Barrister Banter: Tim Crippen

The purpose of the series is to bridge the gap between junior and senior business lawyers in Oregon, fostering understanding and camaraderie. Read on to learn more about Tim’s choice to pursue a career in law, what being a business lawyer means to him, and his advice for junior and senior lawyers.

  1. Tell me about your path to being a lawyer. What inspired you to pursue this career? 

When I started college, I was interested in an academic career, but I realized I wanted more engagement with commerce and government, and I wanted more control over where I would live. Which, together, directed me to law school. My parents owned a small business most of my childhood, so representing closely held business owners and families felt like a natural fit.

  1. What is your practice area?

I am a business lawyer, which can mean a lot of things. I have run some very high-stakes and sophisticated M&A transactions working alongside lawyers at the world’s largest firms, but most of the time I am working with Oregon and Washington operating businesses and holding companies.

I spend a fair amount of time helping people and institutions in business crises, such as business break-ups or high-stakes regulatory issues.

  1. How long have you been in your current role?

I joined Black Helterline in 2012, became a partner in 2018, and have served as managing partner since January 1, 2026.

  1. How have you seen the practice change since you started practicing?

For many clients, the relationship with their lawyer is unusually personal. They’ll call at all hours, and often I’ll answer. That doesn’t happen with most other businesses they interact with, such as their medical providers, their cable company, or the taxing authorities.

That said, from private clients and individuals, expectations have evolved in healthy ways. Clients understand that work and life are blended, and they’re fine with an initial response like, “I’m not at my desk, but here are my preliminary thoughts and I’ll circle back.” I don’t feel stuck to my desk from 8 to 6, waiting in case the phone rings, but responsiveness and follow‑through matter as much as ever.

  1. What do you wish you had known before you started working as a new lawyer?

Execution matters. Being the smartest person, or the best public speaker, is good and important, but being the person who gets things done, especially under pressure and time constraints, matters a lot. And showing up consistently for people builds long-term trust, which is valuable for business development and valuable when things don’t go perfectly. This applies equally to coworkers, referral sources, and clients. For junior attorneys, showing up consistently shows your partners or supervisors that you’re dedicated to getting things right.

  1. What are your career highlights?

One highlight was working closely with the Oregon State University leadership and a passel of other excellent lawyers in the Pac-12’s recent transitions. Among other things, the OSU leadership are smart and tough, but also incredibly positive and supportive collaborators, which made a challenging situation manageable to work through.

For years I have worked with many different families, individuals, and closely-held businesses that I hope to steward for the next generation. These are rarely high-profile, but they are deep and satisfying relationships built on mutual trust and respect.

  1. What is your favorite part of the job?

Laughing with colleagues and clients while working on very tricky problems.

  1. What parts of the job do you wish you could outsource to AI?

So far, AI for me has been another smart colleague in the room. I’ll check what Claude has to say, then ask the appropriate folks in my office, then research what the state of the art is in treatises, cases, or other publications to inform the advice I give my client. AI has not replaced judgment and experience, but it is another resource to expedite and refine client service.

  1. What advice would you give a new business lawyer?

Make yourself interested in your clients—their businesses and industries, their families, and their long-term goals. Read voraciously on all kinds of topics, but especially on business and government news applicable to the communities you serve. If I did not find this stuff interesting, I would not have lasted three months.

  1. What advice would you give a senior lawyer who is charged with mentoring a new lawyer?

Every new lawyer has blind spots, and it behooves the senior lawyer to gently figure out what they are and help them fill those gaps. ♦

Understanding the Obligations of a Business Under the Oregon Consumer Privacy Act

Alec Marlega, Arnold Gallagher PC

Over the last decade, the collection and sale of consumer data have played an increasing role in online interactions. In response, states have implemented consumer privacy protections. Oregon joined this trend in 2023 with the passage of Senate Bill 619 and adoption of the Oregon Consumer Privacy Act (OCPA). At the highest level, OCPA regulates businesses that collect and sell consumer information. Data brokers are the prime target, but OCPA can also apply to businesses that incidentally collect or utilize consumer data. For example, a business that stores emails from past customers to send weekly adverts may be subject to OCPA depending on the number of consumers whose information is stored.

Whether learning about it from the news or third-party vendors, businesses have questions about OCPA. What is it? What do they need to do? The Oregon Attorney General, Legislature, and Courts will continue to refine the specifics, but this article seeks to provide a broad overview. As always, there are complexities beyond this article and OCPA may be modified and refined, so careful attention should be given before the collection and use of consumer data.

Who does OCPA apply to?

OCPA applies to any person or entity that conducts business in Oregon or provides products or services to Oregon residents and controls or processes (a) the personal data of 100,000 or more consumers (personal data processed solely for the purpose of completing a payment transaction is excluded) or (b) the personal data of 25,000 or more consumers if 25 percent or more of the person or entity’s annual gross revenue is derived from selling personal data. ORS 646A.572. “Personal data” is any unique identifier that is reasonably linkable to a consumer—for example, names, emails, phone numbers, login information, website visits, prior purchases, approximate location, and other information so long as it could be reasonably linked to a consumer. ORS 646A.570(13)(a). Under ORS 646A.570(7), “consumer” is limited to Oregon residents. If an entity stores or collects any information that could be reasonably linked to 100,000 Oregonians, OCPA applies, and if the information is sold, the lower threshold of 25,000 may apply.

Many entities may assume they are well below the 100,000-Oregonians threshold. Oregon’s population is about 4.2 million, so 100,000 is about 2.38 percent of the entire state. However, businesses should keep in mind that many websites may passively collect information that constitutes personal data. Additionally, it may not be possible to distinguish the personal data of Oregon consumers from the personal data of consumers from other states. Accordingly, an entity should review its online presence and determine all the information collected. This is especially true if the website is managed or hosted through a third-party vendor, as those agreements may contain boilerplate language that permits the third-party vendor to collect and use consumer data in ways beyond what an entity intends.

While most entities will need to consider OCPA, it does not apply to public bodies, and certain classes of data are excluded. ORS 646A.572(2). Employment data is excluded, but most other exclusions relate to data already covered by a different federal law. Although public bodies are exempt, 501(c)(3) entities are not (though 501(c)(3) entities did have an extended period to comply with OCPA that expired July 1, 2025).

Processor or controller?

Assuming OCPA applies, the next question is whether the person is a controller or a processor. The controller determines what data to process and the methods of processing. ORS 646A.570(8). Alternatively, a processor only processes the personal data on behalf of the controller. ORS 646A.570(15). The definition of processing includes any action, operation, or set of actions regarding personal data (such as collecting, storing, disclosing, analyzing, deleting, or modifying). ORS 646A.570(14).

For small businesses, the most common controller-processor relationship arises when a business (controller) contracts with a third-party vendor (processor) to collect and store consumer information. For example, assume there is a business called Widgets R’ Us that sells widgets and wants to establish an online storefront. It also wants to implement a loyalty program so it can track the spending trends of and provide targeted advertisements to its repeat customers. Widgets R’ Us uses a third-party vendor to set up its website (e.g., WordPress, Shopify, or Squarespace). To capture the data that Widgets R’ Us wants, it may authorize the third-party website vendor—let’s say Shopify in this example—to collect personal data from consumers that visit their webpage. In this scenario, Widgets R’ Us is the controller and Shopify is the processor.

Processors must adhere to instructions provided by the controller. There must be a binding contract between the processor and controller that specifies the rights and obligations of both parties and requires the processor to assist the controller in responding to OCPA requests. ORS 646A.581(1)-(2). The controller may require that the processor indemnify the controller for damages arising from the processor’s non-compliance with OCPA. However, the contract cannot relieve a controller from statutory liability for the processor’s actions. ORS 646A.581(3). Additionally, this allocation of risk can be a negotiation point. A smaller business like Widgets R’ Us may struggle to convince Shopify to modify its form terms. Regardless, it remains critical to review all terms to ensure compliance and that the controller can perform its OCPA obligations.

Consumer rights and how a controller can comply

OCPA grants consumers rights and imposes obligations on controllers and processors. Prior to processing data, a controller must provide a privacy notice. The privacy notice must (a) list the personal data collected, (b) describe the use of the personal data, (c) explain how a consumer may exercise their OCPA rights (including the appeals process), (d) list the personal data shared with third parties, (e) identify the categories of third parties that the controller shares the consumer’s personal data with, (f) provide an email or other contact method, (g) identify the controller, and (h) describe any processing for targeted advertising or profiling purposes (and how the consumer may opt out). ORS 646A.578(4). A controller may only process data as described in the privacy notice and only for the stated purposes. ORS 646A.578(1). Many websites incorporate a privacy link into the home page of their website. For example, Google has a privacy link on the bottom right of its home page that directs consumers to its privacy policies.

In addition to the privacy notice, a consumer may request (a) confirmation of whether the controller is processing the consumer’s data and the categories of personal data the controller processes, (b) the third parties the controller has disclosed the consumer’s personal data to, and (c) a copy of the consumer’s data the controller has processed. ORS 646A.574(1). A consumer may also request corrections, deletion of the consumer’s information, or opt out of the controller’s processing of the consumer’s data for targeted advertising, the sale of personal data, or profiling. ORS 646A.574(1).

Consumers must submit requests in the manner provided by the controller. ORS 646A.576. However, the manner must be consistent with the ways the consumer normally interacts with the controller. ORS 646A.578(5). For example, Widgets R’ Us can require that its loyalty members use an existing account, but it cannot require a new or additional account. Additionally, assuming most of the Widgets R’ Us’s consumers interact through the website, there should be a link on the webpage for the consumer to submit an OCPA request. Often this will be included as part of the privacy notice. If a business does not have the infrastructure for a direct opt-out link, it may list an email that consumers may submit OCPA requests to.

After the consumer has made their request, Widgets R’ Us must respond within forty-five days. ORS 646A.576(5)(a). If needed, Widgets R’ Us can request additional information to verify that the request is not fraudulent or notify the consumer that another forty-five days are needed to process the request. ORS 646A.576(5)(a, d). Widgets R’ Us must provide any information requested by the consumer free of charge but may charge a reasonable fee if a consumer makes multiple requests within a twelve-month period. ORS 646A.576(5)(c).

If Widgets R’ Us declines a consumer’s request, it must explain why and describe the appeals process. ORS 646A.576(5)(b). The appeals process must (a) allow a reasonable time, (b) be conspicuously available, (c) be similar to the process by which the consumer made its initial request, and (d) provide that the appeal must be ruled on within forty-five days. ORS 646A.576(6). This information should also be included in the privacy notice. If an appeal is rejected, Widgets R’ Us must provide the Oregon Attorney General’s contact information so the consumer may make a complaint if it wishes. ORS 646A.576(6)(d). As of this writing, the complaint form can be found at the Oregon Department of Justice’s website.

In addition to responding to requests, controllers need sufficient security measures to protect the data it collects from cyber-attacks or inadvertent disclosure. This includes data protection assessments if the processing involves targeted advertising, profiling, processing sensitive data, selling personal data, etc. ORS 646A.586(1). These assessments must weigh how processing data benefits the controller and consumers and the safeguards the controller employs to mitigate the risks. ORS 646A.586(2). All assessments must be retained for five years and can be requested by the Oregon Attorney General as part of an investigation. ORS 646A.586(2), (5). At a minimum, controllers must have safeguards to consistent with ORS 646A.622, which describes the compliant safeguards to protect from identity theft. ORS 646A.578(1)(c).

What are the requirements for sensitive data?

Sensitive data and the personal data of consumers under sixteen years of age are subject to heightened restrictions. “Sensitive data” is data that reveals a consumer’s racial or ethnic background, national origin, religious beliefs, mental or physical condition, sexual orientation, gender identity, status as a victim of a crime, or citizenship or immigration status; is the personal data of a child; precisely identifies the location of a consumer within 1,750 feet; or is genetic or biometric data. ORS 646A.570(18). A controller may not process any sensitive data without consent or, in the case of children, without compliance with the Children’s Online Privacy Protection Act of 1998. ORS 646A.578(2)(b). Further, a controller may not process any personal data for targeted advertising or profiling if the controller has actual knowledge or willfully disregards that the consumer is under sixteen years of age. ORS 646A.578(2)(c).

One possible way to obtain this consent is through a check-the-box system that pops up when a consumer first opens a website, which is becoming increasingly prevalent. This could be potentially paired with a link to the privacy notice and require the consumer acknowledge that they have reviewed the privacy notice and consent to the business’s processing of the consumer’s sensitive information. That said, regardless of consent, a controller may not sell personal data of a consumer if the controller has actual knowledge or willfully disregards that the consumer is under sixteen years of age or the data precisely locates a consumer with 1,750 feet. ORS 646A.578(2)(d).

What are the enforcement mechanisms?

Enforcement of OCPA lies exclusively with the Oregon Attorney General, who has broad discretion in investigating, so there is no private right of action (this is notably different from the California Consumer Protection Act, CCPA, which provides a private right of action). Following an investigation, the Oregon Attorney General may seek a civil penalty of not more than $7,500 per violation or to enjoin an ongoing violation. ORS 646A.589(4). If successful, the court may also award reasonable attorney fees and costs to the Oregon Attorney General. ORS 646A.589(4). Such claims must be brought in either Multnomah County or the circuit court of a county where any part of the violation occurred. ORS 646A.589(4). Actions must be brought within five years of the controller’s violation. ORS 646A.589(5). Although OCPA does not create a private right of action, the nature of data storage means that a controller liable for one violation may be liable for several, which could significantly compound the penalty.

What does OCPA mean in practice?

The Oregon Attorney General released an Enforcement Report in August 2025, which shed light on the enforcement of OCPA in its first year. Specifically, in the first year of enforcement 214 consumer privacy complaints were received. Enforcement Report: The Oregon Consumer Privacy Act, The First Year (August 2025). Of these, the most complaints (sixty-two) involved data brokers, with social media platforms as a close second. The most frequent complaint by a significant margin was a failure to delete data upon request. Assuming this continues, the best way for a controller to mitigate the risk of an OCPA complaint will likely be timely responding and complying with consumer requests.

While not the main target of OCPA, many businesses that operate online will be unable to ignore OCPA entirely. Even if a business believes it falls beneath the 100,000-Oregonians threshold, many websites passively collect information from its consumers. Additionally, the focus on consumer privacy rights continues to grow, so entities not currently subject to OCPA may wish to jump-start compliance to show consumers a respect for privacy. As bigger tech companies require OCPA compliant systems from smaller partners, it may be in an entity’s best interest to comply even if not legally required.

As mentioned above, Oregon is not the first to adopt consumer privacy protections. California adopted the CCPA as one of the first state consumer privacy protection acts, and it is the one most likely to be explicitly referenced. While anecdotal, I have seen recent data processing agreements defining “Data Protection Laws” as state privacy laws, including the CCPA and similar state privacy laws. This language reflects the difficulty in capturing different laws that have the same goals and are very similar but are not identical. For example, CCPA provides a private right of action and has slightly different applicability thresholds than OCPA. Absent a uniform code, businesses should be careful of a national third-party vendor relying solely on its CCPA compliance as proof it has covered all consumer privacy protections. OCPA is very similar to CCPA, but it is not identical, so businesses should ensure all OCPA required privacy notices and practices are in place because, ultimately, liability under the statute rests with the business. ♦

Representations and Warranties Insurance in M&A Transactions: An Overview and Evolving Market Trends

Mark Reinhardt, Best Best & Krieger LLP

Representations and warranties insurance (RWI) has moved from a niche product used primarily by private equity buyers to a mainstream feature of middle-market M&A transactions. Indeed, a recent report from an Am Law 200 firm states that nearly thirty underwriters now offer RWI and that, in its 2024 deal set, the product was used in 89 percent of transactions with enterprise values between $100 million and $1 billion, and in 63 percent of deals with enterprise values between $25 million and $100 million. For those advising clients on acquisitions or exits of sufficient value, understanding how RWI works, and how it has reshaped deal terms and purchase agreement provisions in recent years, is essential.

What is RWI?

RWI is a specialized insurance product that covers losses arising from breaches of representations and warranties in a purchase agreement. Instead of relying solely on a seller’s indemnification obligations, a buyer can recover covered losses from an insurer. In a typical transaction, the buyer purchases the policy (though sell-side policies are also used in certain situations). The policy effectively shifts a portion of post-closing risk from the contracting parties to a third-party insurer.

RWI generally does not eliminate the need for buyer due diligence or negotiated representations and warranties, as insurers rely heavily on the buyer’s diligence process and the negotiated agreement when underwriting coverage. However, RWI can significantly reduce deal friction in negotiating risk allocation between the contracting parties.

In some cases, a buyer can even obtain insurance coverage for representations, warranties, and indemnities that the buyer wants but the seller is unwilling (or unable) to give in the transaction documents, for example, in distressed M&A transactions. This form of insurance is commonly known as “synthetic warranty and indemnity (W&I) insurance.” A synthetic W&I policy “deems” a set of representations and warranties to have been given in the transaction documents, and the buyer’s recourse for any breach or inaccuracy of such deemed representations or warranties is solely against the insurer, not the seller

RWI can benefit both buyers and sellers

For sellers with sufficient deal leverage and transactions with sufficient enterprise value (usually over $20 million), it is becoming increasingly common to require the buyer to obtain an RWI policy because it gives the seller a cleaner exit and faster access to proceeds.

  • Reduced escrow and indemnity exposure. In a traditional M&A deal, sellers place a portion of the purchase price in escrow, or allow the buyer to “holdback” a portion of the purchase price, to secure indemnification obligations. With RWI, that escrow is often significantly reduced (or eliminated), because the buyer looks primarily to the insurer for recovery.
  • Greater certainty of proceeds. By minimizing or eliminating post-closing indemnity exposure, sellers can distribute proceeds more quickly and with greater confidence that they will not be clawed back.
  • Reduced post-closing friction. When claims are directed to an insurer rather than the seller, the likelihood of having to deal with post-closing disputes and the strain they place on ongoing relationships where the seller remains involved in the business is reduced.

An important caveat to these seller benefits is that they can be significantly undermined if the insurer is allowed to pay the buyer’s claim and then pursue the seller by subrogation. As such, sellers and their counsel often insist on reviewing and approving the RWI policy’s non-subrogation provisions, even where the buyer is the one obtaining the policy. In a typical buyer-side RWI policy, insurers often agree that, except in narrowly defined circumstances such as actual fraud by the seller, the insurer will have no right of recourse against the seller after paying a covered claim. However, sellers and their counsel may have to request these non-subrogation provisions if the insurer’s form does not include them by default.

Buyers can also obtain significant advantages from RWI, particularly in competitive auction processes.

  • Enhanced bid competitiveness. Buyers can offer more seller-friendly terms, such as reduced escrows and indemnity caps, without sacrificing protection, making their bids more attractive.
  • Broader and more reliable recovery. RWI policies may provide coverage that exceeds the indemnities a seller would otherwise agree to, both in scope and duration. In addition, buyers gain access to a creditworthy insurer rather than relying on the seller’s post-closing solvency.
  • Facilitation of deals with limited seller indemnity. RWI is especially useful in transactions involving financial sponsors, dispersed shareholders, or distressed sellers who are unwilling or unable to provide robust indemnification.

Both buyers and sellers (and their respective deal counsel) can also benefit from the ways RWI helps bridge gaps on contentious indemnity issues such as caps, baskets, materiality scrapes, sandbagging, and survival periods. In some cases, deals that might otherwise stall over these terms can move forward with RWI.

Impact on purchase agreement terms

The rise of RWI has materially reshaped several core M&A deal terms over the past fifteen years.

  • Decline in escrow holdbacks. One of the most visible changes is the reduction in escrow size and frequency. In RWI-backed deals, escrow amounts have dropped dramatically, often to around 0.5 percent of transaction value, compared to significantly higher levels in non-RWI transactions. More recent data confirms this trend, with indemnification escrows in RWI deals averaging roughly 1 to 2 percent of transaction value.
  • Lower indemnity caps. RWI has also driven down indemnity caps. Sellers in insured deals often negotiate caps in the low single digits as a percentage of transaction value, compared to materially higher caps in traditional deals.
  • Shorter survival periods. Because the insurer provides coverage for a defined period (often several years), sellers frequently negotiate shorter survival periods for representations and warranties.
  • Increased use of “no-survival” structures. In some transactions, sellers provide little or no post-closing indemnity for general representations, with the RWI policy serving as the primary recourse. These “no-survival” deals can streamline negotiations and accelerate closing.

RWI has also affected

  • materiality scrapes (now widely accepted, in part because insurers favor them);
  • sandbagging provisions (less heavily negotiated due to policy exclusions for known breaches); and
  • separate escrows for purchase price adjustments (increasingly common as indemnity escrows decrease).

Overall, RWI has shifted risk allocation away from bilateral negotiation and toward insurance-backed solutions.

RWI pricing

RWI pricing has become more competitive over time. Current premiums typically fall in the range of approximately 2.5 percent to 4 percent of the policy limit (for example, the premium for $10 million in coverage may cost between $250,000 and $400,000), with many U.S. deals clustering around the lower end of that range.

In addition to the premium, buyers should expect an underwriting fee (often $40,000 to $50,000) and coverage limits that are commonly set at 10–15 percent of enterprise value. These costs are usually treated as transaction expenses and are often borne by the buyer, though cost-sharing arrangements are negotiable.

RWI retention and deductible

RWI policies include a retention (similar to a deductible), typically around 1 percent of transaction value. Historically, sellers covered the first half of the retention amount (often through an escrow), with the buyer paying the second half of the retention. However, modern deals increasingly shift the entire retention to the buyer and eliminate seller participation altogether, particularly in competitive auctions or “no-survival” structures.

What kinds of deals are best suited for RWI?

RWI is particularly well-suited for

  • auction processes where buyers seek to differentiate bids;
  • transactions involving private equity sellers requiring a clean exit;
  • deals with numerous or passive shareholders;
  • cross-border transactions with enforcement concerns; and
  • situations where ongoing relationships between buyer and seller are anticipated.

While there is no bright-line rule, RWI is generally more cost-effective for transactions above $20 million to $50 million. Below that range, premiums and underwriting costs may be disproportionate to the benefits, and insurers may be less willing to participate.

Deal factors that may limit RWI usefulness

Despite its advantages, RWI is not appropriate for every transaction.

  • Smaller deal sizes. As noted above, cost considerations can outweigh benefits in lower-value deals.
  • Known risks. RWI typically excludes known issues, making it less useful where diligence reveals material problems.
  • Complex or high-risk industries. For certain risks, such as environmental liabilities or specific regulatory exposures, the insurer may insist on significantly narrowing or excluding certain coverage by including “deemed amendments” in the RWI policy to the representations and warranties contained in the purchase agreement being insured.

Additionally, RWI generally does not cover covenant breaches or purchase price adjustments.

Recent trends in RWI

Over the past five years, RWI costs have come down dramatically from 2021 highs, when premiums often ranged between 4 percent and 5 percent of enterprise value, to premiums as low as 2 percent in 2024. But costs have begun rising again slowly, with 2025 premiums generally hovering in the 2.5 percent to 3.5 percent range as of the end of 2025.

If there is a single development that has most changed the practical use of RWI in the past five years, it may be the increase in the amount and severity of claims being made on RWI policies. Aon said in its 2025 Transaction Solutions Global Claims Study that it handled more than 1,600 global transaction-insurance claims and secured $1.75 billion in recoveries for clients, including more than $1.4 billion in North American R&W recoveries through Q4 2024 and more than $300 million paid in 2024 alone. Euclid said in its 2024 claims study that severe claims were on the rise and that claims experience should become an increasingly important factor in deciding which RWI carrier to use. WTW then said in their 2026 claims report that in 2025 its North American clients recovered more than $150 million, with an average resolved claim payment of about $7.3 million, or roughly half of the applicable policy limit. Aon and WTW also point to the same loss drivers: financial statements, material contracts or customer issues, and compliance-with-laws breaches account for a disproportionate share of serious paid claims.

A further major development is that RWI is no longer confined to classic control acquisitions. In 2025, WTW reported that 2024 brought new coverage options for minority investments and broader use of RWI in distressed and bankruptcy deals. In a separate 2024 note, WTW said some minority investors can now obtain non-prorated coverage on a case-by-case basis, departing from the traditional practice of prorating recovery to the investor’s post-closing equity stake. Additionally, although synthetic W&I insurance remains primarily associated with distressed transactions, it is now also being used in asset-heavy sectors such as energy and in mainstream M&A.

Lastly, and perhaps most durably, deal teams now integrate RWI earlier, with parties thinking about limits, retentions, exclusions, and underwriting timing during diligence scoping and term-sheet negotiations. As the market has matured, RWI has evolved from being a bolt-on policy to being part of the way sophisticated buyers scope diligence, draft agreements, and choose counterparties from the outset.

Conclusion

Representations and warranties insurance has fundamentally reshaped the M&A landscape over the past decade. For those advising clients in M&A transactions involving enterprise values of $20 million or more, RWI is a central tool in modern dealmaking, with implications for drafting, negotiation strategy, and client counseling. Understanding when RWI adds value (and when it does not) is a critical part of delivering effective transactional advice in today’s market. The next chapter in RWI will likely be less about whether the product is available and more about where it is worth using, how it is structured, and which insurers have earned the market’s trust when a claim arrives. ♦

Valerie Sasaki’s 2026 Legislative Session Update

Valerie Sasaki, Samuels Yoelin Kantor LLP

At the beginning of the 2026 regular (short) session, the Oregon Legislature was looking at a budget gap of approximately $750 million. Over the session, the gap decreased, but it never really went away. This was, in part, due to the federal bill HR 1 (One Big Beautiful Bill Act). However, more locally, ongoing angst about the transportation package once again took all the oxygen out of the room. SB1601 moved $218 million from other programs to try and fill the budget hole.

As we’ve seen in the past with SB1507, Oregon disconnected from the Internal Revenue Code in two major ways: it disconnected from bonus depreciation and disconnected from federal treatment of qualified small business stock sales. To their credit, even the legislature knew this was bad. To try to improve the optics on this revenue raiser, the legislature also implemented a $1,000-per-job tax credit for businesses that hire new employees (maximum of 12,500 new jobs). The legislature also increased the percentage of the federal earned income tax credit that Oregonians can take on their returns from 9 percent to 14 percent.

More helpfully, SB1510 extended the preferential tax treatment for owners of pass-through entities to tax years beginning before January 1, 2028 and permits the carryforward of overpayments under this regime to estimated tax payments for those years. It also made commercials eligible for the Film Credit and gave tribal governments more leeway to direct gas tax revenue for sales on tribal lands.

The legislature made a few minor tweaks: HB4052 implemented a new corporate excise tax credit for new Oregon chartered banks that start business between January 1, 2027 and December 31, 2032. HB4130 extended the farm special use assessment to land under agricultural processing facilities. Finally, the legislature did some light housekeeping around who can represent taxpayers at the Oregon Tax Court’s Magistrate Division.

Local governments have been struggling to find funds to provide basic services to their residents. HB4134 increased the transient lodging tax (TLT) from 1.5 percent to 2.75 percent. This will show up on travelers’ invoices as the “nature conservation fee.” HB4148 increases the percentage of the TLT that local governments are able to use for general services.

SB1501 essentially creates a special taxing district and redirects payroll taxes from workers in the Rose Quarter and income taxes from performers who perform there to an Oregon Arena Fund. Talk about a needle to thread—the bill tries to say that Oregonians in general won’t have to pay for this bill, but it also says that the legislature anticipates issuing $365 million in debt to support the construction and renovation project.

Several good ideas went by the wayside, including comprehensive tax reform, an estate tax exemption increase, studying Oregon’s taxation of international income, various proposals to reform the sacred cow that is the kicker, and improve budgeting methodology (which feeds into improving the kicker). I expect we’ll see some of those back in 2027’s long session! ♦