Jonathan S. Kolodner serves as the firm’s general counsel.

As an active partner, Jonathan’s practice also focuses on white-collar criminal enforcement and regulatory matters as well as complex commercial litigation. He represents clients in investigations involving a range of misconduct, including foreign corruption, fraud, insider trading, money laundering, and antitrust offenses. He also advises companies on cybersecurity and data privacy issues, and counsels clients on best practices for anti-corruption and cyber-related compliance programs.

Before joining Cleary Gottlieb, Jonathan was a prosecutor with the U.S. Attorney’s Office for the Southern District of New York from 2000 to 2012, where he served in numerous leadership positions and oversaw some of the highest-profile investigations and prosecutions in the country. He served as Acting Chief of the Criminal Division from October 2011 through January 2012. In that role, he supervised the Office’s more than 160 prosecutors in various matters including securities fraud, public corruption, cybercrime, terrorism and violent crimes.

Prior to that, Jonathan spent several years as the Chief of the Complex Frauds Unit. In this capacity, he oversaw 20 senior prosecutors investigating sophisticated, large-scale white-collar crimes ranging from financial and investment matters to Foreign Corrupt Practices Act (FCPA) violations and computer and intellectual property offenses like hacking, theft of trade secrets and other cybercrimes. In addition, from 2006 to 2008, Jonathan was a Deputy Chief of Criminal Appeals, where he oversaw dozens of appellate matters and handled numerous arguments before the U.S. Court of Appeals for the Second Circuit.

Jonathan also spent four years as an Assistant U.S. Attorney in the Organized Crime and Terrorism Unit and has represented the United States in more than 12 jury trials. In 2008, he was awarded the U.S. Department of Justice’s Director’s Award for Superior Performance in connection with his prosecution of over 30 members and associates of the Genovese organized crime family.

Jonathan joined the firm as counsel in 2012, became a partner in 2014, and became the firm’s general counsel in 2023.

Notable Experience

Enforcement and Civil Litigation

  • Citigroup in connection with investigations and civil litigation involving financial benchmarks, including LIBOR, foreign exchange trading (FX), and ISDAFIX, conducted by the DOJ, CFTC, SEC and other regulators around the world.

  • A global manufacturing company in connection with an internal review and grand jury investigation conducted by the U.S. Attorney’s Office for the Southern District of New York relating to allegations of fraud in safety testing.

  • Citigroup in connection with investigations relating to sovereign bond trading.

  • A global financial institution in a grand jury investigation conducted by the U.S. Attorney’s Office for the Southern District of New York of that institution’s Sarbanes-Oxley reporting process.

  • A global financial institution in an investigation conducted by the U.S. Department of Justice, the SEC, and various state securities regulators relating to the Facebook initial public offering.

  • Multiple firms and individuals in insider trading investigations conducted by the SEC and DOJ.

See More

Anti-Corruption Investigations and Compliance

  • A global real estate and asset management company in connection with an internal FCPA investigation, and related DOJ and SEC investigation, involving subsidiaries in Brazil.

  • Alfred C. Toepfer International (a subsidiary of ADM) in an FCPA investigation involving alleged bribery in Ukraine, including in its settlement with the DOJ.

  • A multinational metals and mining corporation in an investigation of alleged corruption in Latin America.

  • A major financial institution in an investigation into the activities of Unaoil S.A.M., which was alleged in a series of press reports in 2016 to have been involved in facilitating the payment of bribes in various jurisdictions, and in connection with related investigations by the DOJ and UK Serious Fraud Office.

  • A Southeast Asian oil and gas company in investigation of alleged corruption and potential FCPA violations in Southeast Asia and Brazil.

  • Saipem S.p.A. in a DOJ FCPA investigation in Italy and Algeria.

  • An annual review of anti-corruption compliance policies and annual global training sessions for business, legal and compliance executives for a global alternative asset manager with $250 billion in assets under management.

  • A corruption risk assessment for a paper and pulp company involving multiple jurisdictions in Latin America, including Chile.

  • A corruption risk assessment, including overseeing a forensic review, for the Chinese operations of a major international consumer products company.

See More

Cybersecurity and Data Privacy

  • An enterprise information management company in connection with a data breach and breach notifications in the U.S., Canada, and more than 10 other jurisdictions.

  • A multinational travel industry participant in connection with breach notifications following a cyber-attack.

  • An insurance company in connection with the implementation of the NYDFS’s cybersecurity regulations.

  • An internal investigation for a trading firm relating to a potential data breach.

See More

SELECTED ACTIVITIES

trigger
  • Lecturer-in-Law, Columbia Law School

Publications

September 26, 2024: “DOJ Announces Revision to Compliance Guidance Focused on AI, Whistleblower Reporting, and Other Areas,” Cleary Gottlieb Alert Memorandum, (co-authored with David A. Last, Lisa Vicens, Rahul Mukhi, and Andres Saenz)

July 26, 2024: “SDNY Court Dismisses Several SEC Claims Against SolarWinds and its CISO,” Cleary Gottlieb Alert Memorandum, (co-authored with Francesca L. Odell, Rahul Mukhi, Michael John Kowiak, Matthew C. Solomon, and Thomas A. Bednar) 

April 24, 2024: “U.S. Cybersecurity Agency Proposes Regulation to Require Cyber Incident Reporting,” Cleary Gottlieb Alert Memorandum, (co-authored with Rahul Mukhi and Michael John Kowiak) 

January 25, 2024: “Crossing a New Threshold for Material Cybersecurity Incident Reporting,” Selected Issues for Boards of Directors in 2024 (Republished by New York University School of Law’s Program on Corporate Compliance and Enforcement on January 25, 2024) 

January 23, 2024: “SDNY Announces Whistleblower Pilot Program For Individuals Who Self-Disclose Wrongdoing Involving Business Organizations,” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim, Victor L. Hou, Rahul Mukhi, and Roberta Mayerle)

June 6, 2023: “Recent Developments In Data Privacy Enforcement In Brazil And A Comparison With The U.S. Regime,” Cleary Cybersecurity and Privacy blog, (co-authored with Rahul Mukhi, Pedro Martini, and Roberta Mayerle)

March 20, 2023: “Department of Justice Announces Revisions to Criminal Division Policies,” Cleary Enforcement Watch blog, (co-authored with Jennifer Kennedy Park, Lisa Vicens, Andres Felipe Saenz, and Roberta Mayerle)

March 16, 2023: “SEC Charges Public Company For Alleged Misleading Disclosures Surrounding Ransomware Attack,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Rahul Mukhi, Lilianna Rembar, and Jackie M. Brune)

February 27, 2023: “U.S. Attorney’s Offices Issue Nationwide Corporate Voluntary Self-Disclosure Policy” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim, Lev Dassin, Lisa Vicens, Andres Felipe Saenz, and Roberta Mayerle)

January 23, 2023: “U.S. Department of Justice Announces Revisions to Corporate Criminal Enforcement Policy,” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim, Lisa Vicens, Andres Felipe Saenz, and Roberta Mayerle)

December 5, 2022: “DOJ Provides Updates on FCPA and Corporate Criminal Enforcement Trends at International Conference on the FCPA,” Cleary Enforcement Watch blog, (co-authored with Lisa Vicens and Andres Felipe Saenz)

August 29, 2022: “Second Circuit Upholds District Court’s Rejection of DOJ Attempt to Expand Extraterritorial Reach of FCPA Through Agency Liability,” Cleary Enforcement Watch blog, (co-authored with Lisa Vicens and Andres Felipe Saenz)

March 3, 2022: “U.S. Senate Fast Tracks Major Cybersecurity Legislation in Response to Russia Threat,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Rahul Mukhi and Anthony Shults) 

January 27, 2022: “2021 Cybersecurity and Privacy Developments in the United States,” Cleary Gottlieb Alert Memorandum, (co-authored with Daniel Ilan, Rahul Mukhi, Anthony M. Shults, Aaron Francis, Hyatt Mustefa, Lilianna (Anna) Rembar, Melissa Faragasso)

January 7, 2022: “The Federal Trade Commission Warns Companies to Remediate the “Log4j” Software Security Vulnerability,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Anthony Shults)

December 22, 2021: “White House Issues Strategy on Countering Corruption,” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim and Lisa Vicens) 

December 14, 2021: “New US Enforcement Priorities and Their Impact on Latin American Companies,” The Guide to Managing a Corporate Crisis, Latin Lawyer, (co-authored with Francesca Odell and Lisa Vicens) 

December 8, 2021: “The Office of the Comptroller of the Currency Warns of Increasingly Complex Cyber Risks for Banks,” Cleary Cybersecurity and Privacy Watch (co-authored with Rahul Mukhi & Anthony M. Shults); republished by The Banking Law Journal, March 2022

November 23, 2021: “Second Circuit Rules Foreign State-Owned Bank Does Not Have Sovereign Immunity From Criminal Prosecution,” Cleary Gottlieb Alert Memorandum, (co-authored with Carmine D. Boccuzzi Jr., Rahul Mukhi, Boaz S. Morag, Rathna Ramamurthi, Hyatt Mustefa, Matthew D. Slater)

November 1, 2021: “DOJ Announces First Set of Revisions Strengthening Corporate Criminal Enforcement Policies,” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim, Lisa Vicens, Andres Felipe Saenz) 

October 28, 2021: “Anti-Corruption Compliance: Bribery & FCPA,” Compliance & Legal Risk podcast by Georgetown Law and EY (with Lisa Vicens)

August 16, 2021: “SEC Enforcement Action Against Poloniex Signals Heightened Scrutiny for Crypto Exchanges,” Cleary Cybersecurity and Privacy Watch (co-authored with Lisa Vicens,  Rahul Mukhi & Megan Lindgren)

July 30, 2021: “DOJ Indicts Founder of Nikola for Allegedly Defrauding Retail SPAC Investors,” Cleary Enforcement Watch blog, (co-authored with Rahul Mukhi, Jared Gerber and JD Colavecchio) 

February 15, 2021: “D.C. District Court Rejects Privilege Claim for Post-Data Breach Forensic Report,” Cleary Cybersecurity and Privacy Watch blog, (co-authored Rahul Mukhi, Alexis Collins and Claire Santiago)

February 11, 2021: “Representing Corporations in United States Attorney’s Office and DOJ Investigations,” Defending Corporations and Individuals in Government Investigations, Thomson Reuters, 5th Edition 2020, (co-authored with Lev L. Dassin and Rahul Mukhi) 

February 1, 2021: “The Changing Landscape in Brazilian Investigations Since Lava Jato,” The Guide to Managing a Corporate Crisis, Latin Lawyer, (co-authored with Breon Peace and Lisa Vicens) 

January 25, 2021: “2020 Cybersecurity and Privacy Developments A Year in Review,” Cleary Gottlieb Alert Memorandum, (co-authored with Katherine Mooney Carroll, Alexis Collins, Daniel Ilan, Rahul Mukhi, Daniel Montgomery, Natalie Farmer, Emmanuel Ronco) 

October 9, 2020: “SDNY District Court Rules Foreign Sovereigns Are Not Immune From Criminal Jurisdiction In U.S. Court,” Cleary Gottlieb Alert Memorandum, (co-authored with Matthew D. Slater, Carmine D. Boccuzzi Jr., Rahul Mukhi, Boaz S. Morag, Rathna Ramamurthi, and Hyatt Mustefa)

July 9, 2020: “DOJ and SEC Release Updated FCPA Resource Guide,” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim, Lisa Vicens and James Corsiglia) 

June 9, 2020: “DOJ Updates Guidance Regarding Corporate Compliance Programs,” Cleary Gottlieb Alert Memorandum, (co-authored with Jennifer Kennedy Park, Lisa Vicens, Andres Felipe Saenz, Nicholas A. LaPalme)

April 22, 2020: “The Seventh Circuit Holds That Lack of Disclosure and Informed Consent Under Biometric Information Privacy Act Satisfies Article III Standing Requirement,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Alexis Collins, Rahul Mukhi, and Adam Motiwala)

April 22, 2020: “CISA Alert: North Korean Cyber Threat Poses Increased Risk for Financial Institutions,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Joon H. Kim, Katherine Mooney Carroll, Rahul Mukhi, and Nicholas A. LaPalme)

April 13, 2020: “The CARES Act and Mitigating False Claims Act Risk,” Cleary Gottlieb Alert Memorandum, (co-authored with Breon S. Peace, Jennifer Kennedy Park, Lisa Vicens, and Charity E. Lee); republished by Pratt’s Government Contracting Law Report, July 2020

April 1, 2020: “Accountability and Enforcement Under the CARES Act,” Cleary Gottlieb Alert Memorandum, (co-authored with Joon H. Kim, Lisa Vicens, and Natalie Noble); republished by The NYU Program on Corporate Compliance & Enforcement, April 6, 2020.

March 27, 2020: “FINRA Releases Notice On Cybersecurity Measures In light of COVID-19 Pandemic,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Katherine Mooney Carroll, Rahul Mukhi, Alexis Collins, and Adam Motiwala)

March 27, 2020: “Insider Trading Risk During the COVID-19 Outbreak,” Cleary Gottlieb Alert Memorandum, (co-authored with Rahul Mukhi, Joon H. Kim, Francesca L. Odell, and Shannon Daugherty); republished on the Harvard Law School Forum on Corporate Governance, April 14, 2020.

March 16, 2020: “Managing Cyber Risk During COVID-19 Response,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Rahul Mukhi and Katherine Mooney Carroll)

March 16, 2020: “California AG Proposes Second Round of Modifications to CCPA Regulations,” Cleary Gottlieb Alert Memorandum, (co-authored with Katherine Mooney Carroll, Alexis Collins, Daniel Ilan, Rahul Mukhi, Michelle Butler and Jane C. Rosen)

February 12, 2020: “California AG Proposes Modified CCPA Regulations,” Cleary Gottlieb Alert Memorandum, (co-authored with Katherine Mooney Carroll, Alexis Collins, Daniel Ilan, Rahul Mukhi, Michelle Butler and Jane C. Rosen)

January 31, 2020: “2019 Cybersecurity Developments: A Year in Review,” Cleary Gottlieb Alert Memorandum, (co-authored with Daniel Ilan, Rahul Mukhi, James Norris-Jones, Emmanuel Ronco, Katherine Mooney Carroll and Alexis Collins)

January 13, 2020: “Second Circuit: Criminal Fraud Statutes Do Not Require Prosecutors to Show that Tippers in Insider-Trading Cases Received a ‘Personal Benefit,’” Cleary Gottlieb Alert Memorandum, (co-authored with David E. Brodsky, Lev L. Dassin, Victor L. Hou, Robin M. Bergen, and Matthew C. Solomon)

November 20, 2019: “Latest FTC Data Privacy Settlement May Signal More Direct Approach to Regulating Data Security,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Alexis Collins and Richard Cipolla), republished by the Privacy & Cybersecurity Law Report, April, 2020.

October 16, 2019: “United Kingdom and United States Governments Sign First-Ever CLOUD Act Agreement,” Cleary Cybersecurity and Privacy Watch blog, (co-authored with Nowell Bamberger, Rahul Mukhi, Alexis Collins, and Kal Blassberger), republished by the Privacy & Cybersecurity Law Report.

September 24, 2019: “California Consumer Privacy Act Amendments Offer Relief, but Challenges Remain,” Cleary Gottlieb Alert Memorandum, (co-authored with Katherine Mooney Carroll, Daniel Ilan, Rahul Mukhi, Alexis Collins, Jane C. Rosen, and Whitney Alexandra Lee)

August 5, 2019: “July 2019 Privacy and Cybersecurity Enforcement: Lessons for Management and Directors,”Cleary Cybersecurity and Privacy Watch blog, (co-authored with Pamela L. Marcogliese, Alexis Collins, Rahul Mukhi, and Anne Titus Hilby), republished by Law360.

July 2019: “Recent Cyber Security and Data Privacy Developments,” Financier Worldwide, (co-authored with Rahul Mukhi and Katherine Mooney Carroll) 

April 3, 2019: “DOJ Updates FCPA Corporate Enforcement Policy,” (co-authored with Lisa Vicens and Lorena Michelen), republished by the NYU Program on Compliance and Enforcement.

January 29, 2019: “2018 Cybersecurity and Data Privacy Developments: A Year in Review,” (co-authored with Daniel Ilan, Pamela L. Marcogliese, Rahul Mukhi, Katherine Mooney Carroll, Alexis Collins, and Emmanuel Ronco), republished by The Columbia Law School Blue Sky Blog

December 21, 2018: D.C. Circuit Rules in Special Counsel Mueller Investigation That State-Owned Corporations Are Subject to Criminal Jurisdiction in the United StatesCleary Enforcement Watch blog, (co-authored with Carmine Boccuzzi, Joon Kim, Rahul Mukhi, and Rathna Ramamurthi)republished by Law360

July 19, 2018: “FOIA Disclosure of Federal Compliance Documents?,” Harvard Law School Forum on Corporate Governance and Financial Regulation(co-authored with Abena Mainoo, Lisa Vicens, and Charity Lee)

July 16, 2018: “DOJ Announces New Inter-Agency Task Force on Market Integrity and Consumer Fraud,” (co-authored with Rahul Mukhi and Erin C. Gallagher)  

July 13, 2018: “California’s Groundbreaking Privacy Law: The New Front Line in the U.S. Privacy Debate,” (with Michael H. Krimminger, Katherine Mooney Carroll, Pamela L. Marcogliese, Daniel Ilan, Rahul Mukhi, Alexis Collins, Gareth Kristensen, Jane C. Rosen, Martha E. Vega-Gonzalez, and Anne Titus Hilby) 

July 2, 2018: “Divided Supreme Court Requires Warrants for Cell Phone Location Data,” (co-authored with Rahul Mukhi, Alexis Collins, Laura Gavin, Anne Titus Hilby, and Tanner Works Mathison)

April 2, 2018: “The SEC Cyber Unit’s First 6 Months, and What’s Ahead,”

Law360 (co-authored with Matthew Solomon, Rahul Mukhi, and Anne Titus Hilby)

March 16, 2018: “FBI Director: FBI Might Not Share Information With Adversarial Authoritie,” (co-authored with Rahul Mukhi and Joseph M. Kay) 

March 12, 2018: “Recent Enforcement Actions by Regulators Show Continued Focus on Cybersecurity and Data Protection Issues,” (co-authored with Jonathan S. Kolodner and Richard Cipolla) 

February 9, 2018: “Cleary Discusses Cybersecurity and Data Privacy Developments:  A Look Back on 2017 and Ahead to 2018,” Columbia Law School Blue Sky Blog (co-authored with Daniel Ilan and Rahul Mukhi)

January 19, 2018: “How The Cybersecurity Legal Landscape Changed In 2017,” Law360 (co-authored with Daniel Ilan and Rahul Mukhi)

January 11, 2018: “Illinois Appellate Court Holds That Mere Technical Violations Of Data Privacy Statute Are Insufficient To State A Claim,” (co-authored with Rahul Mukhi and Gregory N. Wolfe) 

January 4, 2018: “Second Circuit Issues Order Affirming Dismissal of Data Privacy Class Action Suit,” (co-authored with Rahul Mukhi and Richard Cipolla) 

December 21, 2017: “Massachusetts Attorney General Settles For Data Breach Over Stolen Laptop—Sign of Increased Enforcement Scrutiny?,” (co-authored with Rahul Mukhi and Richard Cipolla)

December 11, 2017: “The SEC Warns That Celebrity Endorsements of Virtual Currency May Violate Federal Securities Laws,” (co-authored with Rahul Mukhi)

November 28, 2017: “With Equifax Looming, Split on Standing in Data Breach Cases Grows With Recent Decisions,” Pratt’s Privacy & Cybersecurity Law Report, (co-authored with Rahul Mukhi and Tanner Mathison) 

November 14, 2017: “In Wake of the Equifax Breach, New York’s Attorney General Proposes New, Stricter Data Privacy Law” (co-authored with Rahul Mukhi and Richard Cipolla) 

July 16, 2017: “Seventh Circuit Upholds First-Ever Federal Spoofing Conviction,” Colombia Law School Blue Sky Blog (co-authored with Lewis Liman and Matt Solomon) 

July 11, 2017: “Cleary Gottlieb Discusses Recent Cyber-Attack Developments,” Columbia Law School Blue Sky Blog

February 28, 2017: “GC Whistleblowing and Other Implications from Bio-Rad,” Law360 

January 2017: “New York Regulators Propose Cybersecurity Requirements for Financial Institutions,” Pratt’s Privacy & Cybersecurity Law Report

June 14, 2014: “Eleventh Circuit Confirms that Bribes Paid to Employees of State-Owned or Controlled Companies Violate the U.S. Foreign Corrupt Practices Act,” Mondaq

October 2013: “Why Financial Statements Matter: Enforcement and Litigation Implications,” The Banking Law Journal 

August 5, 2013: “Impact of International Anti-Corruption Laws on UAE Companies,” The Oath

December 18, 2013: “Representing Corporations in United States Attorney’s Office and DOJ Investigations,” (co-author) Defending Corporations and Individuals in Government Investigations, West, 2012-13 Edition

December 3, 2012: “The New FCPA Guidance: Key Points for CCOs” Breon S. Peace and Jonathan Kolodner, Compliance Reporter, pp. 10-11.

Events