When the federal government reopens after a shutdown, the return to “business as usual” is rarely immediate. Agencies face backlogs, funding adjustments, and operational hurdles that can directly impact companies, contractors, and regulated entities. Below we outline several key issues businesses should anticipate in the days and weeks following a reopening of the federal government.
Continue Reading What to Expect When the Government Reopens: Key Considerations for Businesses
Capping off a highly eventful week in Asia, President Donald J. Trump has further reshaped the landscape of U.S. trade with the Asia-Pacific region through a series of new agreements. This latest round of negotiations includes new reciprocal trade deals and market access commitments across Cambodia, Thailand, Malaysia, Vietnam, China, South Korea, and Japan. Some of these agreements build upon the foundation laid by Executive Order 14346 (Sept. 5, 2025). That order provided for zero percent tariffs on products listed in Annex III, once a qualifying trade deal was announced.[1] With some agreements now in place, Annex III of the EO is being actively implemented.
For years, the conversation around health insurer consolidation and vertical integration has simmered through antitrust inquiries, oversight hearings, and policy papers. The Patients Over Profit Act (the “POP Act”)[i], introduced in both chambers of Congress this fall, marks a decisive shift. Rather than regulating insurer-provider integration, the POP Act proposes to ban it outright.
New York City voters ushered in sweeping changes to land use policy in the November mayoral election, approving four major City Charter amendments recommended by the Charter Revision Commission convened by Mayor Eric Adams in December 2024.
The New York City Earned Safe and Sick Time Act (“ESSTA”) is expanding. On October 25, 2025, the ESSTA was amended to provide additional benefits to employees. These amendments go into effect on February 22, 2026, and will require covered New York City employers to adjust practices and leave policies in several key areas, including: (i) employers must grant an additional 32 hours of unpaid leave to new employees upon hire and to all employees at the beginning of each benefit year; and (ii) employers must comply with a broader range of reasons for which employees can use time under ESSTA.
On October 30, the California DFPI announced a consent order against a Nevada-based crypto kiosk operator for alleged violations of the Digital Financial Assets Law and the California Consumer Financial Protection Law. The action follows a DFPI investigation into widespread noncompliance among crypto ATM operators, which the agency has identified as a growing consumer-protection concern.
On October 24, 2025, the Massachusetts Division of Banks (DOB) finalized a suite of regulatory amendments implementing the Massachusetts Money Transmission Act. The final regulations, 209 Mass. Code Regs. §§ 44.00, 45.00, 48.00, and 801 Mass. Code Regs. § 4.02, take effect November 7. The changes establish a uniform licensing and compliance regime for all entities engaged in money transmission, replacing prior requirements that applied only to check cashers, check sellers, and foreign transmittal agencies.
Continue Reading Massachusetts Finalizes Comprehensive Money Transmission Regulations
On October 15, the Oklahoma State Banking Department issued a memo detailing new licensing and compliance obligations for digital kiosk operators. The memo details the requirements under Senate Bill 1083, enacted in May under the Oklahoma Financial Reporting Act, which became effecting on November 1, 2025.
Continue Reading Oklahoma Issues Memo Detailing New Digital Asset Kiosk Licensing Requirements
On October 29, the U.S. District Court for the Eastern District of Kentucky granted a preliminary injunction prohibiting the Consumer Financial Protection Bureau from enforcing its Personal Financial Data Rights Rule, also known as the open banking rule, until the Bureau completes its reconsideration of the rule. The court determined that the plaintiffs, a national bank and two banking associations, demonstrated a likelihood of success on several claims, including that the rule exceeds the Bureau’s authority under the Dodd-Frank Act and is arbitrary and capricious under the Administrative Procedure Act.
Continue Reading Federal Court Halts Implementation of CFPB’s Open Banking Rule
On November 3, the U.S. District Court for the Northern District of West Virginia granted class certification certified a statewide class of borrowers challenging a credit union’s alleged assessment of unauthorized “pay-to-pay” fees under the West Virginia Consumer Credit and Protection Act. The plaintiff alleged that the institution imposed a 5 dollar fee each time consumers made monthly payments by phone or other electronic means, even though neither the loan agreement nor any statute authorized the charge.
Continue Reading West Virginia Federal Court Certifies Class Action Challenging “Pay-to-Pay” Fees
On October 27, 2025, amendments to Delaware’s Medical Debt Protection Act took effect, establishing a total ban on the inclusion of medical debt in consumer credit reports. The amendments, enacted through Senate Substitute 1 for Senate Bill 156, revise Delaware’s consumer protection laws to prohibit both the furnishing and use of medical-debt information by consumer reporting agencies.
Continue Reading Delaware Bans Medical Debt from Consumer Credit Reports
On October 28, 2025, the State of Texas filed a complaint against Johnson & Johnson and Kenvue, Inc. (“Kenvue”)—formerly the consumer health division of Johnson & Johnson, and now in the process of being acquired by Kimberly-Clark—alleging deceptive marketing and fraudulent financial moves related to Tylenol (acetaminophen) (the “Lawsuit”).[1] Texas claims these companies hid the drug’s risks to unborn and young children—especially links to autism and Attention-Deficit/Hyperactivity Disorder (“ADHD”)—while promoting Tylenol as safe.
On October 28, 2025, the U.S. Court of Appeals for the Ninth Circuit upheld the structure and authority of the National Labor Relations Board (“NLRB”) against three constitutional challenges in NLRB v. North Mountain Foothills Apartments LLC (9th Cir. Oct. 28, 2025).
As Russian Energy Week concluded last week, Western governments strike to the heart of Russia’s energy sector with sanctions packages to cut of revenue that funds Russia’s continued war against Ukraine. Three significant packages were announced in October 2025: the U.S.’s sanctions targeting the Russian energy sector, the UK’s latest sanctions against the Russian oil industry, and the EU’s 19ᵗʰ package of sanctions.
Continue Reading Striking Russian Oil and The Ripple Effects
Federal enforcement of the False Claims Act (FCA) against healthcare and pharmaceutical companies—especially based on alleged Anti-Kickback Statute (AKS) violations—continues to change, with the Regeneron Pharmaceuticals case at the forefront of recent developments. Recall that in Regeneron, the government alleges that the pharmaceutical company is illegally subsidizing copayments for Medicare beneficiaries by making large donations to third party foundations offering copay assistance to strategically steer patients to its high-cost specialty drug, Eylea, instead of lower-cost alternatives, resulting in alleged FCA liability based on an AKS violation. After the First Circuit held that a FCA plaintiff in an AKS-based FCA case must prove “actual causality, which in ordinary course takes the form of but-for causation,” United States v. Regeneron Pharms., Inc., 128 F.4th 324, 330 (1st Cir. 2025), the government is trying—again—to avoid having to prove a causal link between the alleged AKS violation and damages (i.e., financial harm to a government program). The government’s recent summary judgment brief in the United States District Court for the District of Massachusetts provides a detailed look at both its evolving legal theory and the practical compliance lessons for pharmaceutical manufacturers, providers, and health systems.
Continue Reading Regeneron, the False Claims Act, and a New Era in Government Enforcement
On October 21, the NYDFS issued new cybersecurity guidance addressing the growing risks associated with regulated entities’ reliance on third-party service providers (TPSPs). The guidance clarifies compliance obligations under the New York Cybersecurity Regulation and outlines best practices for managing cybersecurity risk across the third-party relationship lifecycle.
Continue Reading NYDFS Issues Cybersecurity Guidance on Third-Party Service Provider Risk