Morrison Foerster is an international law firm with lawyers practicing throughout the United States, Asia, and Europe. Click to discover more.

mofo_share_image.jpg

Morrison Foerster

common-default.jpeg

Terms / Notices

Cookies

Privacy Policy

Reporting Hotline

Attorney Advertising

Alumni

  Linkedin

MoFo LinkedIN

  Facebook

MoFo Facebook

YouTube

MoFo Youtube

Morrison Foerster - Footer

Aligning Cybersecurity and ESG Strategies

You have not solved the recaptcha challenge yet or session expired, try again.

Email Disclaimer

Disclaimer

Unsolicited e-mails and information sent to Morrison Foerster will not be considered confidential, may be disclosed to others pursuant to our <a href="https://www.mofo.com/about/privacy-policy.html">Privacy Policy</a>, may not receive a response, and do not create an attorney-client relationship with Morrison Foerster. If you are not already a client of Morrison Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

Feedback

mofo-logo-2022.svg

People

Capabilities

Resources

About

Culture

Offices

Careers

Stay Connected

Susan Mac Cormac, Stacey Sprenkel, and Miriam Wugmeister participated in an expert Q&A with Thomson Reuters Practical Law about how organizations can benefit from viewing cybersecurity through an ESG lens and integrating their enterprise risk management, compliance, governance, and reporting activities across these high-profile areas.

About Morrison Foerster

people-default-header-desktop.jpg

people-default-header-mobile.jpg

Default Meta Data

Susan Mac Cormac, Stacey Sprenkel, and Miriam Wugmeister participated in an expert Q&A with Thomson Reuters Practical Law about how organizations can benefit from viewing cybersecurity through an ESG lens and integrating their enterprise risk management, compliance, governance, and reporting activities across these high-profile areas.The team emphasized the importance of a holistic approach to risk, noting that cybersecurity exposures aren’t merely an IT issue require swift, integrated responses. They stated, “A holistic approach to ERM involves taking an integrated, top-down and bottom-up posture to risk assessment efforts across all functions and personnel within the organization.”The partners also discussed governance and reporting, stating, “As companies develop processes and strategies to preempt, prevent, and mitigate cyber risks, heightened focus should be on transparency, accuracy, and consistency in cyber-related processes, ownership, and disclosures.Read the <a href="https://www.reuters.com/practical-law-the-journal/transactional/aligning-cybersecurity-esg-strategies-2023-12-01/" target="_blank">full article</a> (subscription may be required).

Aligning Cybersecurity and ESG Strategies

Sign Up

Susan (“Suz”) co-chairs the ESG + Sustainability and Social Enterprise + Impact Investing practices. Her practice focuses on late-stage financings, secondaries, and other corporate transactions for investors, such as SoftBank and Temasek, and on investments for some of the top investors dedicated to impact, from “impact first” foundations to family offices to private equity funds. She co-led the drafting group for the first of the new corporate forms (the Social Purpose Corporation in California), has created hybrid/tandem corporate structures and crafted debt and equity instruments that blend impact with traditional financial terms, and has used corporate law to develop creative capital market solutions to pressing environmental problems. She also advises the boards of public and private companies on corporate governance and fiduciary duties as applied to sustainability and climate change.She was named a California Lawyer Attorney of the Year (CLAY) in 2012 and 2016 by Daily Journal and the Most Innovative Lawyer in North America in 2015 by the Financial Times.Leading Business AdvisorA powerhouse negotiator, clients note that “you cannot get a better corporate counsel” and that Suz “understands the big picture, could not be more responsive, and understands the business” (The Legal 500 US). She has extensive experience providing corporate and finance advice to companies and investors in connection with growth equity financings and secondaries, with particular experience in late-stage investments that have come to rival traditional strategic acquisitions in size and significance. Her experience includes leading some of the highest-profile late-stage investments over the past few years, including notable transactions for SoftBank Group (in the two largest private tender offers in history) in its $7.7 billion investment in Uber, $4.4 billion investment in WeWork, further $10 billion investment in WeWork, $1 billion investment in SoFi, and $250 million investment in Kabbage. She has also advised Temasek on its $800 million investment in Verily Life Sciences, Intel on its equity investment in Cloudera, and each of Fortress, TPG Rise, Vision Ridge Partners, Generation Investment Management, and Pontifax AgTech in numerous mid- to late-stage investments in clean technology, sustainability, education, food, and agriculture technology.Social Enterprise and Impact InvestingSuz is the go-to legal resource for social enterprises (for-profit and non-profit companies focused on social or environmental purpose), impact investors (investors interested in social or environmental returns), and mainstream companies developing environmental, social, and corporate governance policies. With deep expertise in the impact investing model, institutional investors exploring the space turn to her for creative solutions and her ability to structure both investments and companies to emphasize impact and returns.She represents a wide range of investors who are focused on impact, from foundations like the Gates Foundation, The Nature Conservancy, and The Rockefeller Foundation, to family offices like Armonia, Cornerstone Capital, Emerson Collective, New Island Capital, and Omidyar Network, to private equity funds like Goldman Sachs, TPG Rise, Vision Ridge Partners, and Generation Investment Management, in their equity investments in companies and projects that are focused on generating impact and returns for investors. She has deep experience and expertise ensuring energy, sustainability, and other investments have positive impact through the use of new corporate forms, hybrid or “tandem” structures with non-profits and for-profits, and alternative debt and equity instruments.Notable work in this space includes the establishment of a tandem structure, The Carbon Endowment, to retire coal assets at scale while securing a revenue stream for community reinvestment and job training in coal communities. Suz also advised on the structuring of Common Sense Growth as an extension of the non-profit Common Sense Media (to invest in companies that address issues related to children, education, and technology), the establishment of a fund for TPG Rise to provide debt financing to Echoing Green fellows, the spin-out of PRX from Public Radio International (to generate new revenue flows up to the non-profit), the establishment of a for-profit joint venture with non-profit Medicines360 (to allow the non-profit to distribute its healthcare products to women in the developing world), and the structuring of a for-profit evergreen fund that allows The Nature Conservancy to aggregate return-seeking and donor capital in order to invest in preserving our natural resources. She has also advised numerous clients on converting to a public benefit corporation or social purpose corporation model (which requires balancing traditional fiduciary duties against a social or environmental purpose), including This American Life, Revolution Foods, Rise Labs, and Beneficial State Bancorp.Suz also regularly advises boards of directors of private and public companies, special committees, and CEOs on corporate governance, particularly the intersection of fiduciary duties with sustainability, and focuses on environmental, social, and governance issues.Unmatched Cleantech and Renewable Energy ExperienceIn addition to founding and chairing the firm’s Social Enterprise and Impact Investing Group, Suz serves as Chair of Morrison & Foerster’s Energy Group and has extensive experience representing start-up to late stage private companies in the clean technology or sustainability space. She provides corporate and finance advice in connection with equity and debt financings, mergers, acquisitions, asset purchases and sales, reorganizations, and joint ventures. She has experience working with renewable energy start-up companies and renewable energy developers in the solar, wind, and biofuels industries. Suz has assisted renewable energy start up companies with raising venture capital and has advised renewable energy developers on project acquisitions.Suz’s representative renewable energy, cleantech, sustainable, and social enterprise clients include Anaergia, Change.org, EDF Renewables, E.ON, Etsy, First Look, OneSun, Planet Labs, Rising Sun Energy, RSF Social Finance, SustainBio, Trelys, Inc., Wikipedia, and Xpansiv.Board Activity and Thought LeadershipMs. Mac Cormac was a founding board member of the Sustainability Accounting Standards Board (SASB), is a member of the board of directors of Business for Social Responsibility (BSR), the Ceres President’s Council, and the Earth Genome Project, and is an advising board member of the Committee Encouraging Corporate Philanthropy’s Strategic Investor Initiative.She has joined the faculty (teaching on the intersection of sustainability and fiduciary duties) at both the Stanford Director’s College and the Northwestern Corporate Counsel Institute and is an adjunct professor at UC Berkeley School of Law, teaching a course on Social Enterprise.

Susan Mac Cormac

Partner

<div class="videoWrapper"><iframe class="sticky-video" title="Meet MoFo San Francisco Head of Litigation Stacey Sprenkel" allow="autoplay; encrypted-media" allowfullscreen="1" frameborder="0" src="https://www.youtube-nocookie.com/embed/wNOyJe_ZnZI?rel=0" title="iframe"></iframe></div>Stacey is a member of Morrison Foerster's ESG + Sustainability, Global Ethics and Compliance, and FCPA + Global Anti-Corruption practices. She regularly assists clients with assessing compliance risks across a broad range of issues and developing strategies to mitigate risks. She conducts anti-corruption, human rights, and compliance-focused due diligence in connection with acquisitions and other transactions, and provides day‑to‑day counseling on a broad range of compliance issues.Stacey’s practice is focused on pro-active compliance risk mitigation and counseling. She works with legal and compliance teams, executive leadership, and boards of directors to assess compliance risks across organizations, and to assess whether existing compliance programs and controls are sufficient to address identified risks. She assists with ESG risk mapping exercises and human rights impact/saliency analyses, as well as compliance program benchmarking exercises. She helps companies from start-ups to large global companies develop and enhance compliance programs, and assists with the development of strategies to stay ahead evolving legal regimes and enforcement environments. Stacey leverages her master’s degree in human rights to advise companies in connection with not only avoiding corruption, human rights, and other ethics and compliance risks and issues, but also in developing effective mechanisms to remediate such issues if they arise.When issues do arise, Stacey also leads corporate internal investigations spanning a broad range of issues, including bribery, kickbacks, embezzlement, self-dealing, insider trading, accounting fraud, economic espionage, and health care fraud. Stacey advises clients related to these issues in jurisdictions around the globe, including in North America, Latin America, Europe, Africa, Russia, India, and Asia-Pacific. She also represents clients in connection with SEC and DOJ investigations and enforcement proceedings, and in complex commercial litigation involving False Claims Act, civil RICO, and antitrust matters.Stacey was named to the 2018 list of the “Top 40 Under 40” lawyers in California by the Daily Journal and was also recognized by the Daily Journal as being among the “Top Five Associates to Watch” in California in 2013. She was recently shortlisted for Compliance Lawyer of the Year as part of the 2020 Women in Compliance Awards. She has also been previously recognized by The Recorder as being among the “Lawyers on the Fast Track,” a list of attorneys in California whose early accomplishments indicate they will be tomorrow’s top lawyers and leaders. In addition, Euromoney Legal Media Group selected her as one of eight women recognized on a 2014 shortlist of litigation rising stars for the “Americas Women in Business Law Awards,” which honors the achievements of women leading the legal sector across the Americas. She has also been recommended as a “Rising Star” by Super Lawyers every year since 2009.Stacey regularly speaks on panels on issues related to ESG, human rights, and anti-corruption compliance. Most recently she served as a panelist for MoFo’s “ESG + GCs: Practices, Priorities and Perspectives” webinar, joined a co-branded webinar with McKinsey on “Elevating the Bar for Transparency: SEC Proposed Rules & Potential Implications for Investors,” and participated in EY’s Leading with Integrity Webcast during a panel session focused on “Mitigating Fraud and Corruption risks in ESG.” She will also be joining Ethisphere’s upcoming ESG Virtual Forum to lead a panel focused on “The Regulators are Coming: Should Ethics & Compliance Take the Lead on ESG.”Stacey has long been a champion for veterans’ rights and has been a key team member on several high-profile impact cases on behalf of veterans. These cases include a class action on behalf of veterans who were exposed to chemical and biological substances during their time in service as a result of secret human testing programs conducted by the United States military along with an action brought on behalf of veterans with post-traumatic stress disorder against the Department of Veterans Affairs for failure to provide statutorily mandated benefits and healthcare to returning troops. She has also been involved with proposed legislation relating to veterans’ rights and consults on a number of other matters (judicial and legislative) related to veterans’ rights. Stacey has also handled a number of other pro bono matters, including advising an anti-corruption organization in The Gambia about proposed anti-corruption legislation and working with the Northern California Innocence Project in an effort to secure the release of a prisoner who has been serving 24 years in prison for a crime he did not commit.Stacey was the head of Morrison Foerster’s San Francisco Litigation Department for five years. She is admitted to practice in California.<h4>Representative Experience</h4><h5>Human Rights and ESG-Focused Matters</h5><ul><li>ESG Risk Mapping Exercise. Assisted a leading global technology company in connection with mapping ESG legal and compliance-related risks across the organization in order to develop appropriate risk mitigation strategies.</li><li>Human Rights Supply Chain Tracing Exercise. Assisting global company in connection with strategy to trace the supply chain of a newly acquired entity with operations and suppliers in Xinjiang, China.</li><li>Accountability Mechanisms. Assisting financial institutions in connection with developing accountability mechanisms for individuals in local communities who face human rights impacts as a result of projects in which they invest to seek information and potential redress.</li><li>Policy Refresh. Assist global company in connection with developing and enhancing both internal and external-facing ESG-related policies (addressing human rights, anti-corruption, AML, DE&I, and other related topics).</li></ul><h5>Investigations and Risk Assessments</h5><ul><li>Asia-Pacific FCPA Investigation. Conducting review of potential payment issues in India and other Asia-Pacific countries for a leading technology company.</li><li>False Claims Act/Fraud Investigation. Representing special committee of Board of Directors in connection with government investigation and internal investigation regarding potential fraudulent transactions and false claims act violations.</li><li>Global FCPA Investigation. Represented a Fortune 500 company in an internal investigation of potential FCPA violations in Latin American and Asia-Pacific countries.</li><li>Asia-Pacific FCPA Investigation. Represented a leading global technology company in an internal investigation of potential FCPA violations in Asia-Pacific countries.</li><li>Global Risk Assessment. Assisted a technology company with significant international operations in conducting an anti-corruption risk assessment and is currently assisting the company with updating its policies, procedures, and training plan to reflect learnings from the assessment.</li><li>Global Risk Assessment. Represented a Fortune 500 company with significant operations in Asia and Latin America in conducting an anti-corruption risk assessment. Following the risk assessment, assisted with development of global compliance program, including developing policies and training, and procedures for screening third parties.</li></ul><h5>FCPA Due Diligence</h5><ul><li>Global Anti-Corruption Due Diligence. Represented a leading technology company in connection with anti-corruption due diligence of a U.S.-based target with significant operations in Asia and the Middle East.</li><li>FCPA Diligence of Medical Device Company. Represented a global medical device company in connection with anti-corruption diligence of a target with global operations.</li><li>Global Anti-Corruption Due Diligence. Represented a global technology company in connection with anti-corruption due diligence of a UK-based target with substantial business in Europe, Russia, India, Asia, and Latin America.</li><li>Global Anti-Corruption Due Diligence. Represented a Fortune 500 company in connection with anti-corruption diligence of an Africa-based target with significant operations in Africa and the Middle East.</li><li>Post-Acquisition FCPA/Compliance Review. Represented a Fortune 100 company with a post-acquisition anti-corruption compliance review of a newly acquired business with operations and significant government touch points in Russia, Eastern Europe, Northern Europe, North Africa, and the Middle East.</li></ul>

Stacey Sprenkel

Few lawyers in the world have Miriam Wugmeister’s breadth and understanding of privacy and data security laws, obligations, and practices. As co-chair of Morrison Foerster’s preeminent global Privacy + Data Security Group, Miriam is regularly called upon by some of the world’s largest and most complex multinational organizations to confront their most difficult U.S. and international privacy and cybersecurity challenges. Ranked among the top in the profession by all major directories, her clients say: “Miriam is the best privacy counsel in the country that I have ever worked with. Her advice is always spot-on, practical, and helpful, and her judgment is impeccable.” “Miriam is a true leader in her field. I appreciate her brilliance and expertise.” “She keeps up with a rapidly evolving area and is quick to answer the most challenging questions with practical guidance a business can use.” (Chambers USA).Miriam’s counsel is particularly prized for complex global privacy and data security incidents. She has navigated some of the largest and most consequential incidents in history, including assisting Mandiant when it discovered and warned the world about the SolarWinds compromise. Having helped hundreds of clients respond to cybersecurity incidents, Miriam is called upon to advise and educate boards of directors regarding cybersecurity and the key role that boards play in understanding and overseeing the potential risks. Miriam works with companies to develop comprehensive customized incident response plans, train staff, conduct extensive tabletop exercises, and address key issues with executive management. While she regularly advises clients on responses to ransomware attacks and other cyber extortion incidents, she works on all other aspects that arise in the context of large security incidents including communication strategies, notifications to customers, consumers, and regulators; public disclosures; interactions with law enforcement globally; litigation; and investigations by regulators around the world. Miriam advises organizations on the planning and execution of complex global compliance efforts and defends regulatory matters relating to privacy and cybersecurity in the United States and internationally.Miriam serves as a board member of the <a href="https://sustainability.adp.com/adp-innovation-strategy.html#:~:text=In%20harnessing%20the%20power%20of%20big%20data%20through,that%20involve%20artificial%20intelligence%2C%20ML%20and%20big%20data." target="_blank">ADP AI & Data Ethics Committee</a> and is a leader in <a href="/capabilities/artificial-intelligence" target="_self">MoFo’s AI Group</a>, a cross-practice team that provides sophisticated, full-service representation to a wide range of clients with companies that both develop and use cutting-edge, rapidly changing technology in the AI space. Miriam uses her extensive industry experience and collaborative global approach to provide her clients with fast access to the newest trends and developments in AI.As founder and leader of the Global Privacy Alliance (GPA), Miriam encourages the development of rational privacy laws around the world and monitors privacy practices, laws, and regulations globally. On behalf of the GPA’s members, she takes an active role in anticipating upcoming privacy legislation and educating regulators on the commercial implications of proposed regulations.Chambers USA and Chambers Global recommend Miriam in the top tier of privacy and data security lawyers worldwide, with clients commenting to Chambers USA that she is “extremely practical and phenomenally smart. Just about one of the best privacy advisers there is,” and The Legal 500 US recognizing her as a leading lawyer for her “professionalism and strong international presence.” For her work in data protection and privacy, Miriam was an inaugural inductee into The Legal 500 Hall of Fame, which is comprised of outstanding U.S. lawyers who have been recommended as The Legal 500’s Leading Lawyers for the last six consecutive years. The Cybersecurity Docket has recognized Miriam as one of its Incident Response 50, a list of the top data breach response lawyers globally. She has been named one of Financial Times’ Top 10 Innovative Lawyers in North America and a National Law Journal Cybersecurity and Data Privacy Trailblazer for her breakthrough work in this space. Miriam was also previously designated as an Ethisphere Attorney Who Matters and a BTI Client Service All-Star.

Miriam Wugmeister

ESG + Sustainability

Public Company Advisory & Governance

Social Enterprise + Impact Investing