Barriers to Corporate Fraud: How They Work, Why They Fail
Prepared for Members and Committees of Congress
The collapse of Enron Corp. in the fall of 2001 had a peculiar side effect: accounting became
front page news. For the next year, accounting fraud at a long series of Fortune 500 companies
made headlines. The worst cases led to spectacular bankruptcies, mass layoffs, and criminal
prosecutions. Many other companies remained intact, but paid millions of dollars to settle charges
that their books did not correspond to financial reality.
The economic costs of the corporate scandals were substantial: trillions of dollars in shareholder
wealth lost and a climate of uncertainty that may have suppressed business investment and hiring
after the 2001 recession ended. The barriers to corporate fraud set in place after the Great
Depression had clearly failed to protect public investors and were put under close scrutiny.
Congress responded by passing the Sarbanes-Oxley Act of 2002, strengthening regulation of
auditors, directors, and corporate executives and increasing criminal penalties for fraud.
During the 2003-2004 school year, Professor William Black’s class at the Lyndon B. Johnson
School of Public Affairs of the University of Texas examined corporate fraud from a multi-
disciplinary perspective. Rather than viewing fraud as simply a securities law matter, the class
considered the insights of criminology, sociology, management science, business ethics,
behavioral economics, complex systems theory, and other fields. This report is the result of their
The report focuses on the internal controls on American corporations (including corporate
governance, business ethics, managerial structure and compensation, internal counsel, and
whistleblowers), as well as external controls (government regulation, external auditors and
accountants, and the judicial process). A recurring theme is the limited efficacy of many
safeguards and watchdogs in cases of “control fraud,” where fraud is directed or abetted by top
management, and where unethical or abusive practices may become the organizational norm. It
may then be easier for employees, directors, auditors, and even government regulators to go along
with the prevailing trends, rather than take a stand which might disrupt the smooth functioning of
the business, and could bring on devastating personal and organizational consequences.
Another broad question raised by the report is whether the post-Enron scandals were a one-time
event, made possible by the stock market bubble of the 1990s and several other unique historical
developments which together constituted a “perfect storm,” or whether fraud is a cyclical
phenomenon associated with the end of long bull markets. The question has policy implications:
if recent corporate scandals represent an unfortunate result of a unique set of conditions, one
might conclude that the restraints now in place are sufficient to prevent outbreaks of fraud under
normal circumstances. On the other hand, if fraud is cyclical and can be expected to reappear
once stock prices begin to soar again, one might conclude that the post-Enron scandals have
revealed fundamental weaknesses in law and regulation. This report provides an overview of anti-
fraud barriers and will not be updated.
Introduc tion ..................................................................................................................................... 1
Boards of Directors...................................................................................................................2
Board Independence as a Barrier to Fraud..........................................................................3
The CEO/Chairman Split....................................................................................................5
The Enron Board and Potential Failures of Independence Requirements..........................6
Corporate Officers and Managers: Creating an Ethical Environment from the Top
Down ........................................................................................................................... ........... 7
CEO Incentive Compensation as Corporate Governance...................................................7
Problems with Stock-Based Compensation........................................................................9
Cost to Shareholders.........................................................................................................10
Executive Pay and Public Opinion....................................................................................10
The Sarbanes-Oxley Act...................................................................................................12
Auditors ......................................................................................................................................... 13
The Authority for Auditors......................................................................................................13
The Purpose of the Audit.........................................................................................................14
Three Participants in the Audit Process...................................................................................15
Debates within the Auditing Profession..................................................................................17
Outsourcing the Internal Audit to an External Auditor.....................................................17
Non-Financial Risk Management.....................................................................................18
Attorneys ....................................................................................................................................... 20
Introduc tion ............................................................................................................................. 20
Who Governs the Conduct of Lawyers?.................................................................................21
Confidenti al it y .................................................................................................................. 22
Conflicts of Interest...........................................................................................................24
Withdrawal and Disclosure...............................................................................................24
Conclusion .............................................................................................................................. 26
Whistl eblowers .............................................................................................................................. 26
Complicity and Pressure to Comply........................................................................................26
Current Legal Whistleblower Protection.................................................................................27
Overview of Problems and Regulatory Failures.....................................................................28
Agency’s Mission is Too Narrow or Poorly Understood..................................................28
Lack of Authority and/or Jurisdiction...............................................................................29
Stock Analysts: Conflict of Interest Problems...............................................................................34
Criminal Justice and White-Collar Crime.....................................................................................35
Theories and Definitions of White Collar Crime....................................................................36
Organized Crime vs. White-Collar Crime........................................................................36
Moral Hazard vs. Criminal Intent.....................................................................................36
Deterr ence ......................................................................................................................... 37
Theory of Prosecution.......................................................................................................38
Are White-Collar Crimes Victimless?..............................................................................38
Current Enforcement Priorities.........................................................................................39
Implications for Regulation..............................................................................................40
The Role of Civil Litigation in Deterring Corporate Fraud...........................................................40
Types of Actions and Parties to Suits......................................................................................40
Legal Duties and Statutory Bases of Civil Actions.................................................................41
Suits Based on Federal Statutes and Rules.......................................................................41
Suits based on State Statutes and Common Law..............................................................43
Conclusion ..................................................................................................................................... 49
What Went Wrong at Enron?...................................................................................................49
Author Contact Information..........................................................................................................50
The corporate scandals of the early 21st century have sparked much speculation as to their cause,
and much work by legislators and regulators to set in place reforms to prevent them from
recurring. Explanations for these events seem to rely on one of two distinct models. One theory
claims that collapses such as these are cyclical and may be an inevitable adjunct to prolonged bull
markets. When the good times are rolling, virtually all investments are buoyed by the rising
market. Investors have less incentive to monitor the firms they invest in, and regulators tend to
become less vigilant when investor losses are rare. In this atmosphere, fraud can prosper, and
even established, respectable firms may see little harm in embellishing their accounting results to
provide the endless stream of good news that the overheated market demands. Eventually the
party ends, investor skepticism and regulatory zeal return, and the market’s self-cleansing forces
restore the balance. Until the next time.
Another explanation—which may be called the “perfect storm” theory—holds that the confluence
of several unique historical circumstances in the late 1990s enabled rogue managers and
companies to commit fraud on a scale far grander than the cyclical explanation would have
predicted. Among the factors that combined to form the perfect storm were a booming new
technology sector based on the Internet, the creation and enthusiastic adoption of new financial
strategies and instruments, the demographic impact of baby boomers beginning to save for
retirement, changes in the relationship between auditors and their clients, and, of course, a stock
market driven to “irrational exuberance” by year after year of double-digit returns.
In examining these theories, this report focuses on the internal controls on American corporations
(including corporate governance, business ethics, managerial structure and compensation, internal
counsel, and whistleblowers), as well as external controls (government regulation, external
auditors and accountants, and the judicial process).
This report surveys the barriers to corporate fraud within the context of the competing
explanations: the cycle vs. the perfect storm. The explanation one chooses will affect the
preferred public policy response. If the series of corporate scandals that began with Enron
represents an unfortunate result of a unique set of market conditions, one might conclude that the
restraints now in place are sufficient to prevent outbreaks of fraud under normal circumstances.
On the other hand, if fraud is cyclical and can be expected to reappear once stock prices begin to
climb again, one might conclude that the post-Enron scandals have revealed fundamental
weaknesses in law and regulation. This was arguably Congress’s frame of mind when it passed
the Sarbanes-Oxley Act—the most significant amendments to securities law since the 1930s—1
during the worst of the scandals. Some observers characterize that law as an over-reaction, while 2th
others see it as a first step. The 109 Congress may consider proposed laws and regulations that
affect mutual funds, stock options accounting, hedge funds, insurance companies, government-
sponsored enterprises, and other financial institutions. This report provides a broad perspective
for considering major issues in antifraud law and regulation.
1 See, e.g., Larry E. Ribstein, “Market Vs. Regulatory Responses to Corporate Fraud: A Critique of the Sarbanes-Oxley
Act of 2002,” Journal of Corporate Law, vol. 28, Fall 2002, pp. 57-59.
2 E.g., “Enron’s Unfinished Business,” Washington Post, Mar. 9, 2004, p. A22.
A board of directors oversees the management of a corporation on behalf of the shareholders.
Though boards normally allow managers broad latitude to conduct day-to-day operations, state
corporate and federal securities laws mandate that directors approve certain major company
decisions, such as the issuance of stock, distribution of dividends, mergers, the level of executive
pay, amendments to corporate by-laws, and other matters. In times of crisis, the board can fire
management and take any action deemed necessary to protect the interests of the ultimate owners
of the business, the shareholders. Shareholders elect directors to the company board, with the
number of votes cast usually in proportion to the number of shares held.
In the wake of the post-Enron scandals, the role of the board of directors has been the subject of
much legislative and regulatory activity. It is clearly desirable to have the board play an active
role in preventing and detecting management fraud, but many observers stress the limitations of
the board’s monitoring capacity, given that its members serve part-time and must rely heavily
upon the representations of management.
Kostant describes the situation in this way: “[i]n the governance mechanisms, senior inside
management, especially the chief executive officer, selected the board of directors, and while the
board in theory had ultimate authority for the management of the corporation, it largely deferred
to the policies and practices of the senior inside managers. Direct challenges to the CEO by the
board were rare, and the board usually followed the directives of the inside managers in opposing 3
derivative suits.” Kostant notes that management has been allowed to “capture the mechanics of
corporate governance” and has created a power dynamic “relatively unchecked by weak exit and 4
non-existent voice.” In other words, corporate actors (not just employees, but also advisors and
contractors such as financial institutions or accountants) have become more reluctant to walk
away from a corporation whose management is engaged in improper practices, and they are even
less willing to take a public stand against such practices.
Shareholders normally give the slate of directors nominated by management a near-unanimous 5
vote of approval. The usual practice for shareholders dissatisfied with a company’s management
is to sell their shares. Attempts to unseat management by electing an opposing slate of directors,
as at Disney in 2004, are rare. A basic criticism of boards of directors is that they provide rubber
3 Peter Kostant, “Exit, Voice and Loyalty in the Course of Corporate Governance and Counsel’s Changing Role,”
Journal of Socio-Economics, vol. 28, no. 3. (1999), p. 210.
4 Exit, voice, and loyalty are terms derived from the work of Albert O. Hirschman on the devices that corporations use
to correct lapses in productive behavior. “Exit” occurs when members leave an organization, and is seen as
insufficiently effective in triggering corrective action. “Voice” is any attempt to change, rather than escape from, an
unsatisfactory situation. “Loyalty” is a brake on exit, causing individuals to remain when it might be rational to leave,
and thus may be a stimulus to voice. Ibid., pp. 208-209.
5 Benjamin E. Hermalin and Michael S. Weisbach, “Endogenously Chosen Boards of Directors and Their Monitoring
of the CEO,” American Economic Review, vol. 88, Mar. 1998, p. 96.
stamp approval for management rather than substantive oversight; the selection process partly
explains why this might be so.
Directors are chosen for a variety of reasons, including their knowledge of the company’s
business, their reputation, or their personal and professional relationships with management.
Many directors hold positions on a number of boards, which may ultimately affect a board’s 6
ability to effectively carry out its duties. Active or retired CEOs frequently serve as directors.
Directors who are (or have been) managers of other companies may tend to make decisions much
as they would for their own firms, and use governance tactics which they have either already 7
found successful in their own dealings or wish to test for future use. CEO-directors are unlikely
to challenge current management, and change becomes less likely as the proportion of directors 8
who are CEOs in their own right increases.
The means by which directors are selected may create a social dilemma, further undermining the
ability to effectively monitor management. Board members are often appointed due to personal 9
relationships, and these directors will likely find it difficult to protest the manager’s actions.
No corporation would nominate an outspoken critic of its management to its board. Similarly, few
prospective directors would choose to serve on the board of a firm whose management they did
not respect and trust. The need for a collegial and cordial atmosphere for the board to get its work
done—both directors and managers have other demands on their time—conflicts with the need to
have a board ready to ask tough and unpleasant questions when fraud is suspected. Scholars and
practitioners argue that a certain level of consensus between management and boards is necessary
for company planning and the implementation of policy. Forcing directors into a stronger
monitoring role may create suspicion and discord between the groups and ultimately damage the
After the recent wave of corporate scandals, there was a strong push to strengthen the role of
independent directors, those who have no ties to the company or its management and can
presumably exercise more impartial judgement. The Sarbanes-Oxley Act requires that a board’s
audit committee, which hires, oversees, and pays the firm’s outside auditor, be made up entirely
of independent directors. The Nasdaq and New York Stock Exchange (NYSE) adopted rules in
2003 that require companies whose stock is traded on their markets to have a majority of
independent directors on their boards. The new rules included a more stringent definition of
“independence.” According to NYSE Rule 303A.02 (“Independence Tests”):
• No director qualifies as “independent” unless the board of directors affirmatively
determines that the director has no material relationship with the listed company
6 James D. Westphal and Edward J. Zajac, “Defections from the Inner Circle: Social Exchange, Reciprocity, and the
Diffusion of Board Independence in U.S. Corporations,” Administrative Science Quarterly, vol. 42, no.1, 1997, pp.
7 Gerald F. Davis and Henrich R. Greve, “Corporate Elite Networks and Governance Changes in the 1980s,” American
Journal of Sociology, vol. 103, July 1997, pp. 1-37.
8 Westphal and Zajac, p. 177.
9 Jay W. Lorsch and Elizabeth MacIver, Pawns or Potentates: The Reality of America’s Corporate Boards, Boston,
Harvard Business School Press, 1989. Cited in Mark S. Mizruchi, “Berle and Means Revisited: The Governance and
Power of Large U.S. Corporations.” Conditionally accepted by Theory and Society, Apr. 2004.
(either directly or as a partner, shareholder or officer of an organization that has a
relationship with the company). Companies must disclose these determinations.
• A director who is an employee, or whose immediate family member is an
executive officer, of the company is not independent until three years after the
end of such employment relationship.
• A director who receives, or whose immediate family member receives, more than
$100,000 per year in direct compensation from the listed company, other than
director and committee fees and pension or other forms of deferred compensation
for prior service (provided such compensation is not contingent in any way on
continued service), is not independent until three years after he or she ceases to
receive more than $100,000 per year in such compensation.
• A director who is affiliated with or employed by, or whose immediate family
member is affiliated with or employed in a professional capacity by, a present or
former internal or external auditor of the company is not “independent” until
three years after the end of the affiliation or the employment or auditing
• A director who is employed, or whose immediate family member is employed, as
an executive officer of another company where any of the listed company’s
present executives serve on that company’s compensation committee is not
“independent” until three years after the end of such service or the employment
• A director who is an executive officer or an employee, or whose immediate
family member is an executive officer, of a company that makes payments to, or
receives payments from, the listed company for property or services in an amount
which, in any single fiscal year, exceeds the greater of $1 million, or 2% of such
other company’s consolidated gross revenues, is not “independent” until three
years after falling below such threshold.
The California Public Employees Retirement System (CALPERS), the largest institutional
investor in the United States, has a broader definition of “independence” than that of the NYSE.
CALPERS guidelines (which are not legally binding upon U.S. firms) state that former
executives, advisers, consultants, customers, suppliers, contractors and family members with
relationships to the corporation, and individuals affiliated with a not-for-profit entity receiving
“significant” contributions from the corporation within the previous five years are not
Not all feel that director independence will improve the performance of corporate boards. In a th
February 2004 speech at the University of Texas Law School 26 Annual Conference on
Securities Regulation and Business Law Problems, SEC Commissioner Cynthia Glassman
suggested that independent directors do not necessarily function effectively as overseers of
management of a corporation:
Increased director independence is often treated like the silver bullet that will prevent future
misconduct - or even managerial inefficiency. But at each point along the path, the
heightened independence of the Board has failed to prevent subsequent crises, and the
evidence is inconclusive regarding whether there is a correlation between independence and
performance.... “Independent” is not a proxy for “good,” especially given our tendency to
focus on economic independence, and not independence of thought. It should not be 10
surprising, therefore, that the results of reform efforts have been mixed.
Glassman posited that because there is no easily identifiable optimal configuration of (or role for)
a board, one cannot conclude that absolute independence is a necessary feature of any board of
directors. Rather, when determining appropriate policy and reforms, regulators need to take into
account all of the different ways boards can function within a corporation. To that end, regulators
must remember that boards play dual roles in a corporation: as manager and as monitors.
Therefore, “the goal of our regulatory reforms should be to make sure both the roles are
appropriately accounted for and balanced, and to avoid unnecessarily infringing on either
legitimate role,” Glassman said. Moreover, regulators must take into account the tension that will
always exist resulting from the dual roles directors hold. “What do we really want from directors?
We want a Board that is collegial, informed and involved enough with management to provide
strategic guidance. We also want a Board that is far enough removed to ask tough questions and
take decisive independent action when necessary,” Glassman said.
It has been further argued that continued regulatory focus on the independence of directors will
have an adverse effect both on a board’s ability to execute its managerial duties for the company
and on the company’s ability to recruit a board which will best fit the individual company’s
needs. If boards are forced to focus most heavily on the monitoring and oversight of the actions of
management, they risk destroying the cooperative relationship with the managers who must 11
implement their decisions. Requirements for independence may make the board selection
process more strenuous, and the possibility of increasing board member liability or responsibility
for the actions of the company-either by law or perception-may make otherwise valuable
candidates more reluctant to step forward. Moreover, board independence may not be advisable in
companies in highly specialized industry sectors, where the number of board candidates with
relevant experience is limited, especially if management feels it necessary to seek advice from its
Perhaps the ultimate threat to board independence arises when the CEO also serves as chairman
of the board. The dual role has become increasingly common. Defenders of the practice argue the
appointment of CEO as chairman eliminates the possibility that the board would not have the
same information as executives. Holding both positions creates a more streamlined corporation
and helps avoid an inherent disjunction of information between the board and top management.
Hence, proponents argue that the sharing of information can unify the management and 12
But a chairman’s service in both capacities may also create problems. If a board’s task is to
monitor (and potentially override) the decisions of management, it is difficult to believe that the
10 Available online at http://www.sec.gov/news/speech/spch022004cag.htm.
11 Troy A. Paredes, “Enron: The Board, Corporate Governance, and Some Thoughts on the Role of Congress.” In:
Enron: Corporate Fiascos and Their Implications, eds. Nancy B. Rapoport and Bala G. Dharan, (New York:
Foundation Press, 2004), pp. 520-521.
12 Gerard Sanders and Mason A. Carpenter, “Internationalization and Firm Governance: The Roles of CEO
Compensation, Top Team Compensation, and Board Structure,” Academy of Management Journal, vol. 41, no. 2, Apr.
1998 (Special Research Forum on Managerial Compensation and Firm Performance), pp. 158-178.
CEO would be inclined to disagree with his or her own decisions. By sharing the role, a CEO can
suborn the board. It will be harder for a board to reject one of its own and will make the
monitoring function increasingly difficult.
Short of lawfully forcing the CEO/chairman split, a step the NYSE and Nasdaq rules do not take,
another option is to appoint a director with the power to offset the CEO or appoint other directors
to espouse the views of management, thereby relieving the CEO of that responsibility, while still 13
allowing management’s views to be discussed through a constructive dialogue.
Although independence requirements have been a major thrust of post-Enron reforms, it should
be noted that independent directors were unable to prevent Enron’s collapse. Enron’s board
included skilled corporate managers and former regulators and qualified as a “supermajority
independent” board—one in which all directors came from outside the company, with the 14
exception of the CEO. Jeffrey Skilling and Kenneth Lay were the only Enron employees to
serve on the board. The board’s audit, compensation, governance, and nominating committees
were composed entirely of independent directors.
However, its independence and expertise did not prevent the board from twice suspending its
code of ethics to allow CFO Andrew Fastow to create, manage, and personally profit from
ostensibly independent accounting entities whose real function was to hide business losses.
Neither did the board force management to examine seriously the issues raised in Sherron
Watkins’ whistleblower memo, nor request to see the Vinson and Elkins investigative report of 15
her concerns that was conducted at management’s request.
The Senate Permanent Subcommittee on Investigations concluded that the board acted
inappropriately in a number of ways, including breach of fiduciary duty, approval of situations
putting corporate managers in conflicting positions, tolerating high-risk accounting policies, and 16
the creation of excessive compensation plans. The Subcommittee’s report also cited a lack of
independence with regard to financial ties between the company and individual directors. But the
greatest problem with the Enron board seems to have been not its actions, but its inaction. The
board was unwilling to challenge actions by management that were ultimately devastating to the
firm and its rank-and-file employees, except through the institution of a few controls that were
not closely monitored. The board also failed to monitor Enron’s outside auditor, Arthur Andersen.
13 Bruce Cutting and Alexander Kouzmin, “The Emerging Patterns of Power in Corporate Governance: Back to the
Future in Improving Corporate Decision Making,” Journal of Managerial Sociology, vol. 15, no. 5, 2000, p. 499.
14 Charles Calomiris, “The Board Game,” Financial Times, Dec. 6, 2002, and Robert W. Hamilton, “Corporate
Governance in America 1950-2000: Major Changes, but Uncertain Benefits,” Iowa Journal of Corporate Law, v. 25,
Winter 2000, p. 349.
15 Vinson and Elkins served as Enron’s outside counsel.
16 The Role of the Board of Directors in Enron’s Collapse, Report prepared by the Permanent Subcommittee on
Investigations of the Committee on Governmental Affairs, United States Senate (Washington: GPO, 2002), p. 45.
Corporate officers17 and managers play the central role in running day-to-day operations and
establishing the long-term goals of a business entity. Officers also play a large role in setting the
corporate culture of an organization, determining who is promoted or passed over and what type
of employee behavior (e.g., risk-taking) is rewarded or punished. In many cases, not only
corporate employees but corporate directors take their cues from officers and managers.
Corporate officers’ power and autonomy are often such that when they are bent on fraud, there is
no effective force within the business to counter them.
SEC Commissioner Cynthia Glassman has called for executives to be the conscience of their 18
company and for the SEC to be the enforcer of that conscience. With officers and managers
wielding so much power in today’s corporate landscape, many believe that ethical corporate
behavior must truly come from the top down. The problem for corporate governance is how to
create incentives that reward managers for ethical behavior.
Berle and Means, in their classic study The Modern Corporation and Private Property,19 first
explored a key issue in corporate governance: the agency problem that results from the division
of management and ownership. In a closely-held corporation, in which corporate officers are also
the primary shareholders, owners’ and managers’ interests are automatically aligned. This is not
the case in publicly held corporations, where ownership is usually dispersed among thousands of
A traditional view has been that in order to keep managers honest and ethical, it is important to
align managerial interests with the interests of the corporate owners. To protect shareholders from
managerial abuse, corporate governance practice and securities law, respectively, take a carrot-
and-stick approach. Corporations have sought to eliminate conflicts of interest by creating
generous financial incentives to encourage managers to focus on creation of shareholder wealth.
Securities law, on the other hand, establishes fiduciary duties and responsibilities for
management, and provides penalties when these are not met.
Conceptually, the problem of division between ownership and control has a simple solution: give
managers substantial amounts of company stock. As stockowners, managers will have a stake in
the long-term performance of the company. Since the 1970s, finance scholars and management
theorists have given strong support to stock-based executive compensation as a corporate
17 Corporate officers are those responsible for the management and day-to-day operations of the corporation. Officers
are appointed by the board of directors. Each state’s corporation statute will specify the officer positions that must be
filled by each corporation. The required officer positions usually include the CEO (or president), vice-president,
treasurer (or CFO), and secretary.
18 “Sarbanes-Oxley and the Idea of ‘Good’ Governance,” Speech to the American Society of Corporate Secretaries,
Washington, DC, Sept. 27, 2002. Online at http://www.sec.gov/news/speech/spch586.htm.
19 Adolph A. Berle and Gardiner C. Means, The Modern Corporation and Private Property, (New York: MacMillan,
1933), 396 p.
It is now common for CEOs of large companies to receive hundreds of millions of dollars worth
of stock and stock options during their tenures. Stock-based pay often vastly outweighs salary and
bonus compensation. Research on whether this compensation shift has improved corporate
performance and competitiveness is mixed, and beyond the scope of this report. The post-Enron
scandals, however, suggest that executive pay policies have not reduced the propensity of
corporate mangers to engage in fraud. There are a number of explanations for the failure of pay
practices to improve ethical standards.
First, CEOs of large corporations are able to exercise a significant amount of bargaining power 20
when negotiating their employment contracts and change-in-control contracts. A large
differential lies between CEO bargaining power and other corporate workers’ bargaining power.
The only oversight of CEO contract negotiations is provided by the board of directors, which (as
discussed above) is normally disinclined to challenge top management. The principal-agent
According to Bebchuk and Fried, the contracting approach of CEOs in determining their
compensation package can produce a conflict of interest between the board of directors and top 21
management. Bebchuk argues that one should not assume that the board of directors’ main goal 22
is to maximize shareholder value; that they, too, may be subject to agency problems. Directors
have the incentive to secure their reappointment to the board. Average director compensation in 23
the 1,500 largest U.S. corporations was $102,000 in 2003. In the case of Enron, directors were
paid up to $380,000 annually. (These figures exclude all the non-monetary perks directors receive
such as business and social contacts.)
The only real consequence the board or CEOs face in challenging each other is turnover—the
possibility of losing their positions—but, under current corporate practices, CEOs’ and boards’
tenures are mutually determined. That is, boards approve compensation schemes for officers, and
have legal authority to remove them, but CEOs often have significant influence in determining
board membership through control of the nominations process.
Directors represent the shareholders, but the shareholders do not select directors in any
meaningful sense. The slate of directors proposed by management generally passes by a near-
unanimous vote. A situation where shareholders put forward a slate contrary to the desire of
management is exceedingly rare. Hence, directors must stay in the good graces of management to
keep their positions on the board.
In corporations lacking a controlling shareholder, most of the directors have nominal equity 24
interest in the firm. This fact, together with a general willingness to approve ever-higher levels
20 Stewart J. Schwab and Randall S. Thomas, “What Do CEOs Bargain For? An Empirical Study of Key Legal
Components of CEO Contracts,” Draft Paper submitted to the 2004 Corporate Governance Conference at the
University of Texas at Austin, Apr. 16, 2004.
21 Lucian A. Bebchuk and Jesse M. Fried, “Executive Compensation as an Agency Problem,” Journal of Economic
Perspectives, vol.17, no.3, 2003, pp. 71-92.
22 Ibid., pp. 73-74.
23 Investor Responsibility Research Center, “IRRC’s Study Shows Corporations Overhauling Boards and Director
Pay,” press release, Dec. 3, 2003.
24 George P. Baker, Michael C. Jensen, and Kevin J. Murphy, “Compensation and Incentives: Practice vs. Theory,”
Journal of Finance, vol. 63, no.3, 1988, pp. 593-616
of compensation,25 ties the board’s hands when it comes to determining a CEO’s employment
contract. Thus, the board generally does not use its pay-setting powers to control CEO behavior.
In order to align managerial interests with shareholder interests, stock-based compensation—in
the form of restricted shares or stock options—has become the norm at large U.S. firms.
However, stock-based compensation has not always kept corporate officers working for the best
long-term interests of the company.
After Enron, there is a sense that rising amounts of stock-based pay may sometimes be too much
of a good thing. While having a substantial equity stake may indeed align managers’ and
shareholders’ interests, when that stake grows into the hundreds of millions of dollars, managers
have a counter-incentive. That is, when a company is in trouble, managers may seek to protect
their own stakes by issuing false accounting statements, giving themselves time to sell their own 26
stock before public investors become aware of the company’s financial problems. This was the
pattern at Enron, and it was repeated elsewhere. At the 25 largest U.S. businesses to declare
bankruptcy during the 18 months after January 1, 2001, the 25 highest-paid insiders had earned
$3.3 billion since 1999, while over the same period shareholder value declined by $211 billion 27
and over 94,000 jobs were lost.
Other problems with stock and options as an incentive tool have been observed. When managers
sell stock or exercise options, restoring pay-performance sensitivity requires giving them new
options or shares. Stock cashouts can lead to the weakening of managers’ incentives or, 28
alternatively, may force the firm to restore incentives to the pre-cashout level. Though many
companies have taken steps to restrict executives’ abilities to cash out vested equity incentives
through “trading windows” and “blackout periods,” these limitations are not prevalent throughout
all businesses and industries. And even in firms that have such restrictions, managers who are
privy to undisclosed bad news may still use trading windows to unload a substantial amount of
Some argue that bonus pay based on financial performance creates incentives that are less
problematic than stock-based compensation. Stock option pay, for example, may promote
excessive risk taking in the pursuit of managerial wealth, whereas executives whose pay is linked
to annual performance targets might be expected to be more risk-averse. A criticism of bonus pay
is that recipients may have too short a time horizon and fail to make the investments that are
crucial to the firm’s long-term growth. Sanders and Hambrick investigate the effects of CEO pay
structure on firm performance and investment and reach the “counterintuitive” result that reliance
on bonus pay does not reduce two out of three measures of long-term investment. Furthermore, 29
they find that bonus pay does not have a negative impact on subsequent firm performance.
25 Many directors are themselves current or former CEOs.
26 Oren Bar-Gill and Lucian A. Bebchuk, “Misreporting Corporate Performance,” Harvard Law School Discussion
Paper No. 400, revised July 2003, 33 p.
27 Ian Cheng, “The Barons of Bankruptcy,” Financial Times, July 31, 2002, p. 8.
28 Bebchuk and Fried, “Executive Compensation as an Agency Problem,” pp. 85.
29 Wm. Gerard Sanders and Donald C. Hambrick, “The Effects of CEO Incentive Compensation on Subsequent Firm
Investment and Performance,” Draft Paper submitted to the 2004 Corporate Governance Conference at the University
of Texas at Austin, Apr. 17, 2004, p. 22. Available online at http://www.mccombs.utexas.edu/aimcenter/Index.htm.
Regarding executive stock option plans, Sanders and Hambrick find a nonlinear pattern: at
moderate levels, option plans have a positive effect on the firm’s subsequent performance, but at
higher levels, option pay sometimes results in significant costs to stockholders. Half the firms 30
they studied had levels of option compensation exceeding the level they considered optimal.
The difference between the pay that CEOs actually receive and what they would have received
under an arm’s length transaction is thought to reflect the imbalance of power between the CEO
and shareholders. Managers’ ability to influence their pay can lead to compensation arrangements
that generate worse incentives than those that arm’s length contracts would provide. Managerial
influence may lead to the adoption of compensation packages that provide weak or perverse
incentives. These inefficiencies can lead to the reduction of shareholder value, a serious
consequence. The economic impact of CEO pay, often dismissed as symbolic in the context of a
multi-billion dollar corporation, can be material. Studies show that CEO compensation was on
average 7.89% of corporate profits in the 1,500 firms that make up the ExecuComp dataset in 31
One check on CEO and executive compensation is public outrage. During the 1990s, some firms
were criticized for their CEOs’ excessive paychecks, and the annual compensation of CEOs of 32
criticized firms was reduced over the following two years by an average of $2.7 million. One 33
response is recent efforts to “camouflage” the executive pay package. An example was provided
by Jack Welch of General Electric, who was widely respected when he retired, but was later
criticized when details of his extensive retirement package, which had not been disclosed to
shareholders, became known during divorce proceedings. Observers argue that a major problem
with the current executive compensation landscape is the frequent lack of transparency. Where
efforts to conceal the true level of compensation exist, it is not likely that pay practices will foster
Some critiques of “excessive” executive compensation proceed from an egalitarian standpoint.
CEO pay has risen so far above rank-and-file wages that some maintain that many executives 34
view themselves as a special class, beyond the reach of law and regulation. Paul Volcker, former
chairman of the Federal Reserve, now speaks out frequently about the ill effects of corporate
greed. Since the enactment of Sarbanes-Oxley, he has stated, “there is a bit more discipline
[among managers]. However, I think corporate America is still in a state of denial and despair.
30 Ibid., p. 23. Their sample included 1,000 firms randomly selected from the Standard & Poor’s 500, Mid-Cap, and
31 Steven Balsam, An Introduction to Executive Compensation, (San Diego: Academic Press, 2002), p. 262.
32 Randall S. Thomas and Kenneth J. Martin, “The Effect of Shareholder Proposals on Executive Compensation,”
University of Cincinnati Law Review, vol. 67, no. 4, 1999, pp. 1021-1081.
33 Bebchuk and Fried, “Executive Compensation as an Agency Problem,” p. 79.
34 The ratio of CEO to average worker pay in large U.S. corporations was 50:1 in 1980, and 300:1 in 2003. See CRS
Report 96-187, A Comparison of the Pay of Top Executives and Other Workers, by Linda Levine.
People think they deserve all this money and they don’t want to be the only one to say ‘no.’ And 35
so the problem keeps spiraling.”
Corporate officers owe a legal fiduciary duty to the corporation and its owners. The principal-
agent theory outlines the expectation held by shareholders that their primary interests will drive
the decisions made by management. These interests are often thought to be the maximization of
profits for the firm.
Some, however, call for an expansion of the fiduciary concept, to include stakeholders other than
the owners. Evan and Freedman define stakeholders as “those groups who have a stake in or
claim on the firm...includ[ing] suppliers, customers, employees, stockholders, and the local
community, as well as management in its role as agent for these groups.” They liken firm
mismanagement in the community to a crime that “violates an implicit social contract, and
maintain that m Management, as corporate agents, must address these issues of stakeholder 36
Persons are responsible for the consequences of their actions through the corporation, even if
those actions are mediated. Any theory that seeks to justify the corporate form must be based
partially on the idea that the corporation and its managers as moral agents can be the cause of 37
and be held accountable for the consequences of their actions.
They hold that another principle of stakeholder management is:
Management bears a fiduciary relationship to stakeholders and to the corporation as an
abstract entity. It must act in the interests of the stakeholders as their agents, and it must act
in the interests of the corporation to ensure the survival of the firm, safeguarding the long-38
term stakes of each group.
The problem, they maintain, is that this fiduciary relationship is not kept in balance and is quite
often used as a justification for unethical acts. The authors acknowledge the principle’s inherent
conflict by offering that it “gives no instructions for a magical resolution of the conflicts that arise 39
from prima facie obligations to multiple parties....” It is left up to management to foster an
environment that acknowledges all parties’ stake in the survival of the firm. Stakeholder theory
holds that no one group should be given primacy over another. Situations will occur when one
group will benefit at the expense of others, but “relationships among stakeholders must be in 40
balance; when they are not the survival of the firm is in jeopardy.”
35 Gillian Tett, “The Gospel According to Saint Paul,” Financial Times, Oct. 23/24, 2004, p. W3.
36 William M. Evan and R. Edward Freeman, “A Stakeholder Theory of the Modern Corporation: Kantian Capitalism,”
in: Tom L. Beauchamp and Norman E. Bowie, eds., Ethical Theory and Business. Third Edition (New Jersey: Prentice-
Hall, 1988), pp. 97-104.
37 Ibid., p. 100.
38 Ibid., p. 103.
39 Ibid., p. 104.
40 Ibid., p. 103.
The Sarbanes-Oxley Act sought to improve fiduciary performance and accountability. The act
increased the accountability of CEOs and CFOs in regard to SEC reporting and increased civil
and criminal penalties for corporate fraud-related offenses.
Pursuant to Sarbanes-Oxley, on August 29, 2002, the SEC adopted new rules 13a-14 and 15d-1441
under the Securities Exchange Act, which require a company’s CEO and CFO to certify in each
quarterly and annual report that
• he or she has reviewed the report;
• based on his or her knowledge, the report does not contain any untrue statement
of a material fact or omit to state a material fact necessary in order to make the
statements made, in light of the circumstances under which such statements were
made, not misleading with respect to the period covered by the report;
• based on his or her knowledge, the financial statements, and other financial
information included in the report, fairly present in all material respects the
financial condition, results of operations and cash flows of the issuer as of, and
for, the periods presented in the report;
• he or she and the other certifying officers:
(1) are responsible for establishing and maintaining disclosure controls and
(2) have designed such disclosure controls and procedures to ensure that
material information is made known to them, particularly during the period in
which the periodic report is being prepared;
(3) have evaluated the effectiveness of the issuer’s disclosure controls and
procedures as of a date within 90 days prior to the filing date of the report; and
(4) have presented in the report their conclusions about the effectiveness of
the disclosure controls and procedures based on the required evaluation as of that
• he or she and the other certifying officers have disclosed to the issuer’s auditors
and to the audit committee of the board of directors (or persons fulfilling the
(1) all significant deficiencies in the design or operation of internal controls
(a pre-existing term relating to internal controls regarding financial reporting)
which could adversely affect the issuer’s ability to record, process, summarize
and report financial data and have identified for the issuer’s auditors any material
weaknesses in internal controls; and
(2) any fraud, whether or not material, that involves management or other
employees who have a significant role in the issuer’s internal controls; and
41 SEC Final Rule, RIN 3235-AI54, “Certification of Disclosure in Companies’ Quarterly and Annual Reports.” At
• he or she and the other certifying officers have indicated in the report whether or
not there were significant changes in internal controls or in other factors that
could significantly affect internal controls subsequent to the date of their
evaluation, including any corrective actions with regard to significant
deficiencies and material weaknesses.
Sarbanes-Oxley also created a criminal penalty for CEOs and CFOs who knowingly certify false
reports. Officers who certify a report knowing that the statement does not meet the statutory
requirements will, upon conviction, face up to $1 million fine, up to 10 years in prison, or both. A
CEO or CFO willfully certifying compliance knowing that the periodic report accompanying the
statement does not comport with the requirements of the law will face a fine of up to $5 million,
imprisonment of not more than 20 years, or both. An assertion of ignorance may now carry
criminal penalties. Additionally, Sarbanes-Oxley explicitly prohibits anyone from defrauding
shareholders and increases the fines and/or terms of imprisonment that apply to corporate fraud
and related crimes.
Auditors evaluate financial statements to ensure that they accord with Generally Accepted
Accounting Principles (GAAP). Federal securities law requires that all SEC-regulated companies
(those whose securities are sold to the public) have their financial statements certified by an
independent auditor. Assuring that public companies comply with accounting rules is the function
of private auditors; the SEC does not ordinarily conduct audits itself.
Neither does the SEC promulgate accounting standards, although it has statutory authority to do
so. Rather, the agency delegates this responsibility to the Financial Accounting Standards Board
(FASB), a private-sector body. During the Enron investigations, a Senate committee reported that
FASB “has been subject to criticism for its lack of speed in promulgating standards and for being 42
too close to the accounting industry.” Funding for the FASB came from the accounting industry,
until the Sarbanes-Oxley Act sought to isolate FASB from the industry by establishing an
assessment upon publicly-traded companies to fund the accounting standards setting body.
Before Enron, oversight of auditors was primarily the responsibility of the American Institute of
Certified Public Accountants (AIPCA), as was the promulgation of auditing standards. In
response to widespread auditor failures, the Sarbanes-Oxley Act (Sections 101-109) created the
Public Company Accounting Oversight Board (PCAOB) to strengthen auditor oversight. The
PCAOB, which is a private body operating under SEC oversight, has two major functions: (1) to
issue rules establishing standards for auditing practice, ethics, and independence, and (2) to
monitor auditing firms for compliance with these and other applicable rules and investigate and
publish violations with fines, censures, or suspensions from the practice of auditing public
42 U.S. Senate, Committee on Governmental Affairs, Financial Oversight of Enron: The SEC and Private Sector
Watchdogs, committee print, 107th Cong., 2nd sess., Oct. 7, 2002, S. Prt. 107-75 (Washington: GPO, 2002), p. 17.
In addition to the PCAOB, auditors remain subject to professional discipline to ensure that they
maintain compliance with auditing standards. The SEC may bar or suspend from practice any
accountant deemed to have engaged in “unethical or improper professional conduct.” States from
which the accountant receives his license can fine, suspend, or bar the accountant from practice.
The Professional Ethics Division within the AICPA can initiate investigations into allegations of
unethical or wrongful conduct. If it determines guilt, it can bar the accountant from AICPA
membership. The staff of the Senate Committee on Governmental Affairs found that “these
avenues of professional discipline for accountants have been criticized—particularly in the wake
of the Enron scandal—as fairly ineffective. State boards of accountancy vary in their approaches
and do not have sufficient resources to monitor the professionals in their States. Meanwhile, the
AICPA, as the industry trade association, tends not to act aggressively, particularly against 43
accountants in the most established firms.”
Auditors act as monitors of public corporations by certifying financial statements of those
corporations. They ensure that a corporation has implemented effective risk management
processes and internal control systems and has developed financial statements that accord with
GAAP. “Benefits of effective monitoring include transparent financial statements, active trading
markets, and the ability to use unbiased financial accounting numbers as inputs into contracts 44
among shareholders, senior claimants, and management.” Auditors, in effect, serve as
“watchdogs” or “gatekeepers” for investors and creditors.
The auditor provides only “reasonable assurance” that a corporation has fairly represented its
financial condition and implemented effective internal controls. The auditor cannot endorse the
truth of a financial statement with absolute certainty because the auditor remains largely
dependent on management and other corporation employees to provide the needed material to
perform its function (although auditors can and sometimes do obtain information independent of
corporate management). Other sources of uncertainty include the use of estimates and
inconsistencies in internal controls. “An audit provides only reasonable assurance against material
misstatements, whether intentional or unintentional, in the financial statements. In reality, an audit 45
does not guarantee that error or fraud has not affected the financial statements.” Investors,
however, often perceive the audit as providing absolute assurance that a corporation is not
committing fraud. A survey in the early 1990s showed that almost half of investors believed that
the certified audit guaranteed that a corporation was not releasing unintentionally false financial
statements, and more than 70% believed that a certified audit meant the corporation absolutely
was not engaging in fraud. As a result, investors’ expectations exceed the assurance actually 46
Scholars argue whether or not auditors may have an incentive to certify false and misleading
financial statements made by corporations. One view is that maintaining a high professional
reputation provides sufficient incentive for auditors to not endorse questionable financial
43 Ibid., p. 18.
44 April Klein, “Economic Determinants of Audit Committee Independence,” Accounting Review, vol. 77, Apr. 2002,
45 Matthew Barrett, “Enron and Andersen—What Went Wrong and Why Similar Audit Failures Could Happen Again,”
in: Enron: Corporate Fiascos and Their Implications, (New York: Foundation Press, 2004), pp. 155-168.
46 Ibid., p. 156.
statements. “An accountant’s greatest asset is its reputation for honesty, closely followed by its
reputation for careful work. Fees for two years’ audits could not approach the losses [that the
auditor] would suffer from a perception that it would muffle a client’s fraud.... [The auditor’s]
partners shared none of the gain from any fraud and were exposed to a large fraction of the loss. It
would have been irrational for any of them to have joined cause with [the client],” wrote Judge 47
Easterbrook for the Seventh Circuit in 1990.
Columbia law professor John Coffee noted that having an auditor vouch for a corporation’s
statements “is necessary because the market recognizes that the gatekeeper has a lesser incentive
to lie than does its client and thus regards the gatekeeper’s assurance or evaluation as more
credible. To be sure, the gatekeeper as a watchdog is typically paid by the party that it is to watch,
but its relative credibility stems from the fact that it is in effect pledging a reputational capital that 48
it has built up over many years of performing similar services for numerous clients.”
The opposing school of thought maintains that auditors will forgo reputational capital in favor of
certifying false or misleading financial statements if that is the best means by which to secure
profits. “Despite the clear logic of the gatekeeper rationale, experience over the 1990s suggests
that professional gatekeepers do acquiesce in managerial fraud, even though the apparent 49
reputational losses seem to dwarf the gains to be made from the individual client.” This could
occur for unintentional or intentional reasons. Unintentionally, the auditor might make
“unconsciously biased judgments” during the audit due to a relationship with management that
could permit the release of an incorrect audit.
Matthew Barrett explains that “people are less willing to harm individuals that they know relative
to strangers. People are even less willing to harm paying clients, or individuals they consider 50
paying clients, with whom they enjoy ongoing relationships.” Alternatively, auditors might
intentionally certify misleading audits to maintain profitable relationships (such as the provision
of non-audit consulting services) with the corporations they audit. “The auditor’s business
interests in fostering a long-term relationship with a client’s management encourage auditors to
render ‘clean’ audit opinions in an effort to retain any existing engagements and to secure future
business,” states Barrett. He notes that “auditors that issue anything but an unqualified opinion 51
frequently get replaced.”
Three separate actors contribute to the audit: (1) the internal audit committee, (2) the internal
auditor, and (3) the external (or independent) auditor.
47 DiLeo v. Ernst & Young, 901 F.2d 624 (7th Cir. 1990).
48 John Coffee, “Understanding Enron: ‘It’s About the Gatekeepers, Stupid,’” In: Enron: Corporate Fiascos and Their
49 Ibid., p. 128.
50 Barrett, “Enron and Andersen,” p. 161.
51 Ibid., p. 159.
The internal audit committee oversees the audit process for the public firm. “The audit committee
provides, on behalf of the board of directors, oversight responsibility for the firm’s financial-
reporting process.... The audit committee selects the outside auditor and meets separately with
senior financial management and with the external auditor. The committee also questions
management, internal auditors, and external auditors to determine whether they are acting in the 52
firm’s best interests.” The Securities & Exchange Commission (SEC) approved final corporate
governance rules applicable to companies listed on the New York Stock Exchange (NYSE) and 53
NASDAQ on November 4, 2003. The rules describe the purposes, responsibilities and
composition requirements for internal audit committees. The NYSE rules mandate that the audit
• oversee the corporation’s external auditor;
• develop procedures for handling complaints regarding a company;
• annually obtain and review reports of the external auditor;
• discuss the corporation’s audited quarterly and annual financial statements with
management and the external auditor;
• confer about the corporation’s earnings press releases and financial earnings
guidance provided to Wall Street analysts and rating agencies;
• evaluate the corporation’s risk assessment and risk management policies; and
• establish hiring policies for employees or former employees of external auditors.
The NASDAQ rules add that the internal audit committee must review and approve all related-
Members of the internal audit committee typically come from the board of directors. The
Sarbanes-Oxley Act mandates that the audit committee include at least three members, all of 54
whom are independent of the company. At least one member of the audit committee must be a
“financial expert,” who, as defined in Section 407, must have accounting and auditing experience.
The statute does not precisely define what constitutes accounting or financial management
experience. Roman Weil, professor at the University of Chicago’s Graduate School of Business,
offered the following definition: “To be financially literate, every person on the audit committee
should understand the transactions that require management to make important accounting
judgments, the accounting issues management has to confront in explaining those transactions,
the decisions management made and why, and the potential implications for financial reporting of
management’s choices.... You’d think it would be a basic requirement on these audit committees,
but it’s unbelievably scarce.... How can an audit committee meet its oversight if it doesn’t
52 Klein, “Economic Determinants of Audit Committee Independence,” p. 435.
53 “NASD and NYSE Rulemaking: Relating to Corporate Governance,” Release No. 34-48745. Available at
54 For definitions of director independence, see “Board Independence as a Barrier to Fraud” section, above.
understand—or think to ask about—these types of judgments, and the extent to which 55
management has used its discretion to affect reported income?”
The internal auditor provides management and the audit committee with an ongoing assessment
of a company’s accounting methods and results. Charles Elson, the director of the University of
Delaware’s Center for Corporate Governance, argues that the internal auditor should primarily
report to the audit committee. “Internal audit, like external audit, needs to report ultimately not to
management, but to the audit committee.... That’s also why the audit committee should be
composed solely of independent, equity-holding members, with no connection with 56
ma nage me nt.”
The internal audit function can remain in-house or, alternatively, the internal audit committee can
outsource the internal audit to an accounting firm. Section 201(a) of Sarbanes-Oxley permits the
audit committee to outsource the internal audit to an external auditor, but not to the same
accounting firm that is serving as the independent, external auditor. Prior to the passage of
Sarbanes-Oxley, the same accounting firm could conduct both the internal and external audit
functions for a corporation.
As required by law, a public company contracts with an external auditor to provide certification
that management and internal auditors have not misled creditors and investors, and have followed
GAAP in preparing financial statements. External auditors, in effect, perform the same function
as internal auditors, assessing the financial reporting of a corporation. However, they also provide
the additional outside check on the work of the internal auditor.
The requirement that a firm hire an outside auditor to certify its financial services dates from the 57
1930s, to the same legislation that created the SEC. The external auditor is the only professional
whose services must be obtained, as a matter of law, by firms selling securities to the public.
Sarbanes-Oxley, the SEC, and the stock exchanges have brought about major changes in the
regulation of auditors since the Enron scandal. Several further reform steps are under debate
within the profession. The following are among the major issues under consideration.
Section 201(a)(5) of Sarbanes-Oxley specifically prohibits the external auditor from also serving
as the outsourced internal auditor. A January 2003 SEC rule, effective May 6, 2003, declares that
an external auditor compromises its “independence” if at any point during the audit period the
55 Gardiner Morse, “Audit Committees Can’t Add,” Harvard Business Review, vol. 82, May 2004, pp. 21-24.
56 Michael Barrier, “Relating to the Audit Committee,” Internal Auditor, vol. 59, Apr. 2002, p. 29.
57 The Securities Exchange Act of 1934.
outside firm performs internal audit or other prohibited non-audit services for the contracting
public corporation. A discussion has arisen within the accounting field as to whether or not the
law and the SEC should ever permit the outsourcing of an internal audit to any external audit
firm, even when no apparent conflict of interest exists.
Proponents of outsourcing cite “improved services at lower costs” as the primary reason to permit 58
outsourcing of the internal audit. External auditors presumably will have the most up-to-date
expertise in auditing practice, as well as superior institutional knowledge and professional
resources. These advantages may often enable external auditors to perform internal audits at a
lower cost to the company than when the internal audit is performed by in-house staff. Moreover,
outsourcing the internal audit permits management to concentrate on its primary task of directing
the company, rather than focusing on accounting matters.
Some leaders in the field, however, support a ban on outsourcing internal audit work to an
external auditor. They cite evidence that in-house auditors are more likely than external auditors
to uncover fraud within the corporation. In a 1998 KPMG survey of executives from 5,000 large
U.S. corporations, not-for-profit organizations and local governments, “respondents consistently
rated internal auditors among the entities most likely to detect fraud from within their
organizations, while external auditors were among the least likely. According to the survey, key
factors in detecting fraud included customer and employee notification and anonymous letters.
These factors might not be effective if someone such as a full-time internal auditor were not 59
immediately available to receive such communications.”
Another survey found that external auditors were not as “proactive” as internal auditors in
detecting fraud: “Most of the outsourced internal audit departments we encountered appeared to
have lost their focus on adding value and improving company governance. The departments were
often not proactive and failed to initiate change, thereby allowing their service to become less 60
relevant to the organization.”
Opponents of outsourcing contend that external auditors simply do not understand the business of
a corporation as well as an in-house audit department would, and, as a result, are less likely to
detect fraud. Opponents also believe that over the long term, outsourcing will not save costs,
given the concentration and limited price competition in the accounting industry.
A relatively new school of thought argues that auditors should expand their role to include non-
financial risk management in addition to standard financial risk management. This school
maintains that fraud does not arise from only from the manipulation of financial statements, but
may appear in various types of non-financial reporting that encompass the entire culture of a
corporation. “We as a profession must stand up for the cause of a strong external audit as the best
way of both detecting fraud and instilling management and financial discipline. But this will not
work unless we are prepared to expand the scope of the audit rather than just telling the wider
58 Larry Rittenberg, Wayne Moore, and Mark Covaleski, “The Outsourcing Phenomenon,” Internal Auditor, vol. 56,
Apr. 1999, pp. 43.
59 George R Aldhizer III, James D Cashell, Dale R Martin, “Internal Audit Outsourcing,” CPA Journal, vol. 73, Aug.
2003, p. 38.
60 Rittenberg, et al., “The Outsourcing Phenomenon,” p. 44.
public that they are wrong and do not understand its limitations. I believe that verification by
auditors will be needed on management statements concerning internal controls; performance
indicators of a company’s health; vital non-financial indicators; risk management strategies and
risk assessment; corporate governance practices; management discussion and analysis as part of
the annual report; human capital data, staff turnover and investment in training and research and
development.,” writes Allen Blewitt, CEO of the Association of Chartered Certified Accountants 61
(ACCA), the British equivalent of the AICPA.
Dawn-Marie Driscoll, chair of the audit committee for Scudder Funds and executive fellow at the
Center for Business Ethics at Bentley College, agrees: “The responsibility of audit committees
has broadened beyond looking at financial results or, for that matter, financial controls, to
including managing risk.... A key component for managing risk is managing the culture and the 62
integrity of the organization.”
The Sarbanes-Oxley auditor independence provisions prohibit outside auditors from performing
several types of non-audit services for their audit clients, including bookkeeping, financial
information systems design and implementation, appraisals, actuarial services, internal audit
services, management or human resources functions, legal and expert services unrelated to the
audit, broker/dealer, investment adviser, or investment banking services, as well as any other 63
service that the PCAOB determines to be impermissible. The need to strengthen auditor
independence rules was one of the key conclusions drawn by congressional investigators into the
[A]llowing the same firm to audit a company and provide consulting services for that
company might tempt the firm to work with and please management in the audit function in
order to assure itself further consulting work. Moreover, to the extent that some of the
consulting work may involve setting up internal audit systems or even helping to structure
transactions, the firm might end up auditing its own work, perhaps leading it to be either less 64
critical or more trusting than it should be.
However, the law continues to permit accounting firms to conduct certain non-audit services for
their audit clients, provided that such services are approved in advance by the audit committee.
The most important such service, in terms of accounting firms’ revenues, is tax work. There is
debate as to whether this practice compromises the independence of the external auditor.
In February 2003, the Joint Committee on Taxation published a staff study of Enron’s tax
practices and the role of financial institutions, including Arthur Andersen, in devising various tax 65
shelters and transactions. Chairman Grassley described these transaction as “just a little bit short
61 Allen Blewitt, “Strengthen the Sign-off,” Financial Times, Jan. 22, 2004, p. 2.
62 Michael Barrier, “Relating to the Audit Committee,” Internal Auditor, vol. 59, Apr. 2002, p. 29.
63 Sarbanes-Oxley Act, Section 201(a).
64 U.S. Senate, Committee on Governmental Affairs, Financial Oversight of Enron: The SEC and Private Sector
Watchdogs, committee print, 107th Cong., 2nd sess., Oct. 7, 2002, S.Prt. 107-75 (Washington: GPO, 2002), p. 19.
65 Joint Committee on Taxation, Report of the Investigation of Enron Corporation and Related Entities Regarding
Federal Tax and Compensation Issues, and Policy Recommendations, 108th Cong., 1st sess, Feb. 2003, (JCS-3-03), 3
of racketeering.”66 Chairman Grassley and Ranking Member Baucus subsequently wrote to the
SEC asking whether auditors should be banned from providing tax services to their audit clients.
Another compromise of auditor independence may arise in spite of the Sarbanes-Oxley
requirement that the outside auditor be hired by the audit committee. It has been argued that
management ultimately will interject its own preferences into the hiring process because terms of
the contract will require management’s approval:
[Sarbanes-Oxley], the SEC, and the NYSE have sought to change the relationship between
the auditor and client by giving the audit committee of a company’s board of director’s a
more central role and relationship with the external auditors. We believe that this is a naïve
hope and will result in further dashed expectations. With all the talk of having the audit
committee ‘hire’ the auditor, no one has talked about how fee disputes will be settled, how
scope questions will be answered, or how reporting and disclosure debates will be resolved.
Corporate audit committees will turn to management for help in resolving such critical
questions. The audit committee is a company-centric body that must work closely with
company management. More responsibility on the audit committee might result in a few
more company hands on the fiddle, but the tune will substantively remain the same. This 67
needs to change.
Others see a potential conflict between independence standards for audit committee members and
the statutory mandate that the committee include a financial expert with auditing and accounting
experience. Inevitably, a large number of these financial experts will be retired partners of the Big 68
Four accounting firms, which perform most corporate audits. “Auditors and audit committees
will therefore increasingly have to be on guard against the resulting risks of conflict of interest.
More company directors are likely to have an intimate knowledge of how their audit firms work,
have friends and contacts at the firm and a working knowledge of its audit processes. All of which
means that, should they ever stoop to such levels, they will find it easier to hoodwink their 69
Corporations hire legal counsel, both internal and external, to assure that the corporation remains
in compliance with applicable laws and regulations in subject matters as diverse as corporation
formation, creation of contracts, and securities filings. In addition to such transactional work,
corporations also hire legal counsel for litigation purposes, i.e., (1) defending the corporation if it
is sued civilly or criminally prosecuted, and (2) representing the corporation in civil suits it brings
against others. The following section addresses the corporate governance and fraud
detection/prevention role of attorneys as both inside and outside professionals.
66 Peter Behr, “Enron Skirted Taxes via Executive Pay Plan,” Washington Post, Feb. 14, 2003, p. E1.
67 Robert Sack and Mark Haskins, “Of Fiddlers and Tunes,” CPA Journal, v. 73, June 2003, p. 10.
68 According to the PCAOB website, http://www.pcaob.com, the Big Four audit 56% of all firms that file reports with
69 Liz Fisher, “The Big Four Old Boys’ Club,” Accountancy, vol. 133, Mar. 2004, p. 29.
What is the role of attorneys in preventing and detecting fraud? In order to answer this question,
this section will look to state and federal regulations regarding attorney conduct as well as the
profession’s methods of self-regulation; civil malpractice suits and criminal prosecution of
corporate counsel will also be addressed. Examples from case studies will be included where
appropriate. Additionally, while corporate inside and outside attorneys are governed by the same
rules, in-house corporate attorneys have a unique perspective due to their role inside the corporate
organization and their reliance on a sole client.
Historically, attorneys have been a self-regulating profession, with state and local bar associations
leading the way in promulgating ethical standards and the judiciary playing the lead enforcement
role. At the national level, the American Bar Association (ABA) plays an important role in
developing the Model Rules of Professional Conduct, which many state bar associations then
adopt. With 400,000 members, the ABA is the largest voluntary professional association in the
world, and ABA members represent about half of all lawyers practicing in the United States. The
ABA was founded in 1878 at a time when most lawyers learned their trade by apprenticeship and
no national code of legal ethics existed. Today, one of the 11 stated goals of the ABA is “to 70
achieve the highest standards of professionalism, competence, and ethical conduct.”
The original Canons of Professional Ethics were adopted by the ABA in 1908, and although the
canons were worded in an advisory manner, courts began enforcing the canons as if they were 71
binding legal rules. The current ABA Model Rules serve as an example for states and have been
adopted in at least 39 states. Although the Model Rules are theoretically designed to be adopted
by states in its entirety, states are free to alter the ABA Model Rules as they wish. In 1997, the
ABA began a five-year project to revise and examine the ABA Model Rules. Additionally, after
the passage of the Sarbanes-Oxley Act of 2002 by Congress, the ABA Task Force on Corporate 72
Responsibility recommended changes to Model Rule (MR) 1.13 of the code. Sarbanes-Oxley
also mandated that the SEC promulgate new regulations regarding attorneys who practice before
that federal agency.
The ABA may lead the way in devising model rules of ethical behavior, but it rests with state bar
associations and courts to adopt and enforce those rules. Most states have mandatory bar
associations which license all attorneys in the state and provide a system of professional
discipline, the most drastic punishment of which is disbarment. Additionally, an injured client
may sue his or her attorney for money damages in a traditional malpractice action which can be
based on contract, tort, and fiduciary principles or can be based on civil statutes. Attorneys are
also subject to criminal prosecution if they commit fraud or otherwise break state or federal laws 73
in the course of their representation.
So, who governs lawyers? The ABA, state bar associations (including disciplinary committees),
the judiciary, civil lawsuits, state and federal criminal and civil laws, and government agency
70 American Bar Association, “About the ABA,” http://www.abanet.org/about/home.html.
71 John F. Sutton, Jr. and John S. Dzienkowski, Cases and Materials on the Professional Responsibility of Lawyers, 2nd
ed. (St. Paul: West Group, 2002), p.14.
72 American Bar Association, “Proposed Amendments to Rule 1.13 of the ABA Model Rules of Professional Conduct.”
73 Sutton and Dzienkowski, p.521.
regulations. The issues of civil and criminal liability for attorneys and other corporate actors are
addressed in other sections of this report. This section will focus on ethical rules, federal
legislation, and agency regulations.
Historically, the attorneys who first promulgated the ABA ethical canons were litigators and as
such their primary concern was maintaining the adversarial legal system. Paramount to this was 74
preserving lawyer-client confidentiality. ABA Model Rule 1.6 has governed this issue of
confidentiality, essentially barring attorneys from disclosing information without client consent
unless it is to aid the lawyer in defending a malpractice suit, to ask advice in regard to following
the model rules, or if the attorney reasonably believes his client is going to commit a criminal act 75
that is likely to result in imminent death or substantial bodily harm. Thus, in regard to criminal
activity by a client, financial fraud or crime would not be subject to disclosure by an attorney
unless it would cause imminent death or certain substantial physical injury. Purely financial
crimes are not violent in nature and would fall out of the purview of the original MR 1.6.
However, in August 2003, the ABA amended MR 1.6 in reaction to corporate scandals like Enron,
WorldCom, and Tyco. The new MR 1.6 allows attorneys to disclose confidential client
information in two new circumstances: 1.6(b)(2) to prevent the client from committing a crime or
fraud that is reasonably certain to result in substantial injury to the financial interests or property
of another and in furtherance of which the client has used or is using the lawyer’s services, and
1.6(b)(3) to prevent, mitigate or rectify substantial injury to the financial interests or property of
another that is reasonably certain to result or has resulted from the client’s commission of a crime 76
or fraud in furtherance of which the client has used the lawyer’s services.
Thus, the ABA has expanded the exception to total client confidentiality without consent to
include not only substantial physical harm to a person but substantial harm to another’s property
or financial interests as well. If a client uses or has used an attorney’s services to commit a fraud
which has caused or will cause another substantial financial injury, the attorney may disclose
client information without the client’s consent. However, the new MR 1.6 does not require an
attorney to disclose; it is still the attorney’s choice whether to do so. However, before the rule was
amended in 2003, an attorney could have been subject to disciplinary action or a malpractice
lawsuit by a client if the attorney had disclosed information relating to a client’s financial crime.
The new rule opens the door for attorneys to disclose, but whether it is in the attorney’s financial
interest to do so remains an important question. If an attorney discloses a client’s financial fraud
under MR 1.6, he may have difficulty obtaining future business from corporate clients who may
be concerned the attorney will disclose their confidences as well.
74 Based on discussions with John Dzienkowski, professor of professional responsibility, University of Texas School of
Law, Jan. 27, 2004.
75 “2002 ABA Model Rules,” in John S. Dzienkowski, ed., Professional Liability Standards, Rules & Statutes, 2002-
2003, abridged ed. (St. Paul: West Group, 2002), pp.29-36.
76 American Bar Association, “Rule 1.6: Confidentiality of Information.”
In addition to the duty of confidentiality, another important duty an attorney owes to a client is the 77
duty of diligent representation. This duty is set forth in MR 1.3. If an outside counsel is aware
that a corporation’s practices may not be in compliance with the law, the duty of diligence should
dictate that the attorney advise its client of the potential illegality of these matters. Additionally, if
an outside firm is hired to investigate allegations of wrong-doing it should do so to the best of its
ability. Of course, central to diligent representation of one’s client is actually identifying one’s
client. The issue of “who is the client” can become very complicated for corporate attorneys, both
inside and outside counsel. So, who is the client for a corporate attorney? The legal entity that is
the corporation? The corporation’s shareholders? The Board of Directors? Corporate officers or
managers? Other corporate employees? This issue remains unclear under current ABA ethical
rules and in actual practice.
Several issues related to diligence of representation are raised in regard to legal representation of
Enron. One of Enron’s main outside law firms, Vinson & Elkins, has relied upon their attorneys’
lack of accounting knowledge as an excuse for not catching Enron’s fraud. Certainly, corporate
attorneys cannot be as skilled in the intricacies of accounting practices and maneuvers as
professional accountants. But, in a post-Enron age, some have argued that corporate attorneys
must develop better knowledge of accounting principles in order to adequately represent
However, a potential argument in defense of Vinson & Elkins is that Enron did not rely entirely
on that firm for its outside legal representation. Enron farmed out its legal work to several outside
firms, as a result of which V&E arguably may not have had a complete picture of Enron’s
fraudulent activities. “Vinson & Elkins’ share of Enron’s legal pie continued to shrink—to 20% of
work Enron farmed out in 2001... But Vinson & Elkins remained the firm Enron went to first with 78
its most sensitive projects....”
Also, after Enron employee Sherron Watkins sent her famous whistleblower memo to Enron CEO
Kenneth Lay alleging fraudulent accounting practices, Lay hired Vinson & Elkins to perform an
independent investigation of Watkins’ charges. The law firm accepted the task, even though V&E
had represented Enron in many transactions, raising questions about the independence of their
investigation. Enron General Counsel Jim Derrick approved the hiring of V&E to conduct the
limited review, which might be seen as a lack of diligence by Derrick to his client, the
corporation. Further, V&E’s investigation of Watkins’ claims concluded that no fraudulent acts
had occurred. Considering the subsequent contrary findings of the Powers Report, the collapse of
Enron, and the criminal indictments of Arthur Andersen (Enron’s outside accounting firm) and
several Enron executives, many have questioned the adequacy of the V&E investigation into the
Watkins’ memo; this calls into question the diligence of V&E’s representation of Enron in this 79
77 “2002 ABA Model Rules,” in John S. Dzienkowski, ed., Professional Liability Standards, Rules & Statutes, 2002-
2003, abridged ed. (St. Paul: West Group, 2002), pp. 21-22.
78 Ellen Joan Pollock, “Limited Partners: Lawyers for Enron Faulted Its Deals, Didn’t Force Issue,” Wall Street
Journal, May 22, 2002, p. A1.
79 See, e.g., Dan Ackman, “It’s the Lawyers Turn to Answer for Enron,” Forbes.com, Mar. 14, 2002.
Usually, outside law firms have such a diversified client base that they are not financially
dependent upon one client. This was not the case with V&E and Enron. Enron was Vinson &
Elkins’ biggest client, pouring roughly $35.6 million into the firm’s coffers in 2001, 7.8% of its
revenue. It seems likely that V&E’s ability to give independent, objective legal advice was
affected by its desire to keep Enron as a client; V&E attorneys appear to have let some suspicious
Enron practices slide. For example, V&E did not prevent Enron’s board of directors from waiving
conflict of interest rules regarding Chief Financial Officer Andrew Fastow’s dealings with special 80
purpose entities (SPEs) in which he was involved. Another conflict of interest issue is raised by
V&E agreeing to conduct a supposedly independent review of the Sherron Watkins whistleblower
memo, instead of insisting that Enron hire a law firm with no previous association with the firm.
Conflicts of interest also abounded for Enron’s internal counsel. One example is provided by
Enron attorney, Kristina Mordaunt, counsel to CFO Fastow. In 2000, Mordaunt received a return
of $1 million on an investment of $5,800 in an Enron-related SPE after a period of just a few 81
months. It seems unlikely Mordaunt could provide Fastow with independent legal advice about
the permissibility of Enron’s many SPEs when she was being personally enriched by an
investment in them.
Recent changes have given corporate attorneys more freedom to report large-scale financial
frauds by their clients. What effect these changes will ultimately have on attorney behavior
remains to be seen. The American Bar Association recently amended MR 1.13, “Organization as
client.” This rule previously allowed attorneys for an organization (including attorneys for a
corporation) who discovered that an officer or employee of the organization was involved in
illegal action or planning to engage in illegal action to report the action to the highest authority
that can act for the organization (generally the chairman of the board of directors or the CEO). If
the lawyer felt his concerns were not being addressed, his only option was to withdraw from
representation. He was not authorized to disclose the illegal action to anyone outside the
organization (unless the action was one that would result in substantial physical harm under MR
1.6 discussed above). For inside counsel, withdrawal from representation of one’s client means
resigning one’s job.
However, the amended MR 1.13 allows an attorney to disclose confidential client information if
the highest authority in the organization does not act in a timely manner and the lawyer believes
the violation is reasonably certain to result in substantial injury to the organization. Again, the
lawyer has the choice whether or not to disclose information relating to such a violation;
disclosure is not mandatory. Any disclosure that meets the criteria of the new MR 1.13 is
exempted from the confidentiality requirements of the new MR 1.6. Attorney withdrawal
provisions are discussed further by ABA MR 1.16.
MR 1.13 also notes that “an organizational client is a legal entity, but it cannot act except through
its officers, directors, shareholders, and other constituents. Officers, directors, employees, and
80 The SPEs were accounting entities used by Enron to generate fictitious profits. Fastow received a 10-year prison
sentence after pleading guilty to two counts of securities fraud.
81 Mimi Swartz, Power Failure: The Inside Story of the Collapse of Enron (New York: Doubleday, 2003), p. 214.
shareholders are the constituents of the corporate organizational client.” So, at least in theory, the
client of a corporate attorney is the corporation itself, considered an independent entity of its own
under the law. But ambiguity still remains about what this means for corporate attorneys trying to
balance obligations and dealings with shareholders, directors, officers, and employees.
The Sarbanes-Oxley Act mandated that the SEC make changes in its rules regarding attorneys
who practice before the SEC. New rules (17 CFR Part 205) were adopted in August of 2003,
incorporating some provisions similar to the ABA model rule: an attorney who discovers
evidence of fraud is required to report “up the ladder” within the client corporation. If no
remedial action is taken by the client, the SEC rules as proposed would have required the attorney
to make a “noisy withdrawal” including these steps:
• withdraw forthwith from representing the issuer, indicating that the withdrawal is
based on professional considerations;
• within one business day of withdrawing, give written notice to the Commission
of the attorney’s withdrawal, indicating that the withdrawal was based on
professional considerations; and
• promptly disaffirm to the Commission any opinion, document, affirmation,
representation, characterization, or the like in a document filed with or submitted
to the Commission, or incorporated into such a document, that the attorney has
prepared or assisted in preparing and that the attorney reasonably believes is or
may be materially false or misleading.
The “noisy withdrawal” provisions were extremely controversial, and were not included in the
final rule. The SEC release accompanying the attorney rules stated:
Section 307 of the Sarbanes-Oxley Act of 2002 requires the Commission to prescribe
minimum standards of professional conduct for attorneys appearing and practicing before the
Commission in any way in the representation of issuers. The standards must include a rule
requiring an attorney to report evidence of a material violation of securities laws or breach of
fiduciary duty or similar violation by the issuer up-the-ladder within the company to the
chief legal counsel or the chief executive officer of the company (or the equivalent thereof);
and, if they do not respond appropriately to the evidence, requiring the attorney to report the
evidence to the audit committee, another committee of independent directors, or the full
board of directors. Proposed Part 205 responds to this directive and is intended to protect
investors and increase their confidence in public companies by ensuring that attorneys who
work for those companies respond appropriately to evidence of material misconduct. We are
still considering the “noisy withdrawal” provisions of our original proposal under section
307; in a related proposing release we discuss this part of the original proposal and seek 82
comment on additional alternatives.
Many attorneys opposed the proposed “noisy withdrawal” regulations because they would force
corporate attorneys to inform the SEC when they withdraw from representing a client under
circumstances of MR 1.13. This way, the SEC would be alerted to possible fraud in a company.
What disincentives exist for attorneys regarding “noisy withdrawal”? This rule would in effect
force disclosure of large-scale corporate client fraud by attorneys (whereas the ABA rules make
disclosure voluntary). Many corporate attorneys are concerned about losing current and future
82 U.S. Securities Exchange Commission, “Final Rule: Implementation of Standards of Professional Conduct for
Attorneys,” at http://www.sec.gov/rules/final/33-8185.htm.
clients if they withdraw under the SEC rules. Many large corporate law firms have commented
negatively on the “noisy withdrawal” rule, claiming that it disturbs the delicate but necessary
relationship of trust between a client and an attorney. If adopted, the “noisy withdrawal” rule
would give the SEC a powerful tool in its investigations of fraudulent securities filings, but no
such rule has been formally proposed since the adoption of the August 2003 attorney conduct
The role of attorneys as internal and external gatekeepers against corporate fraud is an uncertain
one. Historically, an attorney’s only avenue if he suspected corporate fraud was to report his
suspicions up the corporate ladder or to withdraw from representation of his client. Recent
changes to the ABA Model Rules of Professional Conduct have cleared prior hurdles to attorney
disclosure of confidential client information relating to financial frauds. However, the revised
ABA Model Rules merely allow disclosure of financial crimes to the appropriate authorities; the
rules do not require such disclosure. Further, fear of job termination or damage to professional
reputation is likely to dissuade many attorneys from voluntarily reporting client financial fraud.
Additionally, the attorney rules which were adopted by the SEC pursuant to Sarbanes-Oxley
merely direct attorneys to report possible securities violations or breaches of fiduciary duty up the
corporate ladder. The SEC rule does not address fraud prevention in a corporation where officers,
managers, and even boards of directors may be involved in fraud themselves. In such a situation,
reporting up the corporate ladder will have no effect.
The proposed but un-adopted SEC “noisy withdrawal” rule would address fraud prevention in
corporations with corrupt management or boards by requiring attorneys to alert the SEC if
withdrawing from representation due to unaddressed allegations of financial fraud. But, the
outpouring of negative feedback from corporate law firms in response to the proposed rule may
make final adoption by the SEC unlikely. The controversy caused by the proposed “noisy
withdrawal” provision shows how problematic casting attorneys as corporate whistleblowers or
as gatekeepers against corporate fraud may be. At the heart of the issue is the strong tradition of
attorney-client confidentiality in U.S. legal practice. But, examples of corrupt corporations like
Enron illustrate the tragedy that can befall a corporate lawyer’s true client, the corporation itself,
when attorneys and other professionals act in the interest of dishonest corporate officers and
neglect the interests of the corporation and its shareholders.
Companies possess another potentially powerful internal barrier to fraud—employees. It is a great
advantage to anti-fraud efforts if employees feel a responsibility to report fraud within a
corporation. Sociologists have identified a number of characteristics that make a business
environment, or corporate culture, more conducive to whistleblowing. Employees must trust that
they will be protected from reprisals and that their reports will be taken seriously and acted upon.
Because the very nature of a large organization tends to diffuse responsibility, individuals in the
organization can become removed from any perception of an individual component of moral
responsibility. They may come to feel that their personal responsibility is extremely limited and
that something much bigger is at work. The perceived degree of complicity in unethical behavior
is thus reduced as it is thought that no individual bears responsibility for the corporate decision.
Individuals in organizations are sometimes subjected to various pressures to comply with
ethically questionable decisions. Corporate wrongdoers naturally do not wish to have their actions
exposed. Individuals in positions of authority can utilize direct threats such as termination, denied
promotions, salary stagnation, undesirable transfer, etc. More subtle pressure can also be used,
such as reminders that performance reviews are imminent or that being a “team player” is an
important factor. Compensation packages for many depend on performance measures that would
be negatively affected by a revelation of wrongdoing. Finally, regardless of its merit, an
organization has a tendency to punish the bearer of bad news. Individuals are thus reluctant to
assume this role.
Sherron Watkins, who sent a letter to Enron’s CEO detailing her fears of imminent accounting
scandals, was not the only Enron employee who questioned the company’s business and
accounting practices. Objections arose from the legal department, from accounting, and even 83
from within Arthur Andersen. Members of Enron’s legal counsel were forced to negotiate with
their superior, Andrew Fastow, on behalf of Enron while Fastow represented LJM and LJM2, off-
the-books partnerships that generated great profits for Fastow and others while allowing Enron to 84
manipulate its accounting statements. When employees expressed concern, they were often told
to be more of a team player, or even transferred to another division. Enron was totally focused on
the future and on the new deals it could bring; its corporate culture was intolerant of any restraints
on risk-taking or “pushing the envelope.” Mimi Swartz writes, “... Being ordinary was the kiss of 85
death, and being a star—rich, smart, and free—was everything.”
Since Enron, whistleblower protections have been enhanced at the federal and state levels.
Sarbanes-Oxley expands the protections for any employee who becomes an informant in a federal
investigation against fraud. Sections 806 and 1107 issue standard whistleblower protections and
offer remedies for those who feel they have been wrongly discharged as a result of their
participation in federal proceedings.
However, Sarbanes-Oxley is limited to publicly traded companies under the purview of the SEC.
Employees of privately held companies and state agencies are not protected by these laws. State
constitutions and legislatures do not offer uniform whistleblower protection. For example, the
Texas Supreme Court ruled that the state constitution does protect state employees, but that those
protections do not extend to private companies. After Sherron Watkins issued her second memo to
Kenneth Lay, a member of Enron legal counsel called management’s attention to her lack of legal
recourse, though it was noted that she could pursue a so-called Sabine Pilot suit, which, even if 86
found baseless, could be a blow to the public image of the company.
83 Arthur Andersen was Enron’s outside auditor and was convicted of obstruction of justice in the Enron case, leading
to the dissolution of the firm.
84 Testimony of Jordan Mintz, in U.S. Congress, House Committee on Energy and Commerce, Subcommittee on
Oversight and Investigations, The Financial Collapse of Enron—Part 2, hearing, 107th Cong., 2nd sess., Feb. 7, 2002.
85 Swartz, Power Failure, p. 190.
86 Sabine Pilot suits refer to the decision in the case Sabine Pilot Service, Inc. v. Huack, 687 S.W.2d 733 (Tex. 1985).
The decision protects employees discharged for refusing to perform an illegal act. As delineated by Enron lawyer Carl
The recent wave of corporate scandals, combined with dramatic changes in technology and
financial markets, has renewed focus on the role of government agencies in detecting and
preventing corporate fraud. Aside from the theoretical and political debates over the appropriate
role of government in regulating private enterprise, there are many disagreements over how
regulators should do their job once they have been vested with regulatory authority. In basic
terms, the objective of government regulation is to change the behavior of private individuals and 87
corporations in order to protect consumers, competitors, suppliers, distributors, and workers.
Once Congress has crafted legislation and vested an agency with regulatory authority, Congress
and the President also decide the levels of resources to appropriate in order that agencies have the
ability to carry out their legal mandate. This section examines some of the critical issues related
to the effective detection and prevention of fraud by federal regulatory agencies including
regulatory agency missions, budgets, and jurisdiction.
When studying Enron and other recent corporate scandals, it is notable how small a role federal
agencies such as the Securities and Exchange Commission (SEC), the Federal Energy Regulatory
Commission (FERC), the Commodity Futures Trading Commission (CFTC) and the Department
of Justice (DOJ) played in detecting fraud. These government agencies have been criticized for
lacking the ability, the capability, and/or the will to prevent the corporate scandals that emerged
beginning in 2001.
Critics of current regulatory structures in the United States have pointed to apparent problems in
agency mission; authority and jurisdiction; the integration of industry participants into agencies
(also known as regulatory capture); and the capacity of agencies to carry out their functions.
These problems are discussed below:
In the last decade, the federal government has made an effort to link agency budgets to concrete
results through the Government Performance and Results Act (GPRA) of 1993 (P.L. 103-62).
GPRA is a tool intended to help regulatory agencies define their mission, and then link budget
requests to concrete outcomes.
Jordan in an e-mail, Ms. Watkins could have had a case if “an employee’s duties involve recording accounting data that
she knows to be misleading onto records that are eventually relied on by others in preparing reports to be submitted to a
federal agency (e.g., SEC, IRS, etc.).... If the employee alleges that she was discharged for refusing to record (or
continuing the practice of recording) the allegedly misleading data, then she has stated a claim under the Sabine Pilot
doctrine.” As quoted in Leslie Griffin, “Whistleblowing in the Business World,” in Enron: Corporate Fiascos and
Their Implications, Nancy B. Rapoport and Bala G. Dharan, eds., (New York: Foundation Press, 2004), p. 214. For
more information about Texas whistleblower laws pre- and post-Sarbanes-Oxley, see Ken Hughes, “Whistle-blower
Claims Involving In-House Counsel and Officers,” as presented at The Review of Litigation Symposium on Litigating
Business Ethics at the University of Texas Law School, Mar. 26, 2004.
87 James W. Fesler and Donald F. Kettl, The Politics of the Administrative Process (Chatham, NJ: Chatham House
Publishers, 1996), p. 340.
While GPRA can be used to focus regulators’ attention on fraud detection and prevention through
mission definition, budget requests, and jurisdictional clarification, GPRA has been criticized for
its failure to identify extreme risks, especially risks that would be considered inter-agency
matters. In their strategic plans written between 1993 and 2001, neither the SEC nor FERC
identified fraud as a material risk to the financial markets and the financial industry.
The DOJ also failed to identify corporate fraud as a high-priority problem. Several branches of
the DOJ are charged with investigating and prosecuting white-collar crimes. These branches
include the Fraud Section of the Criminal Division, which directs the federal law enforcement
effort against fraud and white-collar crime; the Tax Division, which handles or supervises civil
and criminal matters that arise under the internal revenue laws; the FBI; and the Office of the
U.S. Attorney, which prosecutes criminal cases brought by the federal government. In the DOJ’s
strategic plan for fiscal years 2001-2006, (written before the discovery of Enron’s fraudulent
activities), DOJ’s stated goals included the prosecution of white-collar crime, but the agency did
not identify corporate fraud/white-collar crime as one of their “critical management issues” 88
requiring extra attention and funding.
Following the corporate scandals, DOJ began to refocus its mission in order to devote more
attention to corporate fraud. In 2002, the White House created a partnership among federal
agencies with the goal of better discovering and prosecuting corporate fraud. This new entity is
called the President’s Corporate Fraud Task Force, and it is housed within the Office of the
Deputy Attorney General of the DOJ. Task Force members include the Director of the Federal
Bureau of Investigation, the Assistant Attorney General-Criminal Division, the Assistant Attorney
General-Tax Division, and various U.S. Attorneys. The heads of several federal agencies, 89
including the SEC and the CFTC, are also members of the Task Force.
Additionally, the DOJ established the Enron Task Force (ETF) in January 2002 to promote
interagency cooperation in investigating and prosecuting criminal matters relating to the collapse
of Enron. The ETF includes prosecutors from across the country, FBI agents (many with
accounting and/or securities industry backgrounds), and agents from the IRS. The ETF is
coordinating its investigative efforts with the SEC, the United States Attorney’s Office for the
Northern District of California, the CFTC, and the National Association of Securities Dealers
(NASD), as well as numerous other government agencies, including FERC, the Department of 90
Labor, and the Office of the United States Trustee. A number of Enron’s top managers, as well
as several mid-level employees, have been indicted and/or convicted of various criminal 91
Although the mission of regulatory bodies would seem to include the prevention and detection of
fraud, some regulatory agencies may lack the authority or jurisdiction to carry out that mission.
88 U.S. Department of Justice, Justice Management Division, Department of Justice Strategic Plan for 2001-2006, Nov.
2001, Executive Summary, p. 3.
89 U.S. Department of Justice, Office of the Deputy Attorney General, “The President’s Corporate Fraud Task Force,”
90 U.S. Department of Justice, Office of the Deputy Attorney General, Corporate Fraud Task Force: First Year Report
to the President, July 22, 2003, pp. 2.3-2.4, at http://www.usdoj.gov/dag/cftf/first_year_report.pdf.
91 See CRS Report RL31866, Criminal Charges in Corporate Scandals, by Mark Jickling and Paul H. Janov.
Significant areas of financial markets are not currently regulated, such as foreign exchange
trading, government bond markets, hedge fund investing, the private securities market, and over-
the-counter derivatives. Federal regulation of these markets is limited because small public
investors (who are presumed to be in need of government protection) do not participate—instead,
all traders in the market are wealthy, sophisticated, and/or professional and are presumed to have
the incentive and the capacity to protect themselves from fraud.
In general, these unregulated markets run smoothly, and Congress and regulators are wary of
imposing government regulation that would raise costs for market participants without any clear
public benefit. When scandals occur, however, the normal reaction by policy makers is to
consider more stringent federal oversight. This happened in the 1990s in the Treasury market
after Salomon Brothers cornered a bond auction, and in the municipal securities market after
several episodes of default or near-default made it clear that investors needed more information
about the bond issuers. In the wake of Enron, there were legislative proposals to impose 92
disclosure requirements and other regulations on dealers in unregulated energy derivatives.
In recent decades, U.S. financial markets have been far from static; new instruments and trading
markets continue to emerge, often in unregulated sectors. Regulatory agencies may lack clear
authority to pursue fraud in these new markets, or find that they are able to prosecute fraud only
after the fact. The disclosure and reporting requirements that would allow them to detect some
cases of fraud in advance are absent. Recently, the SEC has proposed a rule that would require
hedge funds to register as investment advisers, on the grounds that hedge funds have grown so
popular that they affect regulated securities markets, and that the expanding universe of hedge 93
fund customers raises investor protection issues. The proposed rule was opposed by two of the
five commissioners; many others believe that the costs to market participants will outweigh the
benefits of improvements in the SEC’s antifraud capability.
There is a trade-off between free, unregulated markets, where some fraud will occur, and
government regulation, which offers protection to market participants but may hinder financial
innovation. When massive fraud occurs, policy makers adjust their cost-benefit calculations, and
new legislation or regulation comes into being. In rarer cases, when a proscribed activity has not
been observed to cause trouble over a long period, regulators may move to repeal rules that were 94
originally thought necessary to prevent fraud or manipulation.
Turf wars among regulatory agencies may also result in less potent regulatory action. Lack of
coordination among regulatory agencies holding shared jurisdiction over a specific industry often
results in duplicate efforts or regulatory gaps. This, in turn, may result in less effective
enforcement programs. Some regulators are unsure when it is appropriate to turn over
investigations of fraud activity to the Department of Justice. In the case of Enron’s involvement in
the California energy crisis of 2001, Senate investigators found that federal energy regulators
92 See CRS Report RS21401, Regulation of Energy Derivatives, by Mark Jickling.
93 Release IA-2266, “Registration Under the Advisers Act of Certain Hedge Fund Advisers,” July 20, 2004.
94 An example is the SEC’s pilot program to suspend the short-sale uptick rule (which is intended to prevent
manipulative short sellers from driving down the price of stocks). The SEC’s reasoning is that in today’s markets,
manipulative short selling is much less a problem that it was in the 1930s, when the uptick rule was imposed. See SEC
Release 34-50103, “Short Sales,” July 28, 2004.
received early indications of both Enron’s power market manipulations and its financial 95
weakness, but failed to intervene, in part because of confusion over legal jurisdiction.
The problem of unclear regulatory jurisdiction has been much studied by Congress, regulators,
and academics. A common concern is that the current U.S. regulatory structure, where a dozen or
so agencies oversee different financial industries, does not adapt well to changes in financial 96
markets, where industry borders are porous and innovation is constant. One solution is to
consolidate agencies into a single regulator, on the model of the Japanese Ministry of Finance or
the British Securities and Investments Board. Some argue, however, that what critics of the
present system call regulatory balkanization is really beneficial regulatory competition, and that
jurisdictional constraints reduce the harmful impact on innovation of the “dead hand” of
government intervention in free markets.
In their report on FERC and Enron, the staff of the Senate Governmental Affairs Committee
claimed that Enron exploited regulatory gaps among FERC, SEC and the CFTC. Enron’s ploys
succeeded, in part, because FERC failed to communicate with the other agencies that regulated
some aspects of the quickly changing power market. “Unfortunately, it isn’t enough to simply set
up the market rules; to fulfill its mission, FERC must understand what is actually happening in 97
With energy markets in the midst of transformation driven by deregulation and new forms of
derivatives trading, no agency was well-positioned to prevent fraud. The CFTC had full
jurisdiction over futures exchange trading, but very limited authority over (or information about)
over-the-counter derivatives. CFTC’s authority over fraud and manipulation in physical
commodity markets (called cash, or “spot” markets) is unclear: the statutes and legislative 98
histories provide little guidance, and the legal precedents are few. FERC, on the other hand, was
created as a rate-setting agency in the days of controlled prices; it was very slow to establish
regulatory oversight over deregulated energy markets. Indeed, its statutory mandate to do so was
Several federal agencies have now brought charges against Enron and other firms in connection
with the manipulation of natural gas and electricity prices. But as the California electricity and
Enron crises unfolded, no agency was in a position to monitor trading in a comprehensive or
timely fashion. When markets are in a state of rapid evolution, it is of course very difficult for
regulators to set up a regulatory scheme that will not quickly become outdated and cumbersome,
or that will not force traders to adopt market structures that may be less than optimal. It is a
challenge for congressional oversight to ensure that regulators do not move too soon, and risk
choking off economically beneficial market innovation, or wait too long, and let opportunities for
serious fraud arise.
95 U.S. Congress, Senate Committee on Governmental Affairs, Committee Staff Investigation of the Federal Energy
Regulatory Commission’s Oversight of Enron Corp, 107th Cong., 2nd sess., Nov. 12, 2002, p. 25.
96 See, e.g., U.S. Government Accountability Office, Financial Regulation: Industry Changes Prompt Need to
Reconsider U.S. Regulatory Structure (GAO-05-061), Oct. 2004, 164 p.
97 Ibid., p. 32.
98 The CFTC did bring civil charges against an Enron trader in 2003 for manipulating the cash market in natural gas,
but over its history, the agency has rarely brought actions that do not involve futures trading.
Even if regulators do possess the authority and jurisdiction necessary to regulate an industry, they
may fail to act effectively because the values and priorities of the industry participants have
become overly integrated into the values and priorities of the regulatory agency. This
phenomenon, known as “regulatory capture,” may occur over the course of many years, as a
regulatory agency receives less and less funding to perform duties mandated by the law. As the
regulatory bodies lose enforcement power, industry gains more control over the regulatory
agenda. Ultimately, industry could garner so much power as to serve as the de facto leaders of the
agency, rather than the formal regulators.
Laffont and Tirole provide a general overview of regulatory capture:
Interest groups try to capture government decision-making because it affects the industry and
consumers’ welfare. Interest groups have means to influence public decision makers: (a)
monetary bribes are feasible, although not common. (b) More pervasive is the hoped-for
future employment for commissioners and agency staff with the regulated firms or with
public-interest law firms. (c) Personal relationships provide incentives for government
officials to treat their industry partners kindly. (d) The industry may cater to the agency’s
desire for tranquillity by refraining from criticizing publicly the agency’s management. (e)
Last, but not least, the industry can also operate indirect transfers through a few key elected 99
officials who have influence over the agency.
A regulatory agency has a natural incentive to see its industry thrive: if the industry shrinks, so
may the regulator. As a consequence, agencies may shy away from strict, letter-of-the-law
oversight if there will be a significant negative impact on firms in the industry. The savings and
loan debacle of the 1980s was an example of this; rather than swiftly closing down insolvent
institutions, regulators (and legislators) sought to provide the industry with breathing space in
hope of a turnaround. In the long run, this exacerbated the problem and raised the ultimate cost to
When agencies engage in turf wars, they may—consciously or not—act as proxies for their
respective industries. In the 1980s, when both stock and futures exchanges created instruments
that let investors buy and sell stock indexes, the CFTC and the SEC fought for years over
jurisdiction. Each agency argued that the public interest would be best served if it regulated the
new products. The deadlock spilled over into Congress, which was unable to pass a CFTC
reauthorization bill until three years after the CFTC’s 1989 “sunset.” To outsiders, the debate over
who should regulate stock index products seemed arcane and of little real consequence, but to the
industries, large sums of money were at stake. If index products were judged to be securities, they
would be traded on stock exchanges; if they were considered futures, they could be traded only
on CFTC-regulated futures exchanges.
During times of tight fiscal policy, or when the public and legislative mood favors the idea that
“less government is better,” regulatory agencies may face long-term budget constraints or hiring
freezes. In this situation, when regulatory agencies make decisions about how to allocate scarce
99 Jean-Jacques Laffont and Jean Tirole, “The Politics of Government Decision-Making: A Theory of Regulatory
Capture,” Quarterly Journal of Economics, vol. 106, Nov. 1991, pp. 1090-1091.
resources, one result may be a cutback in anti-fraud activities. Particularly vulnerable is an
activity colloquially known as “scouting,” referring to investigations that arise within the agency
itself, rather than in response to complaints from investors or other market participants. An
agency that considers itself underfunded will tend to focus on highly visible cases, where
Congress or the media is demanding answers, and will be less likely to launch expensive probes
into areas where the staff believes that abuses may be occurring out of the public eye. Ideally, the
scouting function is one of the most valuable an agency can perform, if it results in detecting and
preventing fraud in the first place.
The SEC is one of the more notable examples of a regulatory agency hampered by inadequate
system capacity. A GAO report released in March of 2002 found that around 1996, the SEC’s
workload began to increase much more quickly than the agency’s staffing levels. From 1991 to
agency grew by only 29%. As a result, only about 8% of overall filings were reviewed at all by
“challenged SEC’s ability to protect investors and maintain the integrity of securities markets.”
Staff often lacked the time or expertise to adequately review filings and applications.
Throughout the 1990s, SEC chairmen regularly asked appropriators for more funds, focusing
particularly on the difficulty of retaining qualified personnel who could easily command higher
salaries on Wall Street. In 2001, Congress approved a “pay parity” plan that authorized the SEC
to pay certain employees at the level of federal bank examiners, whose salaries exceed the normal 102
civil service scales. However, the money to fund pay parity was not immediately appropriated.
The SEC’s budget picture changed dramatically with the Enron scandals. In January 2002, the
Bush Administration requested $423 million for the SEC for FY2003. The Sarbanes-Oxley Act—
passed in June 2002—authorized appropriations of $775 million. For FY2005, Congress has set
the SEC’s budget at $913 million, the amount requested by the Administration, representing a
The range of problems and limitations outlined above suggests that the regulatory failure to
prevent and detect fraud in recent years cannot be blamed on any one particular policy, agency,
individual, or political party. Rather, several system-wide problems combined to prevent
regulators from taking appropriate and timely action to protect the public from fraudulent and
deceptive business practices. Future attempts to reform regulatory agencies may prove to be more
effective by taking the full range of current and potential problems into account, rather than
looking for a “silver bullet” to prevent a future Enron or California energy crisis from hurting the
public once again.
100 U.S. General Accounting Office, SEC Operations: Increased Workload Creates Challenges, GAO-02-302, Mar. 5,
101 Ibid., p. 22.
102 P.L. 107-123, the Investor and Capital Markets Fee Relief Act. See CRS Report RS20204, Securities Fees and SEC
Pay Parity, by Mark Jickling.
Investors have traditionally looked to research analysts employed by investment banks to help
decide which stocks to buy (or sell). For investment banking firms in the business of selling
securities to the public, the temptation to use analyst reports as a sales tool is clearly a potential
source of conflicts of interest. Since the 1960s, SEC regulations have required firms to enforce a
separation between investment bankers and analysts to maintain the objectivity of analysts. These
regulations became known as the “Chinese Wall” because they were meant to create a barrier as 103
effective as the Great Wall of China between the two operations. Chinese Wall arrangements
limited contacts between bankers and analysts; most large securities firms made sure that their
investment banking and research departments were located on different floors in company
In the wake of the collapse of Internet and other technology stocks, and the discoveries of control
fraud at Enron and other prominent companies in 2001, serious questions were raised about
analyst objectivity. Not only did analysts fail to see the trouble ahead at many firms, they
continued to give stocks a “buy” rating even after the issuing corporation had been publicly 104
linked to scandal.
New York Attorney General Eliot Spitzer launched an investigation into analyst conduct at New
York investment banks. Spitzer took advantage of New York’s seldom-used Martin Act, which
gives the attorney general broad authority to go after brokers who promote stocks “beyond
reasonable expectations or unwarranted by existing circumstances.” In April 2002, Spitzer filed
an affidavit in New York state court alleging that stock analysts from Merrill Lynch issued
positive research reports on technology companies whose stock Merrill was selling, even though
the analysts’ private opinion of the firms’ prospect was strongly negative. To support his charges,
Spitzer released internal e-mails by Merrill analysts, including Henry Blodgett, a tech-stock
analyst who became a media star during the late 1990’s for his bullish predictions. A company
that received top ratings in published research might be described in-house as “a piece of junk” or
worse. One analyst worried that regular investors “are losing their retirement” because of 105
misleading advice, but went along with the game.
Soon after Spitzer’s charges against Merrill Lynch were made public, the SEC launched a formal
inquiry into potential conflicts of interest facing Wall Street analysts. Several states also joined
Spitzer and the SEC in an expanded investigation of Wall Street firms. The investigations resulted
in a global settlement, involving a dozen of the largest investment banking firms, besides Merrill
Lynch. Under the terms of the settlement, the firms agreed to pay fines totaling about $1.4 billion,
to change their analyst compensation practices, to make new disclosures in analyst reports, and to
institute other reforms.
103 Christine M. Bae and Carlton R. Asher, Jr., “Chinese Walls—Procedures and Remedies for Dealing With Conflicts
of Interest and Other Abuses by Broker-Dealers in Connection With Conduct by their Securities Analysts,” in:
Securities Arbitration 2002: Taking Control of the Process (PLI Corp. Law & Practice Course Handbook Series No.
B001A6, 2002), pp. 128-129.
104 See CRS Report RL31348, Enron and Stock Analyst Objectivity, by Gary Shorter.
105 Robert O’Harrow Jr., “E-Mails Open Window on Wall St.: Blunt Notes on Stock Ratings at Heart of Analyst
Probe,” Washington Post, Apr. 12, 2002, p. A1.
To address analyst conflicts of interest, Title V of the Sarbanes-Oxley Act directed the SEC to
adopt new rules to restrict the prepublication clearance of research or recommendations by
investment bankers not directly responsible for investment research, limit the supervision and
compensatory evaluation of research personnel to officials not engaged in investment activities,
and protect securities analysts from retaliation or threats of retaliation by investment banking staff
because of unfavorable research reports. The act specified that the rules must also require a stock
analyst to disclose the extent to which he owns stock being discussed, whether he or his employer
has received any income from the company whose stock is being discussed, whether his employer
has had any business dealings within the past year with the company, and whether the analyst’s
compensation was tied to investment banking revenue.
In February 2003, the SEC adopted Regulation Analyst Certification (“Regulation AC”).106
Regulation AC requires that brokers, dealers, and certain persons associated with a broker or
dealer include in research reports certifications by the research analyst that the views expressed in
the report accurately reflect his or her personal views, and disclose whether or not the analyst
received compensation or other payments in connection with his or her specific recommendations
or views. Broker-dealers would also be required to obtain periodic certifications by research
analysts in connection with the analyst’s public appearances.
A 2004 study finds that the settlement and SEC reforms have had a measurable effect on analyst
recommendations. Kadan, Wang, and Zach report that while analysts employed by investment
banks still tend to be more optimistic than independent analysts, the difference is significantly 107
less marked than before the reforms. While analyst bias probably played a very minor role in
the broad scheme of corporate scandals and stock market boom-and-bust, the issue illustrates how
abusive practices can persist as an “open secret” among market participants. The fact that Spitzer,
with his small staff, uncovered crooked practices that the SEC had apparently failed to notice
raised questions about whether the federal agency had become too accommodating of the
securities industry. Was the SEC’s lack of aggressive action the result of the hyperbolical market
climate of the 1990s, when stocks that traditional valuation models would have scorned continued
to soar year after year? Or does it reflect a more basic problem that regulators face: by focusing
on individual acts of egregious misbehavior, they may miss systemic problems “hidden in plain
sight” that gradually evolve into business as usual.
Criminal prosecutions related to corporate fraud108 exert considerable fascination, based partly on
puzzlement. Why do corporate managers, already well-compensated, seek ill-gotten gains that put
their reputations, families, and social positions at risk?
Edwin Sutherland coined the term “white-collar crime” in a 1939 speech he gave to the American
Sociological Society. He found in his research that crime could not always be associated with
106 “Regulation Analyst Certification: Final Rule,” Release No. 33-8193, Feb 20, 2003. Available online at
107 Ohad Kadan, Rong Wang, and Tzachi Zach, Are Analysts Still Biased? Evidence from the Post “Global Settlement”
Period, Working Paper, John M. Olin School of Business, Washington University in St. Louis, Sept. 2004, 32 p.
108 For a list of criminal cases related to recent corporate scandals, see CRS Report RL31866, Criminal Charges in
Corporate Scandals, by Mark Jickling and Paul H. Janov.
poverty, dysfunctional family life, or mental illness because these factors did not explain the
many large privately owned companies that participated in criminal activity. Sutherland defined
white-collar crime as “a crime committed by a person of respectability and high social status in 109
the course of his occupation.” The combination of wealth, respectability and social status
creates a high hurdle for a prosecutor seeking to bring this type of criminal to justice.
Some researchers and government officials argue that white-collar crime is a form of organized
crime. In 1998, the Solicitor General of Canada suggested the following definition of organized
Economically motivated illicit activity of two or more individuals, whether formally or
informally organized, where the negative impact of said activity could be considered
significant from an economic, social, violence generation, health and safety and/or 110
This definition fits the concept of corporate fraud in several ways. Additional factors not found in
this definition include the on-going nature of the criminal activity, the conspiracy of the
individuals involved, and the potential to use corruption as a means.
Other definitions distinguish organized crime from white-collar crime by focusing on the non-
violent nature of the latter. For example:
Non-violent crime for financial gain committed by means of deception by persons whose
occupation status is entrepreneurial, professional or semi-professional and utilizing their
special occupational skills and opportunities; also, non-violent crime for financial gain
utilizing deception and committed by anyone having special technical and professional 111
knowledge of business and government, irrespective of the person’s occupation.
White-collar crime is defined as a subset of organized crime, characterized not by violence, but
by criminal acts related to the perpetrators’ professional skills and occupations. In the context of
corporate fraud, it generally refers to a pattern of deceitful acts, not a single, isolated
Moral hazard appears in financial transactions when one of the parties has an incentive to change
its risk-taking behavior in a way that is not economically efficient, or optimal. Another way to put
it is that the risk/reward calculus is distorted because gains from taking risks will accrue to one
party, while another party (usually the government) will bear the losses. The classic example is
109 Edwin H. Sutherland, White Collar Crime: the Uncut Version (New Haven: Yale University Press, 1983), 291 p.
110 Samuel Porteous, Organized Crime Impact Study: Highlights, Ottawa, 1998, p. 2.
111 U.S. Department of Justice, Bureau of Justice Statistics, Dictionary of criminal justice data terminology : terms and
definitions proposed for interstate and national data collection and exchange, U.S. GPO, 1982.
deposit insurance: if bank customers are shielded from loss, bank managers may take imprudent
risks, since the costs of failure will be borne by others. Moral hazard—in the form of a
government safety net—has a prominent explanatory role in the savings and loan crisis of the 112
Questions of moral hazard are often associated with International Monetary Fund (IMF) 113
interventions. Do these create expectations of a bailout that makes crisis more likely to occur?
Excessive risk-taking due to moral hazard is not necessarily criminal, but moral hazard is
frequently cited as a factor in corporate fraud cases. How do we distinguish between moral hazard
and criminal intent? According to Black et al, risk-taking is activity that stays within the boundary
of the law and in general is designed to increase profits or garner sufficient income to maintain
solvency. White-collar crimes are acts committed by persons who knowingly and willfully breach 114
their “fiduciary duty of loyalty.”
In order to deter a criminal, one must be able to detect the vulnerability in the system that is
attractive to criminal activity. A key weakness in the fight against white-collar crime is the
infrequency of prosecution. Because of their complexity, white-collar crimes are often difficult to
detect and prosecute. Complex cases may involve extensive and convoluted paper trails, complex
financial or accounting maneuvers, money laundering, and/or tiers of participants who may not
know what the others are doing (and not all of whom may have criminal intent). Compounding
these difficulties is the recent allocation of investigatory resources to anti-terrorism programs.
Many investigators with experience in tracking the complicated financial schemes of white-collar
crime are now devoted to tracking the finances of terrorist groups. As corporate structures
becomes increasing complex and geographically diffuse, agencies are often faced with problems
relating to jurisdiction.
Another weakness in deterrence is that white-collar criminals tend to have access to extensive
legal resources. This makes successful prosecution more costly and less likely. The incentive and
advancement structures for most prosecutorial agencies place emphasis on success rates and
“efficient” allocation of resources. In those circumstances, only crimes likely to be prosecuted
successfully with a minimum of cost are likely to be referred for action. Given the obstacles to
successful prosecution, agencies are often reluctant to take legal action even after white-collar
crimes have been uncovered and perpetrators have been identified.
White-collar criminals are thought to be less averse to risk, a state by itself that makes deterrence
challenging. White-collar criminals tend not to have criminal records, and are often described by
criminologists as high status, respectable criminals. If a person intent on committing fraud knows
there are few obstacles and consequences to a scheme, the only thing preventing this behavior is
the individual’s own conscience. Additionally, in the realm of computer and Internet fraud
112 See, e.g., Tucker, Jeffrey, “Mr. Moral Hazard,” The Free Market: Mises Institute Monthly, vol. 16, no. 12, Dec.
113 See, e.g., Timothy Lane and Steven Phillips, “IMF Financing and Moral Hazard,” Finance and Development, A
Quarterly Magazine of the IMF, vol. 38, no. 2, June 2001.
114 William K. Black, Kitty Calavita, and Henry Pontell, “The Savings and Loan Debacle of the 1980s: White-collar
Crime or Risky Business?” Law and Policy, vol. 17, no. 1, Jan. 1995, p. 30.
activity, criminals have the advantage of anonymity, allowing frauds to continue with little
deterrence and a low probability of detection.
Another possible reason why a person would not be averse to risk has a sociological explanation.
When a company employs a person, their perception of identity now includes their membership
in the organization. A person integrates a sense of self-worth into their identification as an
employee. People are assumed to be motivated to secure and maintain identities that help them
gain social approval from meaningful others and inclusion in meaningful groups. The goal of
adopting certain organizational behavior then is to build and maintain valued business
relationships. If a person chooses to deviate from what is accepted “normal” behavior for that
organization, the person risks isolation and ostracism. But once the “deviant” behavior becomes
normal for daily operations of the company, then the group-accepted view of deviant behavior is
that which is a threat to the organization’s bottom line. Hence, whistleblowers acting for the
societal good are considered deviant by their co-workers.
In a 2004 lecture, investigator Sol Wisenberg stated that prosecution is a growth industry which is 115
a “no lose” proposition for politicians seeking elected office. The public will always vote for
someone they believe will take a tough stance against crime in its varied forms. However, the
growth in prosecutions continues to be in the area of illegal drug activity. According to
Wisenberg, white-collar crime has not been an area of growth. For the average prosecutor there is
limited advancement unless that person can show a high rate of success in the courtroom.
Prosecuting white-collar crimes, as noted above, is difficult and uncertain.
An additional problem with prosecution is the increasing reliance on the federal sentencing
guidelines, which shifted the power to set punishment away from judges and towards prosecutors.
The judiciary authority and power to set sentences was inherited through English common law,
and supported by Supreme Court decisions over the past two centuries. In a judge’s hands the
sentence could range from too light for serious offenses, to too burdensome for minor infractions.
Typically, white-collar criminals received very light sentences due to their higher social status.
Congress sought to rectify this imbalance with amendments to the guidelines to more narrowly
define the level of punishment a judge could administer. The outcome was to shift the discretion
towards prosecutors. This situation righted the disparity in sentencing, but reduced transparency
in the decision-making process. The government’s prosecution and sentencing strategies are often
worked out long before the prosecutors enter the courtroom.
During the Reagan Administration, Attorney General William F. Smith stated that the
administration’s policy on crime was set by a priority to address violence first, and white-collar
crime last. This priority has been modified during subsequent administrations, but white-collar
crime is stills ranked lower, even though DOJ identifies more victims of white-collar crime than
of violent crime. In 2000, the Office for Victims of Crime stated that according to the National
Institute of Justice approximately 24 million persons become victims of fraud each year. By
115 Lecture by Sol Wisenberg delivered to the Policy Research Project class, LBJ School of Public Affairs, University
of Texas at Austin, Mar. 30, 2004.
contrast, the Bureau of Justice Statistics reported that in 2000 there were 919,387 felony
sentences handed down in state courts, but that only 82,077 of these offenses were identified as
fraud. Does this mean that just over 82,000 people victimized 24 million people, or are many
fraud cases not prosecuted? There is no way to tell given the current state of statistical reporting
By all accounts, the cost impact of white-collar crime is large. It has ballooned because of the
relatively small chance of getting caught, the investigation and expense involved in bringing one
case of fraud to justice, the basic trust most victims have in the transaction process, and the
victims’ belief that regulatory agencies are protecting them.
In fiscal 2003, the FBI received a total of $4.3 billion, including $540.3 million in net program
increases to enhance Counter-Terrorism, Counterintelligence, Cybercrime, Information
Technology, Security, Forensics, Training, and Criminal Programs. Also, the National White
Collar Crime Center (a DOJ program) reported that between January 1989 and June 1995 (6.5
yrs) FBI actions recovered $383 million in fines, restitution, and recovered property, and referred
$330 million in tax fraud cases to the Internal Revenue Service (IRS). In FY2001, Centers for
Medicare and Medicaid Services spent $182 million and recovered $1.385 billion. But estimates
of improper payments range over $12 billion. That means approximately $10.6 billion in one year
was paid out to undeserving providers and/or beneficiaries and will never be recovered.
Criminal justice policy appears to be driven largely by the public’s wish to feel protected from
crime. Extensive media coverage of “blue-collar” crimes, especially violent ones, bolsters public
perceptions that crime is occurring more frequently than is supported by the data. Public pressure,
presumably based on these perceptions, rewards policymakers who “get tough” on crime. The
major policy tool used to address blue-collar crimes has been retribution in the form of
incarceration, as opposed to rehabilitation. This trend has produced record incarceration levels
and comes at significant cost to the taxpayer.
Although media coverage of corporate fraud schemes and other white-collar crime has been
extensive, both the public and policymakers have been less inclined towards a similar “get tough”
strategy for dealing with these crimes. This situation invites a number of important research
questions. Why has there not been a call to “lock up white-collar criminals and throw away the
key”? What are the circumstances that have created an environment that is vulnerable to white-
collar crime in the criminal justice system, regulatory agencies, and corporate governance
procedures? Lastly, what options are available to address white-collar crime?
“Get tough” tactics appear to be less effective in addressing white-collar crime, largely because
white-collar crimes involve money and not physical harm to the victims. Additionally, white-
collar crime often lacks the image of the easily identified victim, reducing political motivation
and inhibiting a mobilization of resources. The economic harm of white-collar crime is typically
spread over many individuals or firms; the example of Enron—where employees’ 401(k)
accounts were gutted while executives sold millions of shares—is exceptional.
Why has there not been a drive to increase punishments for white-collar crime? What options are
available to better address white-collar crime through the criminal justice system? Observers have
offered some possible answers to these questions, including:
• Sentencing guidelines, limiting the judiciary’s flexibility in meting out justice,
have arguably caused an imbalance in the court system. Instead of the former
disparity in sentencing, some claim that there is now less transparency in the
decision-making process since prosecutors essentially make sentencing
determinations before the trial.
• The fact that estimates of the costs of fraud are rough and imprecise. This
prompts some to maintain that more research and better data collection are
needed to determine the real severity of the impact on American citizens.
• In the areas of statistical reporting and research on fraud, there is a paucity of
information. Existing instruments for measuring crime often fail to accurately
assess white-collar crime rates both because of survey construction and the
inherent limited mechanisms of data collection.
The threat of prosecution by the criminal justice system can act to deter corporate boards,
officers, or other employees from committing fraud. The civil legal system provides additional
deterrents. The government, through federal and state agencies, can launch civil litigation against
corporations or individuals. For example, the SEC can levy civil damages against offending
CEOs and bar them from gaining similar future employment with a publicly-held company.
Another type of civil action is private—one brought by an individual or entity against another
individual or entity for a breach of contract or breach of some other legal duty. The threat of civil
suits by an individual plaintiff, class of plaintiffs, or other private entity also acts as a potential
deterrent to corporate fraud. Civil penalties from such actions can include monetary fines for
damages, loss of employment and/or disbarment, and can sometimes be more costly to an
individual than criminal penalties.
Recent trends in jurisprudence and legislation, however, have tended to increase the protections
corporate officers and boards enjoy from civil liability. It remains to be seen whether recent
corporate scandals like Enron will reverse this protectionist trend. Time will tell as many pending
civil suits reach trial.
The two types of civil actions that a private actor can bring against an individual or entity are
suits based in contract and suits based in tort. Both types of actions may come into play in
response to corporate wrongdoing, but suits brought in tort—based on the violation of a legal
duty—are more common in the corporate fraud context. The types of tort actions which may be
brought against corporate managers or directors are many and include suits for breaches of legal
duties owed by corporate boards and directors to corporate shareholders and to the corporation
itself under common-law (judge-made) and statutory (legislature-made) authority. It is important
to note that for the most part, publicly-held corporations in the United States are governed by
state law, not by federal law. Therefore, corporate laws governing the legal duties of directors and
officers vary among the states. However, some civil causes of action are based upon federal
securities laws and as a result are uniform among the states.
In the corporate fraud context, the most common plaintiffs are shareholders. An individual
shareholder may bring a direct suit on his own behalf for injuries he has suffered as a shareholder
of the corporation. A group of shareholders may also join together to bring a class-action suit for
injuries suffered by all of them as shareholders. Or, a shareholder may bring what is called a
derivative action—the shareholder files an action on behalf of or as a representative of the
corporation itself, for injuries to the corporation. In the healthcare fraud context, medical patients
who have been harmed by fraudulent corporate practices may be plaintiffs as well. The most
common groups of defendants in the corporate fraud context are corporate officers and members
of the corporation’s board of directors.
The Securities Exchange Act of 1934 gave the SEC the authority to promulgate rules related to
securities trading. SEC Rule 10b-5 was promulgated by the commission in 1942 and in 1947 was
established as a valid basis for private litigation. Rule 10b-5 prohibits the seller of securities from
making certain fraudulent and untruthful statements. The rule states:
It shall be unlawful for any person, directly or indirectly, by the use of any means or
instrumentality of interstate commerce, or of the mails or of any facility of any national
(1) [t]o employ any device, scheme, or artifice to defraud;
(2) [t]o make any untrue statement of a material fact or to omit to state a material fact
necessary in order to make the statements made, in light of the circumstances under which
they were made, not misleading; or
(3) [t]o engage in any act, practice, or course of business which operates or would operate as
a fraud or deceit upon any person, in connection with the purchase or sale of any security.
Litigation under Rule 10b-5 became much more common until the Supreme Court first began
limiting the scope of the rule in 1975. The rule had been interpreted very broadly to encompass
many types of fraud, misreporting, and deception, and early case law was generally very 116
favorable to plaintiffs. Rule 10b-5 was applicable to securities issued by both closely-held and
116 Robert W. Hamilton and Jonathan R. Macey, Cases and Materials on Corporations, 8th ed. (St. Paul, MN, West
Group, 2003), p. 980.
In 1975, a shift in the composition and ideological makeup of the U.S. Supreme Court led to
several court decisions which began to limit the use of Rule 10b-5 in private securities 117
litigation. In Blue Chip v. Manor Drug Stores, 421 U.S. 723 (1975), the court limited the type
of plaintiffs allowed under Rule 10b-5 to purchasers or sellers of securities. In a 1976 case, the
court held that a private plaintiff under Rule 10b-5 must prove intentional wrongdoing on the part 118
of the defendant. A 1977 Supreme Court ruling held that Rule 10b-5 only applied to cases 119
involving deception-not to unfair transactions which were appropriately disclosed.
Additionally, the statute of limitations of Rule 10b-5 was uniformly established by the court in
deception. Lastly, the court ruled in 1992 that a plaintiff bringing an action under Rule 10b-5 121
must show that the defendant’s violations of the rule actually caused the plaintiff’s loss.
Despite these court-imposed limitations, private securities litigation under Rule 10b-5 continued
to be common. One reason was a 1979 SEC amendment to its disclosure policies, encouraging
corporations to disclose forward-looking information and projections regarding future financial
performance. But, in response to fears about the filing of frivolous securities lawsuits, or strike
suits, Congress acted in 1995 to limit further the filing of suits under SEC Rule 10b-5.
The Private Securities Litigation Reform Act of 1995 (PSLRA, P.L. 104-67) was passed by
Congress in response to what many saw as an overabundance of securities-related private
litigation. President Bill Clinton vetoed PSLRA but was overridden by Congress. One of the most
important aspects of PSLRA was that it provided a safe harbor for corporate defendants who
made misrepresentations or omissions in statements identified as forward-looking. PSLRA also
made several other procedural changes regarding securities lawsuits. It was meant to curb the
number of suits filed, but studies of its impact have shown that the number of securities fraud
cases since its implementation has not materially decreased, while the number of securities fraud 122
suits brought as class actions has increased.
The Sarbanes-Oxley Act of 2002 was the next major piece of federal securities legislation to
come from Congress and was passed in response to corporate fraud scandals of the early 2000s,
such as Enron, Tyco, and WorldCom. Section 806 of the Sarbanes-Oxley Act created a civil
action to protect employees of publicly-traded companies against retaliation for whistle-blowing
in securities fraud cases, 18 U.S.C. §1514A. Sarbanes-Oxley also extended the statute of
limitations to file private suits under SEC Rule 10b-5 to the earlier of either two years after the
discovery of the violation or five years after the commission of the violation (§804).
117 Ibid., p. 982.
118 Ernst & Ernst v. Hochfelder, 425 U.S. 185 (1976).
119 Santa Fe Industries, Inc. v. Green, 430 U.S. 462 (1977).
120 Lampf v. Gilbertson, 501 U.S. 350 (1991).
121 Litton Industries, Inc. v. Lehman Bros. Kuhn Loeb Inc., 967 F.2d 742 (2d Cir.1992).
122 Hamilton and Macey, Cases and Materials on Corporations, p. 1122.
Although Sarbanes-Oxley did not specifically create any other new private causes of action in
securities litigation, it is possible that some portions of the act may in fact give rise to civil
lawsuits. Section 906 of the act created 18 U.S.C. §1350, which requires the CEO and CFO of a
publicly-held corporation to certify the accuracy of certain financial reports filed with the SEC
and imposes criminal penalties upon CEOs and CFOs who certify the reports knowing the reports
contain inaccurate information. It is possible that, in the future, shareholders in direct or
derivative suits could bring civil actions against a corporation’s CEO and CFO for falsely 123
certifying these financial reports.
There is precedent for courts creating a private cause of action under federal securities law. In J.I.
Case Co. v. Borak, the U.S. Supreme court held that a civil action could be brought under
§14(a)(9) of the Securities and Exchange Act of 1934, even though the statute did not provide for 124
a private cause of action. The court held that since the overall aim of the statute was to protect
shareholders, it made sense for shareholders to be able to bring civil actions under the statute for
damages incurred. Also, the Supreme Court recognized that the SEC had limited resources and
that allowing a private cause of action would act as a needed supplement to the SEC’s
enforcement of the law. However, since Borak was decided, the Supreme Court has tended to
more strictly limit the implied creation of private causes of action by federal securities statute. At
present, it is unclear whether Section 906 of the Sarbanes-Oxley Act will give rise to private
causes of action.
As noted above, most laws governing corporations are state laws or blue sky laws. State statutes
and also judge-made law in each state jurisdiction determine the exact legal duties imposed on
corporate officers and directors. This section will focus on the legal tenets applied by most state
laws. This section will also discuss the provisions of the Model Business Corporations Act
(MBCA) promulgated in 1984 and the laws of prominent states in the corporate law arena, such
Directors, both independent and connected to the corporation, are elected by and act as
representatives of a publicly-held corporation’s shareholders. Under state laws, directors owe a
number of duties to the corporation and to the shareholders. Under the MBCA §8.30(a), these
duties include the duty to act (1) in good faith, and (2) in a manner the director reasonably
believes to be in the best interests of the corporation. MBCA §8.30(b) further provides that
directors should act “with the care that a person in a like position would reasonably believe
appropriate under similar circumstances.” The standard for this duty of care has changed over
time and differs in each jurisdiction. Even when directors violate this duty of care, they are often
shielded by the common-law business judgment rule. The business judgment rule acts as a
presumption that directors acted in good faith and forces the burden onto the plaintiff in a civil
action to prove otherwise.
123 Robert J. Jossen, “Using Sarbanes-Oxley in Civil Litigation,” New Jersey Law Journal, Sept. 8, 2003.
124 377 U.S. 426 (1964).
In light of the business judgment rule, most courts have been unwilling to attach liability to
directors for a standard of care that fell below the level of fraud, illegality or a conflict of interest.
But, a 1985 ruling by the Supreme Court of Delaware held that directors were liable for breaching 125
their duty of care if they acted with gross negligence. The corporate community and state
legislatures, including Delaware, quickly reacted against this ruling by the normally influential
Delaware court. Legislatures began passing “raincoat statutes” to allow corporations to shield
corporate directors from personal liability in cases where the directors acted in good faith, did not
breach their duty of loyalty to the corporation, and did not derive an improper personal benefit 126
from the transaction involved. So, the recent trend is to shield directors from liability regarding
breach of their duty of care to the corporation unless their actions involve illegality, bad faith, or
conflicts of interest. The justification for these raincoat provisions is that allowing directors to be
personally liable for breaches of their duty of care would discourage many individuals from
serving of boards of publicly-held companies.
MBCA §8.30 also provides that directors are entitled to rely on the opinions of experts such as
corporate officers and employees, auditors, accountants, and attorneys when making corporate
decisions. Directors may be able to escape civil liability if reliance on these experts is warranted
and reasonable; the director cannot escape liability by relying on information from an expert
which the director knows to be incorrect.
In addition to a duty of good faith and a duty of care, directors also have a duty of loyalty to the
corporation. Under this duty, directors can be held liable for self-dealing transactions, transactions
between a director and the corporation, and usurping corporate opportunities for oneself.
Historically, transactions that involved conflicts-of-interest between directors and the corporation
were not allowed by courts. But, recently, courts have upheld self-dealing transactions where the
terms were fair to the corporation. If it is unclear whether the terms are fair or not, courts have
upheld self-dealing transactions where a majority of uninterested directors has approved the
Officers are bound by a fiduciary duty to act in the best interests of the corporation. Officers are
bound to fully disclose any transactions which may pose conflicts of interest. MBCA §8.42 lists
the duties owed to a corporation by its officers; these duties are very similar to duties imposed on
directors. Section 8.42(a) directs that officers shall act (1) in good faith, (2) with the care that a
person in a like position would reasonably exercise under certain circumstances (duty of care),
and (3) in a manner the officer reasonably believes to be in the best interests of the corporation.
Section 8.42(b) also allows officers to rely on the opinions of employees and experts, such as
attorneys and accountants, as long as that reliance is warranted, similar to the standard for
directors. Officers are also shielded by the presumption of good faith afforded them by the
business judgment rule.
125 Smith v. van Gorkom, 488 A.2d 858 (Del. 1985).
126 Hamilton and Macey, Cases and Materials on Corporations, pp. 832-833.
Directors and officers of corporations are protected from civil liability by a number of provisions,
both statutory and based upon common law. The previous section discussed the business
judgment rule, officers’ and directors’ warranted reliance on employee and expert information,
and raincoat statutes which allow a corporation to shield its directors from liability in certain
cases. The following section will elaborate upon the business judgment rule and address the
issues of indemnification, insurance, and the requirements of bringing a shareholder derivative
suits as further protections from personal liability for directors and officers.
Background of the Business Judgment Rule.
The corporate business form itself is usually selected by individuals who are seeking to protect
themselves from civil liability, especially to protect themselves from personal liability for unpaid
debts should the business fail. Choosing to form a corporation instead of a partnership, for
example, is a choice made to shield oneself from civil liability. A major part of the protection
from liability comes from a common law concept called the business judgment rule. As corporate th
law in the United States developed during the early 20 century, cases came before courts in
which plaintiffs, usually shareholders in corporations, made arguments that alleged unsound
business judgment by the directors or managers of the corporation. In response, the judiciary
claimed it did not have the experience or the inclination to look into and closely scrutinize the
business decisions made by corporate directors and managers. It declined to make rulings based 127
upon evaluating the soundness of a corporation’s officers’ business judgment. Most common-
law jurisprudence since has followed what has become known as the business judgment rule.
However, the business judgment rule does not, in theory, act to shield corporate directors or
officers from liability in instances of blatant incompetence or outright fraud. But, the business
judgment rule has been held to excuse directors or officers from liability in regard to their
exercise of the duty of care. In applying the business judgment rule, courts will only examine the
validity and fairness of the process of corporate director and manager decision-making. The
appropriate test looks at whether (1) due care was used in ascertaining relevant facts and law 128
before making the decision and (2) the decision was made after reasonable deliberation. Courts
applying the rule decline to examine the correctness or prudence of the decision-made, as long as
the process by which it was made was reasonable. So, the business judgment rule provides a
presumption that officers and directors acted in good faith; it is up to a plaintiff in a civil case to
prove otherwise in most circumstances.
Indemnification and Insurance.
Indemnification and director and officer insurance act to protect directors and officers from 129
personal expense related to lawsuits brought against them in their official capacity. Sections
8.50-8.59 of the MBCA deal with the indemnification and insurance of officers and directors of a
corporation. Indemnification means that the corporation reimburses a defendant officer or director
for expenses incurred in defending against an asserted claim or prosecution. Indemnification
127 See Dodge v Ford Motor Co., 204 Mich. 459, 508 (stating the frequently cited proposition that “judges are not
128 Hamilton and Macey, Cases and Materials on Corporations, p. 815.
129 See, generally: Hamilton and Macey, Cases and Materials on Corporations, pp. 1134-1159.
usually covers legal fees; in some cases, it may cover amounts paid to settle a suit, paid in
judgment of a civil suit, or paid for a criminal fine. Indemnification can also take the form of
advances for expenses, in which case the corporation pays expenses before a final judgment is
rendered in a case. The reasoning behind indemnification and directors and officers (D&O)
insurance is that without these protections, few qualified individuals would be willing to serve on
corporate boards or as officers of corporations. Other arguments in favor of these devices are that
they encourage innocent individuals to resist untrue charges and that they discourage frivolous
suits by shareholders.
However, while it is generally accepted that officers and directors should be reimbursed for
expenses when they are successful in defending a lawsuit, indemnification when officers or
directors are found civilly or criminally liable would seem to be against public policy. For
example, the SEC has taken the stance that it is against public policy for corporations to
indemnify officers and directors against liabilities imposed under the Securities Act of 1933.
Indemnification is governed by state law. Each state sets its own limits on indemnification, but
most follow the general provisions of the MBCA.
MBCA §8.52 requires indemnification for a director who is “wholly successful, on the merits or
otherwise,” in the defense of a proceeding. This means that a corporation must indemnify the
legal expenses of a director who successfully defends a case, even if his success is won on a
procedural not substantive basis. For example, a director who has a case dismissed because the
statute of limitations has run must be indemnified by the corporation. In cases where the merits
are never litigated, it is assumed that the director does have an underlying substantive defense that
was not yet heard.
MBCA §8.51 provides the conditions under which a corporation may indemnify a director. In
order to be eligible for indemnification, a director must have 1) acted in good faith, 2) must have
reasonably believed that his actions were in the best interests of the corporation (if in his official
capacity) or at least that his conduct was not opposed to the best interests of the corporation (if
outside his official capacity), and 3) in the case of a criminal proceeding, the director must have
had no reasonable cause to believe his conduct was unlawful. The director also may only recover
reasonable expenses in a derivative suit brought against him. Directors may not be indemnified if
found liable in a suit alleging the director received a financial benefit to which he was not
MBCA §8.56 provides the conditions under which a corporation may indemnify an officer.
Essentially, mandatory indemnification of an officer is required under the same circumstances as
applied to a director. Permissive indemnification is allowed as well, generally under the same
standards as applied to directors. However, if an officer is not also a director, the corporation may
provide for further indemnification of the officer unless the officer received an undue financial
benefit, intentionally harmed the corporation or its shareholders, or intentionally violated a
Under the MBCA, a director or officer is not eligible for indemnification if found liable to the
corporation itself under a derivative suit filed by a shareholder on the corporation’s behalf.
However, in a few states which do not follow the MBCA, indemnification is permitted even
where the officer or director is found liable in a derivative suit, which would seem to fly in the
face of public policies aimed at preventing fraud.
As an additional protection, a corporation may also purchase liability insurance for its directors
and officers (D&O). D&O insurance provides protection against costs and liability for
negligence, for misconduct not involving dishonesty or knowing bad faith, and for false or
misleading statements in disclosure documents. However, there are several exclusions from D&O
policies; they include (1) conduct that is sufficiently self-serving or egregious, (2) conduct which
is insurable by other types of insurance policies (like bodily injury), and (3) “laser exclusions”
which apply only to certain industries. Recent corporate scandals and higher monetary
settlements in class action suits have resulted in higher costs for D&O insurance premiums.
Derivative Action Requirements.
The last protection from personal liability enjoyed by officers and directors of corporations to be
discussed in this section comes from the statutory requirements connected to bringing a derivative
lawsuit. As previously discussed, a derivative suit is a lawsuit brought by an individual
shareholder on behalf of the corporate entity itself for harm done to the corporation. (In contrast,
a direct suit by a shareholder would be for harm suffered directly by the shareholder.) Derivative
suits may be brought in many contexts, for violation of federal and state securities laws and
violation of legal duties owed by officers and directors to corporations. Derivative suits have been
both praised as important devices to check misconduct by corporate insiders and criticized as
overwhelmingly frivolous litigation brought mostly to enrich aggressive plaintiffs’ attorneys.
Regardless, several requirements must be met for a derivative suit to be brought on behalf of a
corporation. The bringing of derivative suits is governed by state laws and is not uniform;
however many states require that in order to bring or maintain a derivative lawsuit, a shareholder
must make a demand (essentially, ask the permission) of the current board of directors of the
This issue of making a demand on the board is complex and has been the subject of much
conflicting jurisprudence. Generally, a shareholder must make a demand on the corporation in
order to bring a derivative suit. If the demand to bring the suit is rightfully refused, the
shareholder cannot bring the suit. When examining the decision by a board of directors to
disallow a derivative suit, courts in most states will apply the business judgment rule-as long as
the procedures followed by the board were reasonable, the decision itself will not be challenged.
The board of directors can also ask the court to dismiss a derivative suit under the MBCA §7.44 if
the board believes the bringing of the suit is not in the best interests of the corporation. Under the
MBCA, a shareholder is required to make a demand upon the board in order to bring a derivative
suit. This gives a great deal of power to the board.
If a derivative suit implicates one or more directors, those directors generally will not participate
in the vote to determine whether the suit will be continued. In some cases, a majority of the
members of the board of directors will be implicated as defendants in the derivative suit. In such
cases, a shareholder may or may not be excused from making a demand upon the board to bring
the suit, depending on the jurisdiction and the level of interestedness of the directors in the
transaction being questioned by the derivative suit. But, the board may still create a Special
Litigation Committee composed of uninterested directors to decide whether to allow a filed suit to
continue. If the SLC decides the suit is not in the best interests of the corporation, the SLC can
ask to the court to dismiss the suit. Whether the court should apply the good faith presumption of
the business judgment rule to the decision of an SLC is a difficult issue which varies among
jurisdictions. But generally, the burden of proof falls on the board of directors if the majority of
the board of directors is interested in the derivative litigation. The burden of disproving the
business judgment rule presumption of good faith falls upon the shareholder bringing the
derivative action if the majority of directors on the board are not interested in the derivative
The modern trend in jurisprudence has been to restrict the bringing of derivative actions. In
virtually all cases of derivative litigation considered by boards of directors or special litigation
committees since 1984, the decision by the directors has been that the suit is not in the best
interests of the corporation. Some would argue this is the result of frivolous lawsuits being filed; 130
others would say that this shows “structural bias” among directors. In regard to the latter, some
academics have argued that directors when asked to decide whether to pursue a derivative suit 131
against other directors on the board suffer from “structural bias.” Structural bias is the tendency
of directors to not pursue actions against other directors. It is due to directors generally being in
the same social circles and having friendly relationships as well as directors knowing that if they
were implicated in the next derivative suit, they would not want the suit approved by the board.
The argument is that the culture of boards of directors and the self-interest of directors result in
few derivative actions being pursued.
Regardless of the causes, derivative suits function to deter and remedy fraud and misconduct
among corporate directors and managers. Over the last 20 to 30 years, the number of derivative
suits brought on behalf of corporations has declined. Some have indicated that this decline should
be seen as a failure in the realm of corporate governance.
Enron has faced a huge number of civil suits related to its collapse in both federal and state court.
Over 70 suits have been consolidated under multi-district litigation procedures in the U.S. District
Court for the Southern District of Texas. These cases include class action suits by employees and
shareholders as well as derivative suits based on federal securities violations and breaches of legal
duties. Bankruptcy proceedings are also under way in the U.S. District Court for the Southern
District of New York. Named defendants in the class action and derivative cases include officers
such as Chairman of the Board Ken Lay, CEO Jeff Skilling, CFO Andrew Fastow, and Enron
General Counsel James Derrick. Other named defendants include members of the board of
directors such as Wendy Gramm and Robert Jaedicke, Enron’s outside accountants (Arthur
Andersen), and Enron’s outside attorneys (Vinson & Elkins).
Despite the large number of filings, it may be difficult for plaintiffs to attach liability to Enron’s
board of directors due to the protections of the business judgment rule. Directors will likely argue
they had reason to rely on the opinions of experts like Arthur Andersen and Vinson & Elkins and 132
on the officers of the corporation. Enron is facing so much litigation alleging fraud that two of
its D&O insurers have filed actions to rescind insurance coverage, claiming that Enron did not 133
accurately disclose information and circumstances that might give rise to claims in the future.
130 Hamilton and Macey, Cases and Materials on Corporations, p. 885.
131 Ibid., pp. 864-865.
132 See Mark Jaffe, “Suing Enron’s Directors an Uphill Battle,” Austin American Statesman, Jan. 23, 2002; and David J.
Kaufman, “Enron’s Implosion and Boards of Directors,” Prentice Hall Law and Business Insights: Corporate
Governance, vol. 16, Mar. 2002, p. 5.
133 Hamilton and Macey, Cases and Materials on Corporations, p. 1158.
In summary, civil litigation can act as a check on corporate fraud through suits brought under
state, federal, and common-law grounds. However, recent trends in legislation and jurisprudence
have acted to restrict the filing of private lawsuits and the personal liability of corporate directors
and officers. One reason to restrict liability is to encourage qualified and responsible people to sit
on corporate boards of directors. However, protections like raincoat provisions, the business
judgment rule, reliance on expert opinions, indemnification and D&O insurance, and the power of
directors in deciding whether to allow derivative suits all limit the ultimate accountability of
boards of directors and corporate management in civil litigation. Most corporate law is state-
based law, but Congress does have jurisdiction over companies with nationally traded securities,
which is the class of corporations which have been the subject of recent scandals and corruption.
In the wake of scandals such as Enron, courts and legislatures may act to revisit the current
protections that shield corporate insiders from civil liability.
This report has examined several systemic problems that contributed to the recent wave of
corporate scandals. Failures occurred both within companies and among the external actors who
were supposed to be regulating or watching them. Using Enron as a case study, the system
failures can be summarized as follows:
• The capture of auditors, analysts, and banks and regulators through personal and
professional contacts—Enron effectively suborned or mystified Merrill Lynch,
Arthur Anderson, the bond rating agencies, and regulators such as FERC and the
CFTC, with the result that watchdog institutions—public and private—either
missed the fundamental problems at the firm or actively participated in covering
• Systems capacity issues at the SEC and other regulatory agencies. A lack of
resources and staff expertise at federal agencies led regulators to overlook
Enron’s complicated and fraudulent financial schemes.
• The inability of the media to serve as watchdog. The business media reports on
problems at a company only if Wall Street analysts seem worried. Captured or
biased analysts means that there is no bad news to report.
• The board and auditors had incomplete information. Management withheld
documents regarding transactions between Enron and special purpose entities and
concealed the nature of the partnerships set up to run the SPEs.
• The corporate culture was a pressure cooker of entitlement, teamwork, and a star
system. Employees were constantly scrambling to create something new and be
noticed by top management. They were repeatedly told that they were the best
and brightest, and part of the Enron team. The peer review system simultaneously
created a cutthroat environment where undercutting team members was often the
way to save one’s own job.
• Whistleblowing was strongly discouraged by fear of losing one’s job and a fierce
devotion to the company and the prospect of future wealth.
• Hubris. Enron’s management was apparently unable to grasp that its arcane
financial maneuvers would actually be the firm’s downfall, making them
unwilling to issue accounting restatements (or listen to internal objections).
• The board wasn’t paying attention. Though technically independent, Enron’s
directors repeatedly allowed management to make legally risky decisions. Lack
of information and undue trust in management’s ability to sustain the company’s
meteoric rise made directors’ decisions little more than rubber stamps.
Many of these problems have existed at other companies, during other periods in time. In order to
effectively detect and prevent fraud in the future, it is important to understand some of the
reasons why the recent wave of control fraud came when it did. Some possible explanations that
may be unique to this period in history are listed below:
• The long bull market allowed companies to conceal financial difficulties, because
stock analysts, regulators, and (above all) investors were willing to believe in
company financials that defied traditional, rational explanation. In addition, the
technology and internet booms created furious investor demand for new
companies with rosy forecasts but no revenues. The conventional wisdom was: if
you can make money at it, great!
• The increasing acceptance of financial innovations in both the business and
accounting fields created an environment in which accounting creativity was
• Auditing was a loss leader as consulting became the major profit center for big
accounting firms. Therefore, the pressure was strong for accounting companies to
overlook audit irregularities in order to help sell the client their consulting
An alternative view is that accounting and management scandals are to be expected whenever a
long period of market exuberance winds down. If the phenomenon is seen as primarily cyclical,
the unique circumstances of the 1990s listed above may have influenced the scope and particular
features of the scandals, but the underlying dynamics have appeared before and will return.
Finally, some observers, whose faith in market discipline has not been shaken by the outbreak of
fraud, would say that the post-Enron reaction is simply evidence of the system working by
purging the markets of bad apples.
Specialist in Financial Economics