확보 경쟁을 더욱 심화시킬 수 있다는 전망이 나오고 있다.
이번 조치로 2026년 인프라 업그레이드를 계획 중인 기업은 H200 공급이 다시 부족해질 경우 가격 인상이나 리드타임 확대에 대비해야 하는지 고민해야 하는 상황이 됐다.
도널드 트럼프 미국 대통령은 소셜미디어 ‘트루스 소셜(Truth Social)’ 게시글에서 “우리는 국가안보를 지키고, 미국 내 일자리를 창출하며, AI 분야에서 미국의 우위를 유지할 것”이라고 밝혔다.
다만 트럼프는 엔비디아의 최고 성능 칩 수출은 허용하지 않았다. 그는 “엔비디아의 미국 고객은 이미 놀라울 정도로 발전된 블랙웰(Blackwell) 칩과 곧 출시될 루빈(Rubin)으로 나아가고 있으며, 이들 제품은 수출 허용 조치에 포함되지 않는다”라고 설명했다.
또한 트럼프는 H200 승인 물량이나 수출 심사 방식에 대해 구체적으로 언급하지 않았다. 중국 수출이 일부 재개될 경우 미국과 유럽의 물량 확보가 다시 어려워질지에 대해서는 분석가들이 상황을 면밀히 지켜보는 분위기다.
트럼프는 미국 상무부가 세부 절차를 마무리 중이라며 “AMD, 인텔을 포함한 다른 미국 기업에도 동일한 기준이 적용될 것”이라고 전했다.
수요 재편 가능성은?
중국 기업이 실제로 얼마나 수요를 창출할지는 여전히 불확실하다. 정부가 최근 자국 기술 기업의 미국 칩 의존도를 낮추도록 유도하고 있기 때문이다.
포레스터(Forrester) 부사장이자 수석 애널리스트인 찰리 다이는 “중국이 다시 H200을 확보할 수 있게 되더라도 글로벌 공급에 미치는 영향은 크지 않을 것”이라면서, “중국이 현재 자국 AI 칩을 우선시하고 있으며, H200은 성능과 시장 매력도 측면에서 엔비디아의 블랙웰급 시스템보다 한 단계 아래에 있다”라고 분석했다.
다이는 “일부 물량 조달 압박이 생길 수는 있지만, 중국 외 국가의 기업 대부분은 당분간 가격이나 리드타임 측면에서 큰 변동을 겪지 않을 것”이라고 덧붙였다.
카운터포인트리서치(Counterpoint Research) 부사장이자 파트너인 닐 샤도 중국 AI 생태계의 구조적 변화가 진행되고 있어 단기적인 수요 급증 가능성은 낮다고 진단했다.
샤는 “중국 AI 생태계는 반도체부터 소프트웨어 스택까지 빠르게 미국을 따라잡고 있으며, 모델 역시 실리콘과 소프트웨어에 최적화되고 있다”라며, 중국 기업이 미국산 AI 서버 도입을 거듭 고민할 가능성이 있다고 분석했다.
한편 일부 전문가는 고성능 가속기 공급이 여전히 부족한 가운데 데이터센터 구축도 늘고 있어, 중국의 일부 수요만으로도 글로벌 물량 조달이 더 빠듯해질 수 있다고 경고했다.
테크인사이츠(TechInsights) 반도체 부문 애널리스트 마니시 라와트는 “중국 기업이 H200을 구매할 수 있게 되면 글로벌 공급 구조가 빠르게 긴장될 것”이라고 말했다. 그는 “중국은 지금까지 최대 규모의 가속기 수요 시장이었고, 오랜 제한 이후 중국 클라우드 업체가 공격적이고 선제적인 주문을 넣을 가능성이 크다. 이는 단기 공급 증가 없이 수요만 급증시키는 구조를 만들고, 향후 2~3개 분기 동안 공급 부족을 심화시킬 것”이라고 분석했다.
라와트는 이런 변화가 엔비디아의 물량 배분 우선순위에도 영향을 미칠 것이라고 분석했다. 엔비디아는 전통적으로 주요 클라우드 업체와 전략 시장을 우선하는데, 중국이 다시 구매하기 시작하면 미국·유럽·중동의 클라우드 업체가 제한된 H200 물량을 두고 더욱 직접적으로 경쟁하게 될 수 있다는 것이다.
라와트는 “기업 고객은 원래도 우선순위가 가장 낮기 때문에 더 긴 리드타임, 지연된 배송 일정, 약해진 가격 협상력을 감수해야 하는 상황이 올 것”이라고 말했다.
조달 리스크에 대비한 전략 필요
2026년 인프라 교체 주기를 앞두고 기업은 공급 측면의 불확실성을 일정 부분 감안해야 하지만, 전문가들은 과도한 대응을 피해야 한다고 조언한다.
다이는 공급처를 다각화하고 벤더와 일찍 협의하는 것이 바람직하다면서도, 물량 비축이나 고가 선주문처럼 극단적인 조치를 취할 필요는 없다고 말했다. 그는 “리드타임이 소폭 늘어날 수는 있지만 전체적인 조달 상황은 H200의 안정적 공급을 전제로 판단해도 될 것”이라고 설명했다.
그러나 일부 전문가는 중국의 수요가 다시 증가할 경우 기업이 이를 조달 계획에 반드시 반영해야 한다고 경고했다.
라와트는 중국이 구매에 참여하게 되면 클라우드 업체 간 경쟁과 제한된 HBM·패키징 생산능력 때문에 H200 리드타임이 6~9개월까지 늘어날 수 있다고 전망했다. 그는 기업이 2026년 배정 물량을 미리 확보하고, 가격과 납기 조건이 포함된 프레임워크 계약을 체결하는 것이 안전하다고 조언했다.
라와트는 “엔비디아가 주요 클라우드 업체를 우선하면 기업 배정 물량은 줄어들 수 있다. 통합업체가 프리미엄을 붙이거나 서로 다른 세대의 GPU를 혼합해 공급할 가능성도 있다”라고 말했다. 따라서 기업이 다세대 배포 전략을 마련하고, 대체 가능한 SKU도 준비해 둬야 한다고 설명했다.
그는 또 심각한 공급 부족이 아니더라도 고가 체제가 상당 기간 지속될 가능성이 높다고 분석하면서, “기업은 다년 계약으로 가격을 고정하고, 비용 대비 성능을 고려해 대체 아키텍처도 검토해야 한다”라고 말했다. dl-ciokorea@foundryco.com
Derrin Robinson has worked in Oregon elections for more than 30 years, long enough to remember when voters in the state cast their ballots at physical polling sites instead of by mail.
As the nonpartisan clerk of Harney County, a vast, rural expanse larger than Massachusetts, Robinson oversees elections with about 6,000 registered voters. Oregon has exclusively conducted elections by mail since 2000, a system he thinks works well, requires fewer staff and doesn’t force voters to travel through treacherous weather to reach a polling place.
Talks on the United States’ long-awaited crypto market structure bill have entered another tense stretch, with Sen. Bernie Moreno saying negotiations have become “decently frustrating” as lawmakers struggle to align on the next major step for digital-asset regulation.
Speaking Monday at the Blockchain Association Policy Summit in Washington, D.C., Moreno said he does not want Congress to advance a weak bill simply to show progress, adding that “no deal is better than a bad deal.”
He is scheduled to meet with Democrats on Tuesday to determine whether the two sides can break the recent deadlock.
Progress Slows on Crypto Oversight Bill Despite Earlier Bipartisan Momentum
Earlier this year, Lawmakers to pass a stablecoin law marking a rare moment of bipartisan agreement.
However, the broader market structure bill, intended to decide which federal agency has jurisdiction over different types of crypto assets and how consumer protections should be applied, has been difficult to finalize.
Both the House and Senate have their own versions, and lawmakers will need to resolve these differences before the bill can move toward.
The House passed its version, the Digital Asset Market Clarity Act, in July. The bill gives the Commodity Futures Trading Commission primary authority over digital commodities and preserves the Securities and Exchange Commission’s power over fundraising and token issuances.
GENIUS Act, Anti-CBDC Act, and CLARITY Act pass crucial procedural vote 215-211 in Congress after Trump's decisive Oval Office intervention rescues stalled crypto agenda.#GeniusAct#Trumphttps://t.co/Lm2tCBbimp
The Senate Banking Committee, where Moreno sits, has its own draft that introduces the term “ancillary assets” in an effort to define which tokens should not be treated as securities.
There was brief optimism last week when Senate Banking Committee Chair Tim Scott told attendees at a “Crypto Christmas” event that there was a realistic path to hold a markup hearing on December 17 or 18.
But other members are less confident. Sen. Mark Warner said on Monday that completing a markup before the holidays would be difficult, in part because lawmakers are still waiting for the White House’s language on quorum and ethics provisions.
Industry lawyers have also raised concerns about unresolved issues in the bill, including how stablecoin yield products should be treated and how decentralized finance should be regulated.
Congress Faces Tightening Window as Political Friction Slows U.S. Crypto Rulemaking Efforts
Democratic lawmakers have launched a new probe into former President Donald Trump’s growing involvement in the crypto industry.#Crypto#Regulationhttps://t.co/Wli5QqlNdu
His family’s involvement in a stablecoin project and a mining firm has fueled questions about potential conflicts of interest. The debate has added another layer of tension as Congress attempts to write rules that would shape the industry for years.
The negotiations are unfolding at a time when the U.S. is trying to put a more permanent structure around the digital-asset market.
Earlier this year, the GENIUS Act became law, marking the country’s first attempt at a federal framework for stablecoins. The law requires stablecoin issuers to hold full reserves, undergo monthly audits, and follow strict anti-money-laundering rules.
Even with that, lawmakers say time is running short. Sen. Thom Tillis warned that Congress has only a small window to move forward. He said that if discussions continue into February, the election season could bring everything to a stop.
The US will allow Nvidia’s H200 AI chips to be exported to China with a 25 percent fee, a policy shift that could redirect global demand toward one of the world’s largest AI markets and intensify competition for already limited GPU inventories.
The move raises fresh questions about whether enterprise buyers planning 2026 infrastructure upgrades should brace for higher prices or longer lead times if H200 supply tightens again.
“We will protect National Security, create American Jobs, and keep America’s lead in AI,” US President Donald Trump said in a post on his Truth Social platform.
Trump stopped short of allowing exports of Nvidia’s fastest chips, however, saying, “Nvidia’s US Customers are already moving forward with their incredible, highly advanced Blackwell chips, and soon, Rubin, neither of which are part of this deal.”
He did not say how many H200 units will be cleared or how export vetting will work, leaving analysts to gauge whether even a partial reopening of the Chinese market could tighten availability for buyers in the US and Europe.
Trump added that the Commerce Department is finalizing the details, noting that “the same approach will apply to AMD, Intel, and other GREAT American Companies.”
Shifting demand scenarios
What remains unclear is how much demand Chinese firms will actually generate, given Beijing’s recent efforts to steer its tech companies away from US chips.
Charlie Dai, VP and principal analyst at Forrester, said renewed H200 access is likely to have only a modest impact on global supply, as China is prioritizing domestic AI chips and the H200 remains below Nvidia’s latest Blackwell-class systems in performance and appeal.
“While some allocation pressure may emerge, most enterprise customers outside China will see minimal disruption in pricing or lead times over the next few quarters,” Dai added.
“The Chinese ecosystem is catching up fast, from semi to stack, with models optimized on the silicon and software,” Shah said. Chinese enterprises might think twice before adopting a US AI server stack, he said.
Others caution that even selective demand from China could tighten global allocation at a time when supply of high-end accelerators remains stretched, and data center deployments continue to rise.
“If Chinese buyers regain access to H200 units, global supply dynamics will tighten quickly,” said Manish Rawat, semiconductor analyst at TechInsights. “China has historically been one of the largest accelerator demand pools, and its hyperscalers would likely place aggressive, front-loaded orders after a prolonged period of restricted access. This injects a sudden demand surge without any matching increase in near-term supply, tightening availability over the next 2–3 quarters.”
Rawat added that such a shift would also reshape Nvidia’s allocation priorities. Nvidia typically favors hyperscalers and strategic regions, and reintroducing China as a major buyer would place US, EU, and Middle East hyperscalers in more direct competition for the limited H200 supply.
“Enterprise buyers, already the lowest priority, would face longer lead times, delayed shipment windows, and weaker pricing leverage,” Rawat said.
Planning for procurement risk
For 2026 refresh cycles, analysts say enterprise buyers should anticipate some supply-side uncertainty but avoid overcorrecting.
Dai said diversifying supply and engaging early with vendors would be prudent, but said extreme measures such as stockpiling or placing premium pre-orders are unnecessary. “Lead times may tighten marginally, but overall procurement scenarios should assume steady availability of H200,” he said.
Others, however, warn that renewed Chinese demand could still stretch supply in ways enterprises need to factor into their planning.
Renewed Chinese access could extend H200 lead times to six to nine months, driven by hyperscaler competition and limited HBM and packaging capacity, Rawat said. He advised enterprises to pre-book 2026 allocation slots and secure framework agreements with fixed pricing and delivery terms.
“If Nvidia prioritizes hyperscalers, enterprise allocations may shrink, with integrators charging premiums or mixing GPU generations,” Rawat said. “Companies should prepare multi-generation deployment plans and keep fallback SKUs ready.”
A sustained high-pricing environment is likely even without dire shortages, Rawat added. “Enterprises should lock multi-year pricing and explore alternative architectures for better cost-performance flexibility,” he said.
Editor’s note: We published this article nearly three months ago, on 10 September 2025. The recent revelations about the killing, on 2 September, of two survivors who were clinging to a sinking shipwreck after their boat had been destroyed in the initial attack by U.S. forces, highlight the deeper problems with the Trump administration’s approach of using military force to deal with what is essentially a law-enforcement issue.
A largely overlooked directive issued by the Trump administration marks a major shift in U.S. counterterrorism policy, one that threatens bedrock free speech rights enshrined in the Bill of Rights.
President Donald Trump continues to use his pardon powers in remarkable ways. Now he has pardoned former Honduran President Juan Orlando Hernández, who was sentenced to 45 years in prison for drug trafficking.
Cato asked me to write a statement on this development and here is what I wrote:
President Donald Trump premised his mass deportation agenda on the idea that he will be “returning millions and millions of criminal aliens.” Department of Homeland Security (DHS) Secretary Kristi Noem has repeatedly claimed that they are arresting the “worst of the worst.” New nonpublic data from Immigration and Customs Enforcement (ICE) lea
Since January 2025, the Justice Department has been aggressively holding federal contractors accountable for violating cybersecurity violations under the False Claims Act.
Over the last 11 months, the Trump administration has announced six settlements out of the 14 since the initiative began in 2021.
Sara McLean, a former assistant director of the DOJ Commercial Litigation Branch’s Fraud Section and now a partner with Akin, said the Trump administration has made a much more significant push to hold companies, especially those that work for the Defense Department, accountable for meeting the cyber provisions of their contracts.
Sara McLean is a former assistant director of the DOJ Commercial Litigation Branch’s Fraud Section and now is a partner with Akin,
“I think there are going to be a lot more of these announcements. There’s been a huge uptick just since the beginning of the administration. That is just absolutely going to continue,” McLean said during Federal News Network’s Risk & Compliance Exchange 2025.
“The cases take a long time. The investigations are complex. They take time to develop. So I think there are going to be many, many, many more announcements, and there’s a lot of support for them. Cyber enforcement is now embedded in what the Justice Department does every day. It’s described as the bread and butter by leadership.”
A range of high-profile cases
A few of the high-profile cases this year so far include a $875,000 settlement with Georgia Tech Research Corp. in September and a $1.75 million settlement in August with Aero Turbine Inc. (ATI), an aerospace maintenance provider, and Gallant Capital Partners, a private equity firm that owned a controlling stake in ATI during the time period covered by the settlement.
McLean, who wouldn’t comment on any one specific case, said in most instances, False Claims Act allegations focus on reckless disregard for the rules, not simple mistakes.
“We’ve seen in some of the more recent announcements new types of fact patterns. What happens is when announcements are made that DOJ has pursued a matter and has resolved a matter, that often leads to the qui tam relators and their attorneys finding more matters like that and filing them,” said McLean who left federal service in October after almost 27 years. “It’ll be interesting to see if these newer fact patterns yield more cases that are similar.”
Recent cases that involve the security of medical devices or the qualifications of cyber workers performing on government contracts are two newer fact patterns that have emerged over the last year or so.
Launched in 2021, the Justice’s Civil-Cyber Fraud initiative uses the False Claims Act to ensure contractors and grantees meet the government’s cybersecurity requirements.
President Joe Biden signed an executive order in May 2021 that directed all agencies to improve “efforts to identify, deter, protect against, detect and respond to” malicious cyberthreats.
130 DOJ lawyers focused on cyber
Justice conducted a 360 review of cyber matters and related efforts, and one of the areas that emerged was to use the False Claims Act to hold contractors and grantees accountable and drive a change in behavior.
“The motivation was largely to improve cybersecurity and also to protect sensitive information, personal information, national security information, and to ensure a level playing field, so that you didn’t have some folks who were meeting the requirements and others who were not,” McLean said.
“It was to ensure that incidents were being reported to the extent the False Claims Act could be used around that particular issue. Because the thought was that would enable the government to respond to cybersecurity problems and that still is really the impetus now behind the enforcement.”
McLean said the Civil-Cyber Fraud initiative is now embedded as part of the DOJ’s broader False Claims Act practice. It has about 130 lawyers, who work with U.S. attorney’s offices as well as agency inspectors general offices.
Typically, an IG begins an investigation either based on a qui tam or whistleblower filing, or a more traditional review of contracts and grants.
The IG will assign agents and DOJ lawyers will join as part of the investigative team.
McLean said the agents are on the ground, interviewing witnesses and applying all the resources that come from the IGs. DOJ then decides, based on the information the IGs bring back, to either take some sort of action, such as intervening in a qui tam lawsuit and taking it over, or to decline or settle with a company.
“They go back to the agency for a recommendation on how to proceed. So it’s really the agencies and DOJ who are really in lockstep in these matters,” she said. “DOJ is making the decision, but it’s based on the recommendation of the agencies and with the total support of the agencies.”
Many times, Justice decides to intervene in a case or seek a settlement depending on whether the company in question has demonstrated reckless disregard for federal cyber rules and regulations.
McLean said a violation of the False Claims Act requires only reckless disregard, not intentional fraud.
“It’s critically important for anyone doing business with the government, especially those who are signing a contract and agreeing to do something, to make sure that they understand what that is, especially in the cybersecurity area,” she said. “What they’ve signed on to can be quite complicated. It can be legally complicated. It can be technically complicated. But signing on the dotted line without that understanding is just a recipe for getting into trouble.”
When a whistleblower files a qui tam lawsuit, McLean said that ratchets up the entire investigation. A whistleblower can be entitled to up to 30% of the government’s recovery, whether through a decision or a settlement.
Self-disclosures encouraged
If a company doesn’t understand the requirements and doesn’t put any resources into trying to understand and comply with them, that can lead to a charge of reckless disregard.
“When it comes to employee qualifications, it’s the same thing. If a contract says that there needs to be this level of education or there needs to be this level of experience, that is what needs to be provided. Or a company can get into trouble,” McLean said.
“The False Claims Act applies to making false claims and causing false claims. It’s not just the company that’s actually directly doing business with the government that needs to worry about the risk of False Claims Act liability, because a company that’s downstream, like a subcontractor who’s not submitting the claims to the government, could be found liable for causing a false claim, or, say, an assessor could be found liable for causing a false claim, or a private equity company could be found liable for causing a false claim. There are individuals who can be found liable for causing and submitting false claims.”
She added that False Claims Act allegations can apply not only to just the one company that has the direct relationship with the government but also to their partners if they are not making a good faith effort to comply.
But when it’s a mistake, maybe an overpayment or something similar, the company can usually claim responsibility and address the problem quickly.
“DOJ has policies of giving credit in False Claims Act settlements for self-disclosure, cooperation and remediation. That is definitely something that is available and that companies have been definitely taking advantage of in this space,” McLean said. “DOJ understands that there’s more focus on cybersecurity than there used to be, and so there are companies that maybe didn’t attend to this as much as they now wish they had in the past. The companies discover that they’ve got some kind of a problem and want to fix it going forward, but then also figure out, ‘How do I make it right and in the past?’ ”
McLean said this is why vendors need to pay close attention to how they comply with the DoD’s new Cybersecurity Maturity Model Certification.
She said when vendors sign certifications that they are complying with CMMC standards without fully understanding what that means, that could be considered deliberate ignorance.
“Some courts have described it as gross negligence. Negligence would be a mistake. I don’t know if that helps for the for the nonlawyers, but corporations which do not inform themselves about the requirements or not taking the steps that are necessary, even if it’s not through necessarily ill intent, but it’s not what the government bargained for, and it’s not just an accident. It’s a little bit more than that, quite a bit more than that,” she said.
“The one thing that’s important about that development is it does involve more robust certifications, and that is something that can be a factor in a case being a False Claims Act and a case being more or less likely to be one that the government would take over. Because signing a certification when the information is not true starts to look like a lie, which starts to look like the more intentional type of fraud … rather than a mistake. It looks reckless to be signing certifications without doing this review to know that the information that’s in there is right.”
In mid-July 1941, anti-interventionist Senator Burton Wheeler (D‑MT) sent 1,000,000 postcards to Americans across the country, urging them to write President Franklin Roosevelt to keep America out of the raging war in Europe. Two of those postcards were received, respectively, by Staff Sergeant William L. White at Fort Benning, Georgia, and 1st Lieutenant Alford T. Hearns at Fort McIntosh, Texas.
In an unprecedented step, the Department of Defense announced online on Nov. 24, 2025, that it was reviewing statements by U.S. Sen. Mark Kelly, a Democrat, who is a retired Navy captain, decorated combat veteran and former NASA astronaut.
The Trump administration wants access to state driver’s license data on millions of U.S. residents as it builds a powerful citizenship verification program amid its clampdown on voter fraud and illegal immigration.
The U.S. Department of Homeland Security seeks access to an obscure computer network used by law enforcement agencies, according to a federal notice, potentially allowing officials to bypass negotiating with states for the records.
Login
