Liability for faking compliance – a new-fashioned type of deterrence?

I have long felt that C&E programs should do more to appeal to the better angels of our nature. (For more information on how “pro-social” qualities can be built on to promote more ethical workplaces, see this research page from the Ethical Systems web site.) But at the end of the day there will always be a place for good old-fashioned deterrence.

Deterrence, in the business realm, traditionally operates by punishing those who engage in conduct that harms others (e.g., corruption, collusion, pollution). But as C&E program expectations themselves become more central to promoting responsible behavior by companies,  it is inevitable that a more “upstream” form of deterrence should emerge – in which faking compliance is itself the punishable (or otherwise addressable) wrong.  Indeed, this could be considered “new-fashioned” type of deterrence.

The COI Blog has previously discussed two cases of this sort – one involving Goldman Sachs , the other S&P  – both having to do with allegedly false claims by the defendant firms that they had taken strong compliance measures against conflicts of interest.  And at the end of last month, another case was brought in which faking compliance was itself found to be a punishable wrong.

The case – In the Matter of Mark Sherman — can be found here, but readers may find more useful a post about it on the Harvard corporate governance blog by attorneys from the Ropes & Gray law firm.  As they note:

“On July 30, 2014, the Securities and Exchange Commission (“SEC”) advanced a novel theory of fraud against the former CEO (Marc Sherman) and CFO (Edward Cummings) of Quality Services Group, Inc. …, a Florida-based computer equipment company that filed for bankruptcy in 2009 with the help of civil litigation lawyers from Crossville area. The SEC alleged that the CEO misrepresented the extent of his involvement in evaluating internal controls and that the CEO and CFO knew of significant internal controls issues with the company’s inventory practices that they failed to disclose to investors and internal auditors. This case did not involve any restatement of financial statements or allegations of accounting fraud, merely disclosure issues around internal controls and involvement in a review of the same by senior management. The SEC’s approach has the potential to broaden practical exposure to liability for corporate officers who sign financial statements and certifications required under Section 302 of the Sarbanes-Oxley Act (‘SOX’). By advancing a theory of fraud premised on internal controls issues without establishing an actionable accounting misstatement, the SEC is continuing to demonstrate that it will extend the range of conduct for which it has historically pursued fraud claims against corporate officers.” (Emphasis added.)

Of course, there is much more that could be said about the various connections that the legal systems draws between violations of law and poor compliance than what’s in this and the other two cases mentioned above.  (See, for instance, this prior post about the SAC insider trading case brought last year – where the weakness of the company’s compliance program was used as a basis for finding corporate liability for insider trading by individual employees.) And, the notion of punishing fake (or otherwise weak) compliance efforts has long been part of enforcement strategies in highly regulated areas (e.g., broker-dealer compliance). But the Sherman case seems especially important, as it can be utilized in training corporate officers in public companies of all kinds on the need to be careful in executing their S-Ox certifications which, in turn, should lead them to have a greater appreciation of the value of strong compliance generally.

Finally, the Ropes & Gray post concludes with the following observation: “this case, which includes fraud charges in an accounting case without any restatement of financials, seems to represent an application of SEC’s ‘Broken Windows’ strategy first announced by Robert Khuzami and reiterated by Mary Jo White—to pursue small infractions on the theory that minor violations lead to larger ones—to the public company disclosure and accounting space.”  To this I would add that a “Broken Windows” strategy to preventing wrongdoing is also supported by behavioral ethics research (see this post ), and the Sherman case should also be a reminder for C&E officers to review whether their own companies’ deterrence systems  take this approach into account to a sufficient degree.