July 24, 2002
Chairman Biden, Senators:
It is a pleasure and a privilege to join this distinguished panel and to commence a dialogue on an issue of great relevance to the task of restoring confidence in our corporate governance and financial reporting system: that is, insuring corporate responsibility and, in that context, the use of criminal sanctions to deter wrongdoing.
The deterrence issue is timely. The current crisis has occurred in a context that may be unique. Contributing (or exacerbating) factors include: (i) the end of an historic bull-market cycle, (ii) the events of September 11, (iii) the pressures on management to meet short-term targets, intensified by stock-option and stock-bonus incentives, leading to exotic tax and accounting techniques -- techniques designed and marketed by consultants to exploit the complexity of accounting rules. These circumstances are getting the attention of lawmakers and regulators. What puts the deterrence issue in the forefront is not just the magnitude of the market losses, but the apparent fact that in a few of the most conspicuous cases, top management acted either with the belief that they had the informed approval of boards, audit committees, outside auditors, or without serious concern that they would be called to account.
Deterrence involves (i) increasing the risk of detection of fraud and (ii) enhancing the governance mechanisms that act as a guardrail, to prevent management from stretching the rules and gaming the system. As a practicing securities lawyer, advising boards, audit committees and management, and as a former General Counsel of the SEC, I share your concern, and that of the President, that corporate America not only act responsibly, but clearly be seen to act responsibly. That involves changes in our system of corporate governance that are now underway.
A. Should the SEC Have Criminal Enforcement Authority?
This hearing, I understand, concerns (among other issues) the question of whether the U.S. Securities and Exchange Commission should have criminal enforcement powers -- i.e. whether Congress should enlarge the SEC's statutory mandate to include the responsibility of seeking indictment and prosecuting criminal cases. Although the current crisis is real, and although the President, the Congress and the SEC are all on the right track in evaluating the range of options to assure accountability, we need to be wise in our selection among remedies. My testimony will focus on the other, and to my mind better, methods of achieving the corporate ethic our nation expects and deserves.
As we know, violations of the federal securities laws which are committed with the requisite intent are now criminal. The SEC refers criminal conduct to the Department of Justice; and we have observed no reluctance on the part of U.S. Attorneys to pursue such referrals. In many such cases, the SEC Staff officers who have investigated a civil case are designated as "Special Assistant U.S. Attorneys" by judicial order, to assist in the preparation and trial of the criminal case. It is, perhaps, fair to ask "Why not just take the next step and give the SEC criminal authority?" I respectfully warn against that next step, for the following reasons:
1. Civil trial lawyers are not generally competent to try criminal cases. A separate criminal trial unit would need to be created within the SEC at a time when the agency is experiencing resource constraints. Once created, that unit may actually impair the close cooperation that now exists between the SEC Enforcement Staff and the Offices of U.S. Attorneys.
2. The SEC has functioned well in the past because of its limited mission. This has been said many times, many ways. The SEC's mission has been to foster disclosure and transparency and preserve market integrity through rulemaking and civil law enforcement. If criminal enforcement is added, there is real danger of "mission creep." Would the new criminal enforcement division be limited to securities law violations? What if wire fraud, mail fraud, consumer protection (FTC) or commodities (CFTC) violations are involved?
3. The civil enforcement process encourages settlement and, with that, administrative and judicial economy. Creating a Janus-like, civil/criminal enforcement agency will make that process less efficient, and may disrupt it altogether. In short the SEC's civil enforcement process is of a piece with its rulemaking and disciplinary process (which applies to lawyers and accountants, incidentally): that process works, notwithstanding what we have seen in corporate America.
And of course, the question should be put to the SEC itself: given the choice, (i) on the one hand, between having adequate resources to properly staff the reviewing, accounting and investigative initiative to discover fraud, in the early stages, or (ii) on the other, launching a fledgling criminal enforcement division, which would the agency prefer? Devoting greater resources to early detection will enhance deterrence for the civil enforcement initiatives and programs of the SEC.
B. Does the Threshold for Criminal Conduct Need to be Lowered?
If, then, we are going to rely on the Department of Justice to invoke criminal sanctions against corporate wrongdoing, should we, as some have suggested, deter by lowering the threshold for criminal liability? I think not, for the following reasons:
1. We must never forget that it is an economy we are regulating: that is, none of the conduct is (as in the case of selling crack cocaine, or extortion) malum in se. Defining economic crime - and in particular criminal financial fraud - involves identifying the gradation of conduct that departs from fairly complicated rules. The complexity of the rules, as we have seen, can become part of the problem. Therefore, we need to stick with specific intent - egregious conduct that involves deliberate evasion of statutes, rules and regulations, or the creation of schemes that could only have deception as their purpose. For all the rest (whether through negligence or recklessness) there's civil liability. The object is to keep corporate managers careful - not paralytic.
2. The standards of criminal liability are "hard-wired": The specific intent standard is part of our culture - it means deliberate disregard of clearly established duties. That is why we regard the conduct as criminal. Negligent conduct can result in truly awful consequences; but it is not criminal just because it caused great injury.
But none of this implies we have to rely on the "moral imperative" of the corporate executive's own conscience to keep them on the civil side of the law.
C. The Changing Governance Model.
In fact, out of the implosion of Waste Management, Enron, Global Crossing and WorldCom, we are witnessing the emergence of a new corporate governance model. This hinges on three broad reform principles that should go a long way to distinguish conscientious management from the appropriate objects of the criminal process.
What, then, are the reforms that will get the job done?
First, corporate responsibility starts with individual accountability. Just as "tone from the top" communicates corporate values and creates corporate culture, accountability starts as an individual matter and starts from the top. For a start, we are already seeing the effects on accountability of the SEC's June 27, 2002 Order (under Section 21(a)(1) of the Exchange Act), requiring written statements under oath from senior officers, certifying the material completeness of filed reports. The SEC's pending rule proposal will make that Order generally applicable. I can testify today that this certification has got the undivided attention of CEOs and CFOs around the country.
Processes to comply with these certification requirements, and to assure the accuracy of those certifications, are being put in place in the largest public companies. Those procedures are being communicated down the line, implemented and the implementation documented, all in a manner that should contribute to the reliability and completeness of our continuous reporting for years to come. It has, of course, not gone unnoticed by the CEO and CFO that these statements are sworn, with the attendant risks of criminal referral by the SEC in the case of knowingly false oaths. The NYSE rules will also require criminal certification of both the procedures to assure accurate, complete information, and the company's compliance with those procedures.
Second, the SEC will likely get the administrative authority to bar securities-law offenders from serving as officers and directors of public companies. This is as great a threat to the reputations, careers and livelihoods of professional managers as the threat of criminal prosecution; and I say that because it will be enforced administratively and without an independent determination by an Article III Judge (as has heretofore been the case). The threat of the SEC's administrative bar may be the single greatest deterrent weapon in the arsenal.
Third, independence from professional management, in the form of independent boards and independent audit committees, and independent oversight of the accounting profession should be assured. These reforms are now ideas whose time has come. The New York Stock Exchange and NASDAQ reforms, requiring independent boards and independent audit committees, and the SEC's rules which will foster the activism of these independent bodies, have fundamentally changed corporate culture. Professional managers have been brought into a relationship with boards in which the power of the professional managers has been diminished and the oversight of the board strengthened.
The accounting profession will also stand in a different relationship to the regulatory regime upon creation of a new "Public Accountability Board" or "Public Company Accounting Oversight Board": public accountancy will be a regulated profession, with the independence and the auditing practices and standards of each firm subject to annual review by a body with the independent authority to sanction.
My testimony is not, of course, that all is well with corporate America or that criminal sanctions do not have a part to play in insuring corporate responsibility: without speculation on the specific targets of criminal sanctions, I believe we will (and should) see the criminal process employed in some of the cases we are daily reading about.
On the other hand, Federal Reserve Chairman Greenspan has testified that he believes that the structure of the business corporate model -- boards of directors overseeing a management team and accountable to shareholders -- would be our model for some time to come: i.e., that we will not be abandoning the U.S. model for a continental European model. It would be a good exit from the current crisis, if our corporate model and regulatory regime, which have underpinned the most transparent markets in the world, once again were seen in that favorable light. When the three reforms I have mentioned have had time to work (and I am suggesting a "retrospective" from two quarterly and one annual reporting period, or mid-May 2003), the markets may well have concluded that the periodic reports and financial statements of U.S. public companies are again the most reliable in the world.