Against this background, boards and executive teams should ask themselves two broad sets of questions. The first concerns what steps are being taken to remain resilient and support customers through near-term economic pressures; and the second, whether their own strategic plans align with medium-term structural changes in their operating environment.

Indeed, a strong grasp of the ever-evolving regulatory environment must inform how financial services firms answer these questions.

Near-term economic pressures

Disruptive economic factors will command attention in the near term. The credit risk outlook is increasingly precarious, and lenders will need to be able to demonstrate to supervisors how they are managing the associated risks. Many insurers and investment funds will also face credit-related pressures in their portfolios and may need to boost their credit teams if the volumes of defaults and corporate restructurings begin to rise.

Where credit risks crystallize, they will feed through to regulatory capital positions. Firms will also need to be vigilant for sudden bouts of volatility within the capital markets.

Central banks and regulators will be working hard to understand market vulnerabilities, with continued stress-testing of individual firms, funds, and the wider system. Margining practices will be under scrutiny.

There is also a major conduct risk component to the current economic situation, with consumers feeling the cost-of-living squeeze. Conduct supervisory standards are substantially higher now than in previous downturns, and firms will rightly be expected to support their customers through a period of economic hardship.

This is a particular dilemma for lenders, who will need to make judgements about when and how to exercise forbearance. It will also be a challenge for insurers, who may see rising numbers of policyholders struggling to cover their premiums, creating the possibility of protection gaps that will draw supervisory attention.

Embedding climate & nature risks

Climate and nature risks will increasingly shape the financial services operating environment. Less advanced firms may find themselves given progressively less leeway for shortcomings in the year ahead.

Efforts are underway in numerous arenas to improve the structure and content of transition plans, and firms will need to shift gears to keep up with new rules, guidelines, and greater supervisory scrutiny.

Firms will also need to keep an eye on the still-evolving nature-related risk disclosure framework being developed by the Taskforce on Nature-Related Financial Disclosures, a financial services industry advisory group whose members represent more than $20 trillion in assets. The Taskforce’s risk disclosure framework is due to be finalized in Fall 2023.

Technology transforming the sector

Technology enables firms to provide new and better products and services, develop deeper insights, and do so ever-more efficiently. However, as supply chains and delivery services models become more complex, both the regulatory regime and firms’ risk management and control frameworks have struggled to maintain pace with technological innovation.

Nowhere is this clearer than in relation to digital (and particularly crypto) assets. Regulated firms have increasingly been engaging with an evolving ecosystem of digital asset technology providers and developing client offerings. The European Union’s Markets in Crypto-Assets framework will enter into force this year, but a further regulatory response may be needed to tackle issues such as leveraged trading and crypto-lending as regulatory uncertainty and gaps will persist.

In the United Kingdom, meanwhile, the Financial Services and Markets Bill, once passed, will give authorities the power to oversee digital assets markets. The secondary legislation that will clarify which activities and market participants they will regulate, however, is yet to emerge.

The transition period for the U.K.’s operational resilience framework will soon enter its second year, and U.K.-based firms need to demonstrate measurable progress with regards to important business services. The 24-month implementation period for the E.U.’s Digital Operational Resilience Act begins this month, and firms within the E.U. will need to begin their work post-haste to be on track for the early 2025 deadline.

The resilience of the delivery of financial services in which third-party suppliers are involved is a major issue. In some cases, firms will need to develop contingency exit strategies and business continuity plans for third-party exposures, including substitute service delivery methods.

Long-standing concerns about model risk management also now have a distinctly technological flavor, with supervisors scrutinizing how firms are deploying artificial intelligence and machine learning. When finalized later this year, the U.K. Prudential Regulation Authority’s (PRA) proposed principles on model risk management will require a large amount of work to catalogue, categorize, and risk-assess models that for some firms could number in the thousands given the PRA’s expansive definition of model.

A general principle will be relevant for firms across all sectors and regions: people, and not models, should be responsible for decision-making. Boards and executive teams should be able to demonstrate that they understand the functioning of their models, including those based on new technologies such as machine learning.

Rising geopolitical tensions

Finally, rising geopolitical tensions will continue to be another feature of the changing risk environment in which financial services firms are operating. International markets are increasingly fragmenting, as nations and business leaders look at how to build supply chain resilience and security through greater localization of production and supply.

Given the volume of alerts generated by transaction monitoring systems, the inherent limitations of legacy systems and data, and strengthened baseline expectations, it is no wonder that some firms feel they are having to run ever-faster just to keep up. The status quo does not appear sustainable, and operating model reform will need to be part of the response, including considering changes to internal structures, resourcing models, and technology strategies.

Resilience and strength

Financial service firms face many headwinds as the new year begins but will do so from a position of resilience and strength, having successfully navigated the vicissitudes of the last three years. The major challenge will be to navigate the choppy near-term waters without losing sight of the medium-term processes of structural change playing out in relation to geopolitics, technology, and sustainability.

Regulation continues to be a major force that will shape the operating environment for financial services, and an integrated view of the regulatory landscape — as well as an ability to connect such a view with business strategy decisions — remain imperative for firms looking to stay at the forefront of the industry.

This blog post was taken in part from a recent report written by David Strachan & Suchitra Nair of Deloitte. You can sign up to receive Deloitte’s Financial Markets Regulatory Outlook report, due to be published later in January, here.

Indeed, “Second Chance” or “Fair Chance” hiring — when done right — is good for business. Companies can fill workforce gaps and reduce turnover, increasing productivity and cutting on-boarding costs. This practice also has community benefits and is a place where corporate value and social values dovetail. When people with criminal records are employed, economic activity and new tax bases are created, and public safety increases.

A 2021 survey of human resources professionals found that 81% believed that the quality of workers with criminal records is generally the same or better than workers without records, with nearly identical hiring costs. Studies have also shown that retention rates are higher, turnover is lower, and employees with criminal records are more loyal to their employers once hired.

Recent job openings reports from the U.S. Bureau of Labor Statistics showed thousands of open positions in accommodation and food services and in manufacturing — just two of the many industries in which talented people who happen to have criminal records could fill the labor gap.

Offering a second chance

Second-chance hiring is good for employers’ bottom lines in whatever industry they operate. Fortunately, many more business leaders are also recognizing the significant value in second-chance hiring. The Second Chance Business Coalition, led by Jamie Dimon, Chairman and CEO of JPMorgan Chase & Co., and Craig Arnold, Chairman and CEO of Eaton, has brought large businesses into the space.  Corporations such as Walmart, McDonalds, Verizon, Accenture, and Koch Industries are among more than three dozen companies that have been brought together by the coalition to work on this issue.

When I was incarcerated, no one asked me for money, but nearly everyone asked me to help them get a job after they were released. Today, I work with businesses to help them develop organizational and risk management strategies to better recruit and retain people with criminal records.

A 2021 report from the Alliance for Safety and Justice estimates that one-third of American adults — roughly 78 million people — have a criminal record. The problem is even worse for Black men. A University of Georgia study found that, as of 2010, 33% of Black men had a felony conviction compared to 8% for all adults.

Unemployment also has been an inescapable by-product of a criminal record. The Prison Policy Initiative calculated that the unemployment rate for people with criminal records is over 27%. By contrast, the country’s overall unemployment rate currently stands at just 3.5%.

Expungement as a risk management tool

Expungement, or record-clearing, is a powerful risk management tool for businesses, but the system can vary drastically among states. For example, a minor drug offense in Florida can stay on a person’s criminal record for life, while a much more serious offense that involved prison time may be expunged in another state. When an employer performs a background check, the Florida person who never served a day in jail will be classified as a “felon” while the person who did years in prison will not.

Fourteen states now broadly allow felonies and misdemeanors to be expunged, while another 23 states have narrower expungement criteria for felonies and misdemeanors. Five other states allow expungement only for pardoned felonies and certain misdemeanors, and three states and the District of Columbia allow only misdemeanor expungement. Five states and the federal system have no expungement law. Without broad record-clearing laws, a person with even a minor criminal conviction will always wear that scarlet letter.

Broader expungement laws have risk management benefits as well. This creates additional issues for chief human resources officers, corporate general counsels, and employment lawyers. Most businesses will never learn of an expunged record, which generally adds additional protections against negligent hiring cases and creates no additional work for corporate staff. In contrast, when a background check has a criminal conviction, the business may have to take additional steps before it can hire the person under the Fair Credit Reporting Act, applicable state laws, and its own risk management strategy.

Without expungement, the risk management landscape is largely governed by state law. For example, Colorado law prohibits an employee’s criminal record from being introduced as evidence in a lawsuit against an employer unless there is a direct relationship between the criminal history and the underlying facts of the claim (Colo. Rev. Stat. Ann. § 8-2-201(2)(a)(I)). Florida — a state without a record-clearing process — protects employers from a negligent-hiring presumption in cases in which the criminal-records check “did not reveal any information that reasonably demonstrated the unsuitability of the prospective employee” (§ 768.096, Fla. Stat.).

Hiring and retention are core business functions and are not an option for companies to achieve success. Unlocking this relatively untapped talent pool can help businesses grow and thrive, creating profits for the business and benefits for its stakeholders, employees, and surrounding community.

Hear more about John’s work, his former legal career, and his journey from prison to expert on re-entry into society after prison on Episode 108 of The Hearing: A Legal Podcast from Thomson Reuters.

As we enter 2023, the specter of a potential recession looms over all budgetary and strategic decisions. Professionals in corporate law and tax departments are already anticipating having to do more with less, which will likely impact how they work with their outside partners over the next 12 months. Add into this a mixture of new governmental regulations, and these next 12 months could start to look less optimistic and more of a trial to overcome.

In the most recent Thomson Reuters Institute Insights podcast, available on the Thomson Reuters Institute Insights podcast channel, our team of strategists reveal the trends they’re watching as we enter 2023, and how changes in the overall economy may affect this coming year’s strategic priorities.

Rabihah Butler, Head of Compliance & Government Insights, says that compliance is the name of the game in the risk and fraud space, with the Beneficial Ownership Act, the Enablers Act, crypto-regulation, and ESG compliance all playing their part to make the coming regulatory year a complicated one. And in the event of an economic downturn, there may be questions surrounding who bears the burden of that compliance risk, as well as how government entities and court systems will be able to continue key system reforms that they began during the pandemic.

Natalie Runyon, Head of ESG Insights & an Advisory Services Consultant, believes 2023 may be “a painful year because of multifaceted operational challenges and other headwinds” facing those responsible for ESG within organizations. The Securities and Exchange Commission’s rules on greenhouse gas emissions and the European Union’s new corporate sustainability reporting requirements both will increase work for lawyers and accountants, while certain social aspects of ESG — most significantly, the increased focus on employee well-being as a key performance indicator of organizational well-being — will remain a key priority for boards, especially in a tighter labor market.

Zach Warren, Head of Technology and Innovation Insights, views the tech and innovation landscape as one where next-generation technologies such as artificial intelligence, blockchain, and even ChatGPT may be taking a back seat to tried-and-true standards like business development and security and data protection. Thomson Reuters research has shown that while technology investment has continued thus far in the legal and tax industries alike, a recession may mean scaling back some research and development initiatives.

Bill Josten, Head of Legal Marketplace Innovation Insights, notes that what is top of mind for corporate law department leaders and law firms alike isn’t changing: the volume of matters they’re seeing is increasing. However, flat budgets and a potential down economy may have changed the calculus of how those matters will be tackled. Tighter budgets are forcing corporate law departments to tier their outside work, which could mean a potential rise in utilization of alternative legal services providers. Law firms, meanwhile, also are eyeing what inflation might mean for their realization rates and how to hold onto demand in the face of those tightening corporate purse strings.

Finally, Nadya Britton, Head of Tax and Accounting Insights, explains that small and midsize tax & accounting firms are looking to continue their advisory services expansion, particularly with continued industry automation and a de-emphasis on simple compliance work, while large tax firms are focusing on specialization in specific industry areas. Corporate tax departments, meanwhile, are “all about data, data, data,” Britton says, particularly with trying to better integrate the tax function into their organizations’ wider business initiatives. Even though any economic downtown may not impact tax as strongly as other industries, there are still implications around the industry’s growth plans to be considered.

As our team of strategists describe it in the podcast, 2023 is set to be a complicated year, but research has shown that there can be reason for optimism among all areas of professional services. Even with economic uncertainty looming on the horizon, the next year can prove fruitful with a little strategic planning and care.

Episode transcript.

You can get the whole story on the outlook for 2023 and listen to the most recent Thomson Reuters Institute Insights podcast here.

The hearing exposed some partisan differences even as broad agreement emerged on what needs to be done to reduce risks for crypto investors. Republicans and Democrats remained apart in their views of the future of a digital-asset world shaken by the swift collapse of a firm regarded as one of the safest bets in the industry. Indeed, the FTX failure showed basic concerns that must be resolved before mainstream firms can assure regulators that investor protections are in place.

Republicans who have been ardent advocates of deregulation used the hearing to slam U.S. agencies for failing to act sooner to halt fraud at FTX and for going too slow in drafting rules. Numerous Democrats argued against taking hasty actions until more is known about the FTX failure, which led to Bankman-Fried’s recent arrest and indictment on multiple criminal charges.

Garden of Eden full of snakes

“My fear is that we will view Sam Bankman-Fried as just one big snake in a crypto Garden of Eden,” U.S. Rep. Brad Sherman (D-Calif.) told the hearing of the U.S. House Financial Services Committee. “The fact is, crypto is a garden of snakes.” Sherman has been a persistent critic of cryptocurrency, which he sees as mainly a tool for tax evasion, funding for illicit activities, money laundering and sanctions evasion.

Republican legislators at the hearing argued against curbs that discourage innovation and argued for moving more quickly to put basic rules in place.

Despite testy exchanges and finger-pointing across the aisle, the hearing showed bipartisan consensus that the industry needs to assure transparency, asset custody, and governance that curbs conflicts of interest and self-dealing.

The FTX case also illustrates the challenging complexities in resolving a digital-asset bankruptcy, Ray said during the hearing. But the process was the same that he followed while overseeing the collapsed energy trading firm Enron, he said. “You follow the money.”

The FTX event could lead to “information being gathered that will inform legislation in a positive way,” said Sarah Riddell, a Morgan Lewis lawyer who worked for the Commodity Futures Trading Commission (CFTC) and participated in drafting the Dodd-Frank legislation.

Riddell compared the job ahead to the post-financial crash rulemaking that required a multi-faced, complicated process. The industry firms that have put compliance in place in their crypto practices could emerge intact, she said. “The firms with good tires will survive the heightened attention this has brought.”

AML as a unifier

U.S. Senators Elizabeth Warren (D-Mass.) and Roger Marshall (R-Kansas) recently introduced bipartisan legislation aimed at mitigating risks that digital assets pose to U.S. national security by closing “loopholes” that enable money laundering using cryptocurrencies. The introduction of the Digital Asset Anti-Money Laundering Act of 2022 comes in the wake of a number of high-profile government actions and scandals in the crypto sector, including the Treasury Department’s blacklisting of the cryptocurrency “mixer” Tornado Cash in August as well as the FTX bankruptcy and founder Bankman-Fried’s subsequent indictment. Amid these scandals, pressure on legislators and regulators to rein in the sector and strengthen anti-money laundering (AML) activities has only mounted.

Among other things, the Digital Asset Anti-Money Laundering Act of 2022 would extend AML obligations to a much broader spectrum of cryptocurrency players. For example, it would require such crypto entities as digital asset wallet providers, miners, validators, and other network participants to comply with portions of the Bank Secrecy Act, including know-your-customer requirements. The Act would also prohibit financial institutions from using or transacting with digital asset mixers and other anonymity-enhancing technologies and from handling, using, or transacting with digital assets that have been anonymized using these technologies.

The Act would also direct the U.S. Treasury Department to establish an AML/counter-terror finance compliance examination and review process for money services firms and directing the U.S. Securities and Exchange Commission and CFTC to establish similar compliance examination and review processes for the entities those agencies regulate.

“Rogue nations, oligarchs, drug lords, and human traffickers are using digital assets to launder billions in stolen funds, evade sanctions, and finance terrorism,” Sen. Warren said in a written statement. “The crypto industry should follow common-sense rules like banks, brokers, and Western Union, and this legislation would ensure the same standards apply across similar financial transactions. The bipartisan bill will help close crypto money laundering loopholes and strengthen enforcement to better safeguard U.S. national security.”

The senators noted that the Treasury Department, U.S. Justice Department and other national security and financial crime experts “have warned that digital assets are increasingly being used for money laundering, theft and fraud schemes, terrorist financing, and other crimes.”

In fact, rogue nations have used digital assets to launder stolen funds, evade American and international sanctions, and fund illegal weapons programs, the statement noted, adding that in 2021, cybercriminals raked in at least $14 billion in digital assets — an all-time high.

Further, Binance, the world’s-largest crypto platform, was reported to have laundered more than $10 billion for criminals and sanctions evaders over the last few years. However, splits among Justice Department prosecutors are delaying the conclusion of a long-running criminal investigation into Binance, it was recently reported. A Binance spokesperson declined comment.

Yet, what can managers in the federal government expect for future workplace attrition, and what best practices can they adopt to better attract younger workers to the public sector?

The retirement “tsunami” is still to come

The federal government weathered the COVID-19 pandemic with less volatility than state or local government agencies in terms of employee attrition. Indeed, record job vacancies in the public sector were largely seen as the result of the outflow of workers in local government and public education, according to Bureau of Labor Statistics data from the 18-month period between February 2020 and August 2022.

And one 2021 assessment from The Partnership for Public Service, found that attrition rates hovered around 6.1% within federal agencies, with slightly more than half of those leaving left due to retirement. This number was a slight increase from 2020 numbers of around 5%, but in line with pre-pandemic attrition rates.

Of course, these stable numbers may mean that the tsunami of anticipated federal retirements has yet to really hit.

More concerning figures relate to federal workforce age and incoming federal employees. A 2021 White House report, Strengthening the Federal Workforce, reveals that the percentage of federal employees over the age of 60 continues to increase year over year, while employees under the age of 30 continually decrease as a percentage of the federal workforce.

Younger employees simply aren’t joining the federal workforce at the needed pace to provide adequate succession planning for upcoming retirements. A 2022 Qualtrics survey on federal recruitment of more than 1,000 recent college graduates showed that more than half of those surveyed would not consider a career within the federal government.

Is workplace flexibility the key?

Understanding why a public sector career is unappealing to younger workers is a necessary first step to address the issue. Perceptions surrounding how and where federal work takes place appear to be the culprit.

In the Qualtrics survey, the top three reasons given by respondents on why they wouldn’t consider a career in government included: perceived under-qualification, lack of work/life balance, and experience gaps in their resumés. While many recommendations have been made about enhancing federal recruitment practices to successfully attract a diverse candidate pool, federal agencies would be well-served to highlight the flexibility of work that is already offered within the public sector.

Flexibility in how and where work occurs can be a key factor for attracting and retaining younger members of the workforce within the public sector. Fortunately for recruiting managers, the federal workforce already offers significant flexibility to current and prospective employees.

The federal workforce has adjusted in the current post-pandemic environment to offer remote working options that are either fully remote or in a hybrid fashion. In fact, the Office of Personnel Management’s 2021 Government Wide Management Report found that 57% of federal employee respondents worked remotely at least once a week, up from 23% just two years earlier.

Employee experience matters

Cultivating a culture where employees have the flexibility that they desire to achieve better work/life balance, and where they can feel connected and valued by their managers may seem like a daunting task to many government agency managers. However, managers can ensure that their culture puts people first by implementing several recommend best practices, such as:

Focus on building and maintaining connection with team members through short, regular check-ins — For remote or hybrid employees, managers can pre-schedule intentional meetings with a clear focus area.

Establish “buddy” or mentor programs to link up new and veteran employees within an organization — Programs that match new employees with peers (rather than supervisors) acknowledges the fact that employees may feel more comfortable asking some questions of a peer rather than their direct supervisor. Likewise, the mentor can provide the new employee with valuable insights about organizational culture. Mentorship programs also can be redesigned for remote or hybrid employees.

Offer diverse learning and professional development opportunities — The rise of hybrid and remote work has contributed to “Zoom fatigue” for many. Offering professional development opportunities that are a mix of webinars, in-person, or self-paced learning modules reinforces that employees are valued, while not contributing to the exhaustion that overuse of virtual video conferencing tools can generate.

Understand how your employees learn — Hand-in-hand with the point above, not all humans learn in the same fashion. Four dominant learning styles include aural, visual, kinesthetic, and reading/writing. Implementing learning style assessments into employee pre-boarding can help managers best understand how to most effectively train and on-board new hires.

Remember that team bonding is still important, remotely or in-person — As full-time in-person work continues to decline, some organizations have empowered employees to spend time together outside of work by volunteering, socializing, or even sharing a meal together. A lunch traditionally spent together in-person can be recreated by supplying remote employees with a gift card for food delivery or to a restaurant of their choosing. Managers also can prioritize scheduling a shared meal for hybrid employees when they are in-office.

Finally, it’s important to understand that the federal workforce has not experienced the rapid outflow of workers to the same extent that state and local government organizations have in the post-pandemic era. Yet, that doesn’t mean critical challenges around talent have been avoided for good.

In preparation for the upcoming retirement of aging members of the federal workforce, managers should consider adjusting their management style to be more people-centric and considerate of increasing remote and hybrid work preferences.

Indeed, as global economies moved away from the worst of the pandemic, it seemed early on that 2022 could provide a sense of normalcy, if not a return to traditional business practices. However, the rocky shoals of the war and global economic turmoil soon put an end to that sunny thinking. Yet many professional service firms and their corporate counterparts in the US and around the world found ways to remain profitable, resilient, and forward-thinking enough to allow some positive direction as we all head into 2023.

The Thomson Reuters Institute, through its blog posts, podcasts, market reports, and in-depth analysis, has chronicled many of the changes that swept through the last year, offering insights into how many organizations are adapting and what solutions are being successfully utilized.

If there were trends to discern in this very busy year, it was that twin issues of talent and technology implementation were impacting corporate departments and professional service firms to a greater degree as the year went on. And some of the most-read pieces on the blog site reflected that. For example, one piece that was very widely received described the different power skills that allow employees to flourish in new hybrid work environments; also, the changing regulatory stance toward the practice of law, especially around whether non-lawyers can own law firms, was of keen interest to our readers.

Further, many law firms, government agencies, tax & accounting firms, and corporate departments were beginning to grasp that the technology needed to meet the growing demands of the digital economy was of paramount importance. Indeed, as we moved toward the end of 2022, it was clear that technology adoption and maximizing its use simultaneously was among the biggest challenges and most promising opportunities that organizations are facing going forward.

Key market reports & in-depth podcasts

Throughout the year, it was the goal of the Thomson Reuters Institute to bring together people from across the legal, corporate, tax & accounting, and government communities and ignite conversation and debate in order to shed some insight on the newest industry developments and the most critical opportunities and challenges market participants are experiencing.

You can explore our top trending Thomson Reuters Institute insights that shaped 2022, or you can relive some of our highlights from this year here. And for further coverage of the legal, tax & accounting, corporate, and government sectors, visit the Thomson Reuters Institute.

We did this in part by providing coverage of these topics on the Thomson Reuters Institute blog site — such as podcasts, videos, and key market reports — and by hosting world-class events, which kicked off in Amelia Island at our 29th Annual Marketing Partner Forum, which brought together global law firm leaders and the best strategic thinkers from around the world to discuss the steep challenges facing firms in the legal market; and continued in New York City with our 21st Annual Law Firm COO & CFO Forum, along with many more in-person and virtual events throughout 2022.

As our reach expanded over the year — the Thomson Reuters Institute blog site reached more than 1 million annual page views this year for the first time in its history — our coverage expanded as well. We created two new resource centers on the site, to accompany those dedicated to covering the legal, tax & accounting, corporate, and government areas. Our new resource centers — Environmental, Social & Governance (ESG) and Technology & Innovation — allow us to offer readers dedicated content and insight into those areas.

Throughout the year, the blog site offered a steady stream of analysis and market insight reports that shed light on what participants in the legal, tax & accounting, and corporate fields were experiencing in their respective marketplaces in today’s economy. For example, in the 2022 Report on the State of the Legal Market, we saw that the legal market has remained resilient, even though numerous key challenges remain for many law firms, including a hot market for legal talent that has driven up costs. Even so, the report showed that many law firms have managed the difficult market with a good level of success last year.

On the other side of the table, our reports on corporate law departments and corporate tax departments shed further light on the immense pressure these departments were under from their corporations to transform the way they operate, with special emphasis on working more efficiently and cost-effectively. Indeed, coming out of the pandemic, it appears the dramatic changes undertaken by corporations during that time — especially around talent management and adopting new technology — may only be the beginning.

Also, our series of twice-monthly Insights podcasts offered in-depth discussions throughout the year on topics ranging from the viability of the new cryptocurrency economy to the most common misconceptions in the legal industry around artificial intelligence, and from how financial institutions were managing Russian sanctions to how organizations can benefit from client feedback programs.

Now, as we move into 2023, the Thomson Reuters Institute will continue offering insight into the latest events and trends, bringing leaders together, and mapping out the opportunities and challenges facing corporations and professional service firms going forward.

In a May decision from the US District Court for the Southern District of New York, Upsolve, Inc. et al v. James, Upsolve, a nonprofit that helps individuals file for bankruptcy for free, challenged the state’s application of the unauthorized practice of law to other trained professionals. To help low-income individuals facing debt collection navigate and respond to their suits more readily, Upsolve launched the American Justice Movement program in January, which trains professionals to offer complimentary legal advice about whether and how to respond to debt collection lawsuits. Specifically, the volunteers sought to help New Yorkers fill out checkboxes on a one-page answer form provided by the State of New York to avoid automatic default.

In the Upsolve case, the New York Attorney General argued that such guidance was the unauthorized practice of law, but ultimately, the judge ruled that those rules did not apply to the program because the legal advice was protected as speech under the First Amendment. The court also stated that the advice mitigated the risk of harm to the consumer while addressing a significant legal problem area, further in favor of the decision.

In our new column, NextGen Justice Tech, by Kristen Sonday, we will take a look at the people, trends, and technology shaping the future of access to justice.

The ruling is monumental because it allows legal professionals to provide guidance on completing legal forms that might be applied to other areas of law, including through online tools that can reach exponentially more individuals.

“By ruling in favor of Upsolve, the Southern District of New York… established a new First Amendment right in America: the right for low-income families to receive free, vetted, and accountable legal advice from professionals who aren’t lawyers,” said Rohan Pavuluri, Upsolve’s Co-Founder and CEO.

If further applied to online forms and filing apps, then tech companies, court employees, and other volunteers would be able to assist people with basic questions about whether and how to respond to government requests, vastly expanding the number of people who can help. For individuals who are too afraid or uncertain of navigating such services on their own, this support would provide peace of mind and tangible next steps to assist significantly more low-income folks in managing the legal process.

The “sandbox” model

The implementation of state-run legal tech sandboxes is another opportunity to spur justice-related innovation. Utah was the first state to launch such a sandbox in August 2020, in which lawyers and legal professionals can develop and promote new legal solutions under the supervision of the state’s Supreme Court. One year in, the Utah Supreme Court had approved 30 companies, including those that created initiatives to provide individuals help completing court forms and receiving legal advice via chatbot.

The sandbox concept helps mitigate risk for justice tech founders since they’re building and testing ideas alongside a legal authority. In addition, through this model, “justice technology companies can partner with authorized legal services providers to offer consumers actual legal advice. Attorneys are the most obvious partners, but authorized document preparers, among others, are an often-overlooked partner,” says Natalie Knowlton, Founder of Access to Justice Ventures.

Finally, the Association of Professional Responsibility Lawyers (APRL) has made a powerful recommendation to update the American Bar Association’s (ABA’s) Ethics Rule 5.5 and permit lawyers who are admitted in any jurisdiction to be able to practice across others. “Our proposal advocates that a lawyer admitted in any United States jurisdiction should be able to practice law and represent willing clients without regard to the geographic location of the lawyer or the client, without regard to the forum where the services are to be provided, and without regard to which jurisdiction’s rules apply at a given moment in time,” the APRL wrote in its letter to the ABA president.

This change would be significant for justice technology companies and non-profits in that their lawyers would be able to serve individuals across jurisdictions, regardless of lawyer or client location. Justice tech companies would save time and money by being able to serve more individuals virtually, and with a leaner staff, could free up capital for other initiatives. For tech companies that currently have to hire staff who are licensed in each state in which they want to provide lower cost legal services, this reform would be game-changing.

“As a startup, an update to Rule 5.5 would allow us to move much faster in expanding our services to those in need,” says Erin Levine, the Founder and CEO of HelloDivorce. “We would be able to hire and train fewer, high-quality lawyers that provide consistency in our services across jurisdictions, as well as quickly build out subject matter expertise that can increase the number of clients served.”

Further, under this scenario, legal services organizations would be able to refer pro bono clients to attorneys across the country, making those referrals more efficient and potentially better aligned. The rule also would greatly enhance access for folks in rural areas, as they often are limited to those lawyers in nearby metro areas who might work on their matters.

By being able to access legal assistance from anywhere in the United States — via in person or online, through lawyers or other approved professionals — the magnitude by which the legal profession could greatly help those in need through better legal reforms is significant for the justice tech community and underserved citizens across the country.

The US Department of Justice (DOJ) announced charges in November against multiple defendants in connection with fraudulent email schemes that targeted Medicare and Medicaid programs, private health insurers, and other victims. The defendants were charged in connection with multiple business email compromise schemes that involved money laundering and wire fraud and resulted in losses of more than $11 million.

Business mail compromise schemes are a type of phishing attack that attempts to deceive an entity into transferring funds or disclosing sensitive information.

In these cases, fraudulent emails were sent to public and private health insurance programs that requested future payment be sent to “new bank accounts that did not belong to the hospitals” and instead were sent from “accounts resembling those associated with actual hospitals.” Based on these deceptive emails, five state Medicaid programs, two Medicare administrative contractors, and two private health insurers made payments to the defendants and their co-conspirators instead of the hospitals.

“These defendants defrauded numerous individuals, companies, and federal programs, resulting in millions of dollars in financial losses to vital federal programs meant to provide assistance to those in need,” said US Attorney Ryan K. Buchanan for the Northern District of Georgia in a DOJ statement.

The DOJ detailed some of the charges and allegations against the defendants, as follows:

• • • A Columbia, SC man was charged with three counts of money laundering and one count of unlawful procurement of naturalization. He alleged used a stolen identity to open bank accounts in the name of a shell company in order to receive more than $1.4 million fraudulently diverted from a Medicaid program, a hospital, and others. He also allegedly laundered $583,000 of the proceeds.
    • An Atlanta man was indicted on four charges of money laundering after he allegedly used false identities to open bank accounts in the names of the false identities and shell companies. He received approximately $2.4 million from Medicare and several private companies. He laundered approximately $679,000 of those proceeds.
    • Another individual from Atlanta was charged with three counts of wire fraud, two counts of aggravated identity theft, and six counts of money laundering for using stolen and false identities to open accounts in the names of shell companies. She received nearly $830,000 in proceeds and laundered approximately $535,000 through large cash withdraws.

Holidays increase risks

Last year, there was a “30% increase in the average number of attempted ransomware attacks globally over the holiday season” from 2018 to 2020, compared to monthly averages, according to research from cybersecurity firm Darktrace. Researchers for the firm “also observed a 70% average increase in attempted ransomware attacks in November and December, compared to January and February.”

This increased holiday risk is also true in the healthcare sector. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert for Labor Day 2021 because they had “observed an increase in highly impactful ransomware attacks occurring on holidays and weekends — when office are normally closed — in the United States.” Attacking on or around holiday weekends “provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware” because IT departments are at limited capacity for extended times.

Because staffing in all departments is often reduced during the holidays, it is important for all employees to be alert for suspicious emails that might include links that would expose the provider or insurer to malware or that might be an attempt to fraudulent divert payments from the intended recipient.

In fact, the average weekly attacks in the healthcare industry increased 69% in the first half of 2022 compared to 2021, according to a recent report from research firm Check Point, with healthcare providers being among the victims of some of the more serious cyberattacks. In the third quarter, healthcare was the most targeted industry for ransomware attacks with 1-in-42 entities impacted by ransomware, according to Check Point.

For example, a January attack on Broward Health in Florida exposed the medical information of more than 1.3 million individuals to cyber criminals, according to Check Point. In October, a ransomware attack hit CommonSpirit health system, which operates 142 hospitals across 21 US states. The attack blocked access to the system’s electronic health records and disrupted patient care.

Whether it is a business email compromise scheme to divert payments from Medicare and Medicaid or another phishing email that exposes a provider or insurer to a costly malware attack, it is imperative that everyone be alert to cyberthreats, especially as we head into the holiday season.

In 2018, the International City/County Management Association (ICMA) released its Equity and Inclusion Toolkit, which provides resources to empower local governments with best practices in the interest of building inclusive organizations, and by extension, more welcoming communities. And while many DEI initiatives at the local government level are housed within human resource divisions and include enhancing DEI for current and prospective employees, they may not always factor in how to ensure that outsourced work (and the associated procurement processes for contracts) can be DEI-focused as well.

Simplifying procurement processes

Local governments are large users of request for proposal (RFP) processes, in which agencies define the services or goods desired, craft an evaluation criterion, and solicit responses. Municipalities and county-level governments have established price points that automatically trigger a formal procurement process, which can ensure against nepotism or corruption and discourage government waste in awarding contracts.

Some accessible means of streamlining and modernizing RFPs may include:

• • • allowing proposal responses to be submitted electronically;
    • ensuring that any required forms can be accessed as form-fillable PDFs;
    • utilizing a proposal tracker where vendors can check on the status of their RFP review. (For example, the City of Tacoma, Wash., has an embedded proposal tracker on its website that greatly increases vendor awareness and transparency throughout the procurement process); and
    • sharing, clearly and explicitly, the evaluation criterion and weighting for proposal review and using this criterion in the evaluation process.

Reducing barriers for applicants

An inclusive procurement process removes potential barriers that might discourage the widest slate of vendors from bidding. Removing steps that add significant time or cost to project proposals, often with little gain for the reviewer, or which allow for greater RFP exposure can attract a more diverse pool of vendor applicants.

For example, some methods government agencies can use to reduce these barriers and gain more proposal exposure might include: not requiring hard copy submittals for RFP responses, or removing notarized signature page requirements wherever possible. Also, RFPs should be advertised in free access locations, rather than exclusively being posted on pay-to-play vendor sites or bid aggregators. (State municipal league organizations often offer RFP postings at no or nominal cost for their members.) Agencies should also ensure that RFP timelines for response are long enough to garner response, such as three weeks at a minimum, but preferably one month. And they should share answers to all questions received by submitters in a public location — such as on a proposal tracker website — to ensure information is equal for all parties.

Setting benchmarks for data & tracking

If a local government’s goal is to increase the percentage of contracts granted to businesses owned by under-represented individuals, then the scope of the current awarding metrics must be structured in order to effectively measure change.

For example, government agencies should make sure that all contracts entered for local government services include a declaration page noting majority ownership and identifying diverse business characteristics. Where possible, agencies should evaluate majority ownership of past local government contracts to better understand necessary diversity benchmarks.

Further internal analysis may be required. Larger municipalities sometimes opt to have outside firms complete economic disparity studies in order to get a broader analysis of government efforts and contract-award history and to understand market opportunity within communities. While in municipalities with lower levels of contracting, this data may be able to be generated internally.

These efforts can pay dividends. A study into the economic disparity of city contracts undertaken by the City of Asheville, NC in 2018, found that less than 5% of the city’s non-construction projects were awarded to women- or minority-owned businesses. These findings triggered the update of the city’s Business Inclusion Policy and shifted contract awarding methodology from race-neutral to race-conscious.

Making meaningful connections

Collecting data through a study — such as the one done by Asheville or another done by as the City of Boston — can help municipal governments more fully understand the economic disparity of municipal contracts. The likely result are some key and specific actions that local governments can take to connect with diverse business communities, such as develop a landing page, such as the one created by Asheville to spell out the municipality’s business inclusion efforts.

Municipalities should also participate in state-run diverse-owned business registries and consider favorable weighting in the RFP process for registered businesses. In fact, some local governments opt to create their own business registries rather than using state registries.

Further, agencies seek to connect directly to these diverse-owned businesses by hosting small business open houses or standing calls to connect small businesses in the community with contracting or work opportunities. Municipalities should also forge collaborative partnerships with B2B organizations in their greater region or service area. For example, the Hispanic Chambers of Commerce, LGBTQIA+ business networking organizations, and others can help connect diverse businesses to local government opportunities.

Finally, more local governments are providing exclusive opportunities for minority-owned businesses to bid for municipal contracts. In Boston, for example, the city established a Sheltered Market Program in early 2022 for projects in key areas that were identified in their disparity study. Programs such as these help build the capacity of small, local, and diverse businesses to bid for larger government contracts down the road.

These actions, taken in total, can foster an improved state of equity in the government procurement process for diverse-owned business in the future.

“Technology advancements are a great thing, but the Metaverse combined with Web 3.0 allows people to be more anonymous than ever,” says Jim Lee, chief of the Internal Revenue Service Criminal Investigations unit (IRS-CI). “As a result, we all know that the criminal element is going to come out somewhere, somehow.”

Is prevention possible?

Lee spoke recently at the recent 21^st Annual Anti-Money Laundering & Anti-Financial Crime Conference, held by the Association of Certified Anti-Money Laundering Specialists (ACAMS), where the challenge of preventing Web 3.0 from becoming a safe haven for criminals was discussed in a number of forums.

ACAMS is attended primarily by bank regulators and other defenders of the traditional financial system, and the consensus opinion among this crowd is that anticipating how criminals could exploit Web 3.0 is the key to preventing it. Mistakes made building the current internet should have taught us that addressing content problems after the fact is a losing game, many experts say, so it’s essential to build controls and safeguards into Web 3.0 before criminals even have the opportunity to commit a crime.

Or so the thinking goes.

There are several holes in that proposition, however. Among them: i) regulators and Web 3.0 technologists would need to find a way to work together somehow; ii) not everyone agrees on the nature of the problem or how to prevent it; iii) lawmakers have a dismal record when it comes to recognizing and addressing issues involving technology before they happen; and iv) criminal activity in the Metaverse is already on the rise, so the clock is ticking.

What is Web 3.0?

Though the terms are sometimes used interchangeably, Web 3.0 and the Metaverse are not the same thing. Web 3.0 is the underlying architecture of the Metaverse, which itself is the immersive, three-dimensional digital world that proponents of the technology (such as Meta CEO Mark Zuckerberg) claim is the future of the internet.

Though the Metaverse is still in the early stages of development, elements of Web 3.0 are already being used today in the world of cryptocurrencies and other digital assets (such as with non-fungible tokens and stablecoins), all of which are based on blockchain technology. One of the key differences between today’s internet (Web 2.0) and Web 3.0, however, is that the latter is built entirely on blockchain smart-ledger technology-driven by machine learning and artificial intelligence.

The key features of Web 3.0 that most concern government officials and law enforcement are decentralization and anonymity. Not coincidentally, these are the same features that make crypto-based crimes and crypto-enabled criminal networks so hard to thwart.

The core idea of Web 3.0 and hence the Metaverse, however, is that it is entirely decentralized, meaning that no central power or government controls it. And for many Web 3.0 evangelists, that’s the central selling point of Web 3.0: Freedom from governmental control.

From a government regulator’s perspective, however, total decentralization is a huge problem. What it essentially means is that anyone can do anything, anonymously, and with no accountability, and there’s very little that conventional law enforcement can do to stop it.

Virtual crime, real-world victims

That’s not all. The trouble really starts when criminal activity in the Metaverse leaks over into the real world. At ACAMS, Lee asked his audience to imagine strapping on some virtual-reality (VR) goggles and walking into a building in the Metaverse: “Floor 1 is the ID theft room, where you exchange some sort of digital asset and they instantly give you a driver’s license, a date of birth — Personal Identifiable Information (PII) — that you can then go use for credit-card fraud, bank fraud, or whatever crime you can think of using PII.”

Floor 2 is the firearms floor in Lee’s digital dystopia. There, you can purchase the location of a gun in the real world, with no background check, “and now you’ve got a person who shouldn’t have a weapon,” Lee says. Floor 3 is devoted to human trafficking. Floor 4 to money laundering. Floor 5 to terrorism. And so on.

“It’s an ugly picture,” Lee warns.

Anjana Rajan is the Chief Technology Officer for Polaris, the largest anti-human trafficking NGO in the United States. At ACAMS, she explained that Congress should be concerned about the rise of Web 3.0 because of the “philosophy” of institutional distrust behind it. “It’s really about society and the future of our political system,” Rajan explains. “In its best form, this technology can create economic inclusion and a more secure internet, but in its worst form it can also drive the same thing that happened on January 6.”

Proponents of Web 3.0 have a distressing amount in common with anti-government violent extremists, namely, that “they don’t trust US institutions, they don’t trust the US dollar, and they don’t trust the corporations and oligarchs who run the economy,” she adds.

The difference is that Web 3.0 and the Metaverse are being built by some of the richest, most powerful people — and the largest tech companies (such as Meta, Google, and Microsoft) — in the world.

Re-thinking trust

A lawless, entirely unregulated Metaverse is not inevitable, these experts say, but it will require a re-thinking of some of the basic concepts upon which financial institutions and society at large are currently based, such as identity and trust. For example, our concept of identity in the real world revolves around a person’s PII, such as date of birth, social-security number, driver’s license number, address, etc. However, it may be time for the government “to start moving away from normal concepts of identity-based trust and instead move to concepts of trust within the ecosystem,” notes Frederick Reynolds, Chief Compliance Officer for the fin-tech start-up Brex.

In the ecosystem of the Metaverse, one’s identity is defined by the metadata on their blockchain, and trust within the ecosystem is built through blockchain activity that is independently verified by a decentralized network of fellow users. So in a sense, blockchains build trust by eliminating the need for it.

For better or worse, this is how the Metaverse works. Yet, if we’re not careful, these experts warn, criminals will figure out how to make it work for themselves before law enforcement can figure out how to stop them.