Speech by SEC Staff:
It's Always Something
Linda Chatman Thomsen
Director, Division of Enforcement
U.S. Securities and Exchange Commission
Compliance Week Conference
June 4, 2008
First of all, I'd like to thank the people at Compliance Week for giving me the chance to speak here today. Congratulations to all of you for being here as well. I know that all of you are experts in the art of "full catastrophe living" when it comes to compliance efforts on behalf of your respective firms, and I am honored that you pulled yourselves away from the daily crises to be here today. In fact, that's what I would like to talk with you about today, the art of full catastrophe compliance.
Before I go on, I should remind you that my remarks today are mine alone and do not necessarily reflect the opinions of the Commission, the Enforcement Division or any other staff member.
I would like to start today with pearls of time-worn wisdom from a renowned legal scholar and compliance commentator: Roseanne Roseannadanna. You look a little skeptical. Well, honestly, if ever there were an expert on full catastrophe anything, surely it was Roseanne. As you know (assuming that you, like me, are old enough to remember), Roseanne was one of the late Gilda Radner's comic creations on Saturday Night Live, along with the equally memorable Baba Wawa, the little old lady Emily Litella ("oh, never mind"), and a hapless teenage nerd in pigtails, Lisa Loopner, who was forever pushing her glasses back up the bridge of her nose. It's hard to believe, but Gilda Radner's been gone almost 20 years now — fortunately, she left us some wisdom along with the laughter.
Now Roseanne, you may recall, really was a commentator of sorts. She was a loud, brash and tactless woman with garish outfits and frizzy black hair who appeared alongside the impeccably coiffed Jane Curtin, the frosty news anchor on the Weekend Update segment of the show. Roseanne's role in the broadcast was to provide editorial commentaries on current social issues. The commentary followed a strict formula: Roseanne would read a letter that was almost always from the same person — Mr. Richard Feder of Ft. Lee, New Jersey. Mr. Feder's letters usually posed a series of questions about some controversial issue. Like any good commentator, Roseanne knew how to skirt the difficult issues by simply ignoring them. Instead, she focused on Mr. Feder and his home state: "You sure ask a lot of stupid questions for a guy from New Jersey — you belong in New Jersey!" In fact, Roseanne made a lot of derogatory remarks about New Jersey — talk about shooting fish in a barrel! Here's another disclaimer in the interests of full disclosure, I myself am also from New Jersey.
Anyway, after skewering poor Mr. Feder and my beloved home state (also the home of Bruce Springsteen by the way), Roseanne would start to answer his questions. But her commentary would always veer off into some totally irrelevant, painfully detailed and entirely disgusting description of bodily functions or personal hygiene, often attributed to some famous celebrity. Roseanne would stop herself only to ask "Whaddya tryin' to do? Make me sick?!" Then she would launch into yet more revolting details. But there was only so much Jane Curtin could take, and she would eventually interrupt the digression: "Roseanne, you're about to make me sick. What does any of this have to do with the letter?" And this is where the pearls of wisdom came in.
Roseanne would reply in her honking nasal voice: "Well, Jane, it's always something. If it's not one thing, it's another thing, but it's always something." And then she would pass along additional commentary by other famous legal and compliance scholars, who coincidentally were also related to her. Usually she quoted her renowned father, but she also cited other scholars, including her Nana Roseannadanna, Aunt Pollyanna Roseannadanna, and her "musically happening cousin, Carlos Santana Roseannadanna."
About now, channeling your own inner Jane Curtin, you might well ask me what this totally irrelevant description of Roseanne Roseannadanna and her relatives has to do with compliance? Simply this: Roseanne was right — "it's always something."
In the abstract, we all like to think of our work as a predictable routine, something we do dispassionately and expertly. We like to think of our work as an even-keeled course that is only occasionally interrupted by a crisis of major proportions. We really don't like crises — we sometimes become cranky, distracted and disheveled — sort of like, well, Roseanne Roseannadanna. But if you really think back on your work life, even over the last several weeks, the reality is that our work is probably better described as a series of crises that are occasionally interrupted by a calm patch, which more often than not is the eye of the storm. This is particularly true for compliance. In a compliance department, the workload is often set at maximum flow. It's full catastrophe engagement with thorny compliance issues most all the time. If it's not one thing, it's another thing, but it's always something. And that, I submit, is exactly as it should be.
So, in the context of compliance, what is "the full catastrophe?" Though the phrase was recently used in the title of a best-selling book about, of all things, meditation, "the full catastrophe" is actually a line from Zorba the Greek. In the movie, a mild-mannered Englishman asks Zorba whether he is married. Most of us would simply answer yes or no. But in typical Zorba fashion, Zorba replies:
"Am I not a man? And is not a man stupid? I'm a man. So I married. Wife, children, house, everything. The full catastrophe."
While Zorba was referring to his family life (and it's hard to imagine any life with Zorba that would not be, shall we say, eventful), the full catastrophe applies equally to securities compliance work. It's always something. Like the SEC, compliance departments are charged with what I call "eternal vigilance." As compliance professionals, you are constantly on the lookout for potential legal and regulatory problems and you can never sit back and rest on the laurels of the last problem you solved or the last crisis you averted. In your daily work, you routinely encounter issues that, if given time and scope to grow and fester, may become crises. Some days you find yourself juggling between minor issues that should be nipped in the bud, and those that clearly weren't nipped when they should have been.
For a compliance department, ongoing full-tilt engagement with your firm's regulatory and legal issues is business as usual. Your firm may have a number of compliance issues to address — and who does not? The fact that your compliance department is grappling with difficult issues on a daily basis certainly does not alarm me or the Enforcement Division. What would be alarming, what would be a true catastrophe, would be if you were not on the job each day to ensure that your firm is complying with the law. Or worse yet, if you recognized budding problems in the course of your work, but looked the other way and did nothing at all to address them. If you were truly in the habit of looking the other way, however, I doubt you would be in the compliance department in the first place. As in any profession, it seems to me there is an element of self-selection at work that matches one's talents and sensibilities to the task at hand.
We in the Enforcement Division recognize that your work as compliance professionals can be difficult. It is often your job to just say "no." Or to say "yes, but." Or to say "you can do it, but not that way." It's not easy to be the one who derails the CFO's pet project, but sometimes it has to be done. We also know that employees do not always consult the compliance department when they should — sometimes because they already know what the compliance department would say about a questionable course of conduct. And we recognize that you will have to make some judgment calls. The answers to compliance questions are not always clear and in some instances reasonable people might disagree about the requirements of the law. In short, it's not always easy to ensure that the firm does the right thing.
The Enforcement Division understands and appreciates the critical role compliance departments play in ensuring that employees throughout the firm comply with applicable law. Your vigilance and continual insistence on compliance is what keeps others out of trouble. Keeping others out of trouble will generally keep you out of trouble too. The Enforcement Division recommends enforcement actions against compliance professionals only in rare instances of egregious misconduct, usually involving knowing and intentional violations of the law or intentional inaction when confronted with such violations. The Enforcement Division is not looking for perfection by any means, but we are looking for sustained attention and effort in your compliance endeavors. As long as you continue to seek out and address in good faith the compliance issues you face, your conduct is unlikely ever to be the subject of an SEC enforcement action. But as I'll discuss in a moment, it's not enough to have compliance programs on the books — compliance professionals have an essential role to play in ensuring that the firm lives up to its own compliance standards. A written compliance policy is useless if no one abides by it. In this regard, it's interesting to note that Enron, for example, had excellent compliance procedures on paper, but only on paper. Its actual compliance culture brought down the firm.
It's often been said that corporate CEOs and directors set a "tone at the top" that ultimately determines a corporation's compliance culture. But if, indeed, the CEO and the board set the "tone at the top," a strong, well-run compliance department provides the "mortar in the middle" that keeps the foundations of that compliance culture strong and solid. It's your day-in and day-out commitment to addressing problems as they arise that breathes life into a compliance culture.
I would ask you to commit to fostering a deep culture of compliance at your firms. When an employee or a project is already in trouble, rescue efforts often provide too little too late. It's far better, in my view, to foster an environment that attempts to keep executives out of trouble in the first place. To do that, think about more than risk and profit — think about stability and durability. Encourage people to ask not only about how fast or how high a structure goes up, but how steady it will be when the ground shifts. I think we've all seen recently that even the most solid foundations may be subject to unanticipated seismic jolts. It's better, I think, to build foundations with those jolts in mind than to hope that the jolts never come. Good compliance — along with forward-thinking risk management — is good business. Ideally, we all want to keep compliance problems from arising in the first place. Maybe I'm a dreamer, but that's the direction I hope and believe we are moving in.
Recent events have certainly challenged some of our assumptions about the financial markets. What I take away from recent events is a deeper appreciation for the interdependence of issuers, lenders, analysts, underwriters and all the other varied players in the financial system. What holds them all together — indeed, what holds the whole system together — is trust, trust that players are prudent and diligent and fair. Trust that the counterparties with which we deal have soberly and professionally judged risk and taken the necessary steps to protect themselves and the clients who depend on them, from that risk. These are the very concepts that our laws embody and that compliance with those laws engenders. In our interdependent global economy, a failure of trust can have consequences more profound than the actions of any regulator, and to a large extent, you, the compliance professionals, are the custodians of that trust.
As you go about your work, do not fear the daily crises you encounter — one after another — and it's always something. Better to deal with problems now than to allow them to undermine your firm's foundations. I would urge you to embrace the daily maelstrom — the full catastrophe — because when you do, you're fully engaged and giving your all to your compliance efforts. We who are charged with eternal vigilance should fear more the seemingly placid stretches in our work, the uneasy quiet periods when we're not quite sure what problems we're missing. You know as well as I do — it's always something.
Overall, I think it's safe to say that there haven't been any seismic changes in the Division's approach to Enforcement in recent months. Mostly, what we have been seeing is a reaffirmation of longstanding priorities, a continued commitment to enforce existing rules and to cover the waterfront.
On the compliance front, I want to talk about one of those rare instances in which the Commission has sued an individual compliance officer. The matter involved the compliance program of Chanin Capital, Ltd., captive broker-dealer for a Los Angeles-based investment bank. In a settled civil injunctive action against Chanin, the Commission alleged that the firm failed to enforce procedures on its books that sought to prevent the misuse of inside information. Along with the Commission's action against the firm, the Commission also filed a settled administrative action against Chief Financial and Compliance Officer A. Carlos Martinez, censuring him and fining him $25,000 for his aiding and abetting Chanin's violations. As many of you know, Section 15(f) of the Exchange Act requires broker-dealers to establish, maintain and enforce policies and procedures designed to prevent the misuse of material nonpublic information. And Chanin had those policies and procedures. In fact, Chanin had written insider trading policies, both freestanding and as part of its employee handbook, and a separate acknowledgement form in which an employee certified he had received those policies. It had forms requiring employees to disclose securities transactions and outside business activities. And it updated its policies to add a restricted securities list, and to require employees to release to the firm duplicate statements from their securities trading accounts.
But there is a "but." As imposing as these procedures were on paper, something was missing: the human element, the hand that collected the signed acknowledgement paper, the eye that met the employee's gaze and saw that he understood and accepted the responsibilities enumerated in that paper. And without that person ensuring that those policies were a living, breathing trust between employer and employee, well, the law was not being upheld.
As I said a moment ago, it's not enough to have policies and programs on the books. They have to be bona fide, working programs whose dictates are honored. You as compliance professionals provide the human element that brings compliance policies to life and ensures that they are enforced. So basic, so simple, yet, so important. And this applies not merely to insider trading but to all the policies you enforce.
Speaking of insider trading, this is as good a moment as any to remind you that insider trading continues to be a key element of the SEC's Enforcement program. Indeed, I have been profoundly dismayed at the extent to which the Commission's insider trading actions in the past year have involved securities industry professionals at the highest levels. The wave of insider trading cases involving securities professionals has risen to levels not seen since the days of Ivan Boesky and Dennis Levine in the late 1980s. Far from low level employees, the tippers and tippees often held senior positions of trust and confidence. The Commission has brought insider trading cases involving a Managing Partner at UBS, the head of U.S. Distressed Equities Trading at Barclays, a global compliance attorney at Morgan Stanley, and the General Counsel of a public company. Indeed, there were a number of cases this year involving insider trading by married couples, both of whom were securities industry professionals. Just last week, the Commission brought another insider trading action against an Ernst & Young tax partner in New York who tipped inside information to a friend, who was herself a Managing Director of a Philadelphia-based broker-dealer and investment bank. The E&Y partner tipped his friend with confidential information about the identities of at least seven acquisition targets of Ernst & Young clients, who had sought valuation services from E&Y in connection with the acquisitions. The friend traded on the information and also tipped her father. The tips led to total illegal profits of about $600,000.
Other recent actions have served to reinforce the Commission's traditional commitments to policing other areas of compliance department concern, areas like the Foreign Corrupt Practices Act, which prohibits bribery of foreign officials to obtain business. We have just passed the 30th anniversary of the enactment of the FCPA, which is more relevant than ever. The Commission has filed more FCPA cases in the last two years than in all of the preceding years combined. These FCPA actions have helped to combat bribery and public corruption in countries all around the globe. The Commission's recent FCPA actions include cases against officers of telecom provider relating to bribes paid in Nigeria, Rwanda and Senagal and an action against Westinghouse Air Brake Corporation, which resulted in, among other sanctions, a requirement that Westinghouse engage an independent consultant to help bolster the company's FCPA compliance. The Commission has also brought FCPA actions against numerous companies in connection with the United Nations Oil for Food scandal.
Similarly, Enforcement and the Office of Compliance, Inspections and Examinations continue to be concerned about brokerage firms' compliance with anti-money-laundering rules, particularly customer identification practices. For all our focus on the American financial infrastructure, let us not forget that we are part of an even larger global geopolitical system. As we have seen, money laundering, account intrusions, insider trading, and other financial malfeasance, have at times arisen from epicenters in distant, and not always friendly, lands. I would be remiss if I did not remind you that the irregularity that, at first blush, seems an inconsequential assault on a handful of private accounts, or a small number of suspect trades, could be part of a wider, more insidious program implicating our very national security.
More broadly, the Enforcement Division continues to focus on financial reporting and financial fraud. One-third of the Commission's enforcement actions last year involved charges of financial fraud. In particular, the Commission brought a number of cases related to stock options backdating. From a compliance perspective, the options backdating cases have emphasized the critical importance of process. Every options issuer must have a fully delineated procedure for the issuance of options to employees, and equally importantly, must follow that procedure. In some of the Commission's recent options backdating cases, the company did have written procedures for the issuance of options, but the procedures had been abandoned. Having a good set of policies and procedures — and actually following them — can help avoid all manner of compliance problems.
Yet another area that continues to receive emphasis from both our examinations and enforcement staffs is the area of senior fraud. By 2010, there will be over 40 million American seniors, and we intend to do everything in our power to protect the growing economically powerful, but also vulnerable, senior segment of our population. In May of 2006, Chairman Christopher Cox announced a national initiative to protect seniors from predatory sales practices, including so-called "free lunch" seminars. Sales practice abuses continue to be one of the major emphases of our inspection program, and when abuses are found, enforcement will spare no effort to punish the offenders and make victims whole. Recent cases like our numerous civil actions involving the likes of Senior Resources of Hawaii, Pittsford Capital Income Partners, and, most recently, the criminal convictions of Daniel Heath and three associates in a $187 million senior-targeted fraud scheme, are part of what we expect to be a continuing program of civil and joint civil-criminal enforcement actions against individuals and entities who attempt to use high-pressure or misleading sales tactics against senior citizens, or who try to push inherently unsuitable investments on such investors.
As those familiar with the 2001 Seaboard Corporation 21(a) report issued by the Commission already know, it is a longstanding policy of the agency to credit entities for self-policing, self-reporting, self-remediation and cooperation. Within issuers and regulated entities, there is usually no more effective engine driving these objectives than the compliance professional. The Commission considers the willingness of compliance professionals to aggressively pursue issues up the chain of command and, when necessary, to inform and consult with regulators to be the hallmark of a robust and vigilant compliance program. As we look ahead to the exciting and challenging days ahead, our fondest hope is that you accept our invitation to work cooperatively for the good of the American investor and the continuing vitality of our markets.
We hope corporate America will join us in our efforts to protect investors and markets. In return for a commitment to respect the exercise of prudent professional judgment and diligence in this increasingly complex market, a market latticed with intricate relationships, we ask companies to value the independence of the compliance function, to recognize compliance officers for what they truly are — guardians of both the long-term stability of our markets and the players who comprise those markets — and to emphasize the value and importance of clear-eyed vigilance, tough-minded ethics, and long-term vision.