Corporate Counsel's Role In Detecting Internal Company Fraud

Tuesday, November 1, 2005 - 01:00

Editor: Please give an overview of your expertise in advising broker-dealers, brokers, hedge funds and investment advisors on matters related to securities defense and white collar defense.

Badway: I was an attorney with the SEC's Division of Enforcement. Since joining SSS&G, I have been helping a wide array of clients on myriad enforcement and corporate governance issues in a variety of contexts ranging from disclosure, trading and underwriting activities to conducting internal investigations and defending enforcement actions by the SEC, NASD, NYSE, the New York and New Jersey Attorney General's Offices and the New Jersey Bureau of Securities.

Nordlinger: I enjoyed a long career in various capacities with the SEC, including serving as staff attorney and acting regional director for the northeast, the largest region in the SEC. I am delighted to be starting a new chapter in my career at SSS&G. My practice concentrates on securities investigations, securities litigation, and regulatory and enforcement matters.

Editor: You focused your NJCCA presentation on corporate counsel's role as the corporation's "police officer." Does this mean that corporate counsel can no longer be "team players"?

Nordlinger: Tensions between lawyers' roles in guiding corporations toward compliance with their legal obligations and their business functions are not new. Lawyers have always had to show how compliance is good for business. What is new is that the government and public are scrutinizing corporations' behavior more closely than ever. The message needs to be made clear from a business standpoint that implementing effective internal controls is far less expensive than waiting for a situation to escalate to a point where it will be costly to defend.

Editor: How can corporate counsel determine the effectiveness of the corporation's internal controls?

Badway: They should ask senior management about how the internal controls provide a reasonable assurance that the corporation's financial reporting is sound, operations are efficient and the compliance program is effective. They should ask how information about the controls is communicated throughout the corporation as well as how compliance is monitored, reviewed and adapted.

Editor: Please give some examples of "red flags" that might suggest that the corporation's internal controls are not effective.

Badway: Critical to any assessment of the corporation's financial activities is an understanding of how it books its revenue. For example, a pattern of increased sales at the end of a quarter may indicate that the company's books are being kept open to recognize revenue prematurely. Such a manipulation of the books should raise a red flag.

Nordlinger: This has been the biggest cause for SEC investigations. For instance, Sanjay Kumar, the former CEO of Computer Associates, and Steven Woghin, its former general counsel, have been charged by the DOJ and SEC for their alleged role in the company's premature recognition of $2.2 billion in revenue for fiscal years 2000 and 2001. The allegation also states that more than $1.1 billion in premature revenue recognition was caused by the company keeping the books open to record revenue from contracts executed after the quarter had ended.

Editor: What steps can corporate counsel take to prevent these problems?

Badway: For example, because corporate counsel cannot feasibly review every contract the company enters, they should implement procedures to determine which contracts need the counsel's ongoing involvement. For the others, training programs should be developed for the company's personnel who execute the contracts, and corporate counsel should periodically review samples of those contracts to ensure compliance.

Editor: What should in-house counsel do if they discover corporate impropriety?

Badway: Section 307 of Sarbanes-Oxley imposes an obligation on counsel to report up the ladder. If the conduct continues after the impropriety has been reported, counsel may need to resign. Sarbanes-Oxley does not require resignation, but some state rules, such as New Jersey's Rules of Professional Conduct, may require resignation in cases where the impropriety continues.

Editor: Has the SEC initiated many cases against corporate counsel?

Badway: The Corporate Board Member Magazine reported in April that the SEC brought 76 actions against lawyers in the past 3.5 years, including 18 in the first months of 2005. In In the Matter of Google, Inc. and David C. Drummond, the SEC contended that the general counsel for Google knew, but did not communicate to the board of directors, that significant issues existed with respect to the availability of various exemptions from registration that Google relied upon for the grant and exercise of its stock options. The SEC brought In the Matter of John E. Isslemann, Jr. against the general counsel of Electro Scientific Industries, Inc. (ESI) for allegedly failing to convey material information regarding the legality of a significant accounting transaction to the ESI board of directors, audit committee and external auditors causing ESI to file materially false and misleading Form 10-Q reports.

Editor: How should investigations of corporate impropriety be staffed?

Nordlinger: An important aspect of staffing is looking for the right expertise. Just as important as looking for someone with an excellent knowledge of the law is looking for someone who has experience dealing with the regulatory agencies. For example, when the SEC offers a confidentiality agreement, a good lawyer will always find sections that they want to change, but these agreements are not negotiable from the SEC's perspective. Also, most good criminal defense counsel will ask for an in-person meeting with a state prosecutor early in an investigation. Because the SEC rarely has in-person meetings when an investigation begins, the investigator may presume that you have something to hide if you suggest an early meeting. That perception can have a dramatic effect on the rest of your dealings with the SEC.

Editor: Do you have any suggestions for investigating the adequacy of internal controls in an M&A context?

Badway: Due diligence is the key. You should make sure that you ask the proper questions of the target. For example, you need to ask them about their internal control procedures, personnel manuals and other compliance documents. You should also ask about any internal or government investigations conducted in the past and their results. For any pending investigations, you should ask for not only documentation, but also lists of contact information for all witnesses and experts as well as the staff, consultants and lawyers handing the matters.

Editor: If a company cooperates with a federal investigation, what, if any, impact will its cooperation have on a state's investigation of the allegation?

Nordlinger: You need to assess your situation and the problems you are facing. If there is a potential prison sentence for directors and civil penalty for the company, that will guide your decision. But you should be aware that even though regulators seeking criminal sanctions and those seeking civil penalties can cooperate with each other, they do not jointly negotiate. You will not be able to negotiate a settlement where you accept liability for the civil penalty in exchange for the government dismissing the criminal prosecution. Such a bargain has to be negotiated separately.

Editor: If the attorney-client privilege is waived with respect to the federal government, does that mean that it is waived with respect to future cases?

Nordlinger: In most situations, the information may not be protected. The test most courts apply when making determinations on the waiver of confidentiality is whether you gave an adverse party information. In most instances where the waiver was given to a governmental or regulatory agency, courts will view them as your adversary and find that the information has been waived and that civil litigants can obtain that information.

Badway: A company may be able to protect itself when the information produced was part of an internal investigation. The SEC often protects these documents and does not provide them to civil litigants. It is also important to keep in mind that disclosures to third parties are often made under a Freedom of Information Act (FOIA) request under the theory that the defendant has waived his privilege and that the information the government has is now public. In order to further protect against these disclosures, a company should include a disclaimer on all documents produced to regulators requiring an FOIA notice. Under this scenario the government must provide notice to the defendant of any requests made, and the defendant will have 10 business days to make a motion in federal district court to enjoin the production of those documents if the SEC chooses to disclose such information.

Please email the interviewees with questions about this interview at eeb@saiber.com or ehn@saiber.com.