THE SARBANES-OXLEY ACT: AVOIDING JAIL TIME

1
THE SARBANES-OXLEY ACT AVOIDING JAIL TIME

• Presented to
• Society of International Business Fellows
• Atlanta, Georgia
• January 28, 2004
• Presented by
• Robert F. Dow, Esq.
• (404) 873-8706
• Robert.Dow_at_agg.com
• Arnall Golden Gregory LLP
• 2800 One Atlantic Center
• 1201 West Peachtree Street
• Atlanta, Georgia 30309

2
Ways to Get in Deep Trouble under SOX

• Enhanced criminal liability for document
  destruction
• Liability for retaliation against informants
• Liability for signing false certifications
  (public co.s)
• Notice of defined contribution plan blackout
  periods
• Enhanced penalties for securities fraud
• Enhanced liability for white-collar crime
• Improper influence on auditors (public co.s)

3
DOCUMENT DESTRUCTION
4
Document Destruction
SOX Section 802 expands criminal liability for
document destruction

• Knowingly destroy
• Any records/documents
• With intent to impede
• Any investigation or case
• - or in contemplation of a case

5
Document Destruction(contd)

• Destruction, alteration, or falsification of
  records in Federal investigations and bankruptcy
• Whoever knowingly alters, destroys, mutilates,
  conceals, covers up, falsifies, or makes a false
  entry in any record, document, or tangible object
  with the intent to impede, obstruct, or influence
  the investigation or proper administration of any
  matter within the jurisdiction of any department
  or agency of the United States or any case filed
  under title 11 bankruptcy, or in relation to or
  contemplation of any such matter or case, shall
  be fined under this title, imprisoned not more
  than 20 years, or both.

6
Tampering with Evidence
Section 802 amends 18 U.S.C. 1102 titled
Tampering with a Record or Otherwise Impeding an
Official Proceeding

• to provide that whoever corruptly alters,
  destroys, mutilates or conceals a record,
  document or other object, or attempts to do so,
  with the intent to impair the objects integrity
  or availability for use in an official federal
  agency or judicial proceeding, or who otherwise
  obstructs any official proceeding, or attempts to
  do so, shall be fined under Title 18 or
  imprisoned not more than 20 years, or both.

7
Tampering with Evidence (contd)
SOX 802 also creates another new statute, 18
U.S.C. 1520, entitled Destruction of corporate
audit records, which provides that

1. Any accountant who conducts an audit of an issuer
   of securities to which section 10A(a) of the
   Securities Exchange Act of 1934 applies, shall
   maintain all audit or review workpapers for a
   period of 5 years from the end of the fiscal
   period in which the audit or review was concluded.

8
Recent Enforcement Actions Ernst Young/Next
Card

• NextCard under examination by banking regulators
• Ernst Young partner orders altering of
  workpapers to show more support for accounting
• Also destroyed emails and documents from hard
  drive
• Two Ernst Young managers barred from practicing
  before SEC
• Partner faces criminal charges with up to 20
  years and 250,000 in fines

9

• SECURITIES FRAUD

10
SOX 807 creates a new general securities fraud
statute, 18 U.S.C. 1348, entitled Securities
fraud, which provides that Whoever knowingly
executes, or attempts to execute, a scheme or
artifice -

1. To defraud any person in connection with any
   security of an issuer with a class of securities
   registered under section 12 of the Exchange Act
   or that is required to file reports under section
   15(d) of the Exchange Act or

11

• To obtain, by means of false or fraudulent
  pretenses, representations, or promises, any
  money or property in connection with the purchase
  or sale of any security of an issuer with a class
  of securities registered under section 12 of the
  Exchange Act or that is required to file reports
  under section 15 (d) of the Exchange Act
• shall be fined under this title, or imprisoned
  not more than 25 years, or both.

12

• CIVIL LIABILITY
• WHISTLEBLOWER
• PROVISIONS

13
SOX Whistleblower Provisions

• Civil remedies for retaliation against employees
  reporting securities fraud to company
  supervisors, law enforcement or Congress (Section
  806)
• Criminal remedies for retaliation against
  informants reporting violations of any federal
  law to law enforcement (Section 1107)

14
Section 806 Who is Potentially Liable?

• Officers
• Employees
• Contractors
• Subcontractors
• Agents

15
Section 806 What Actions are Protected

• Providing information or otherwise assisting in
  an investigation OR
• Filing, testifying, participating in or otherwise
  assisting in a proceeding that is
• Filed or
• About to be filed (with any knowledge of the
  employer)

16
Section 806 What Investigations are Covered

• Investigations involving violations of
• Federal criminal law involving securities fraud,
  mail fraud, bank fraud, or wire, radio and
  television fraud
• SEC rules or regulations, or
• Federal law relating to fraud against
  shareholders

17
Section 806 Blowing the Whistle To Whom?

• Federal regulatory or law enforcement agency
• Any member or committee of Congress
• Persons working for the employer
• Supervisory authority over employee
• Authority to investigate, discover or terminate
  misconduct

18
Murray v. TXU Corp. et al. (Texas April 2003)

• Allegations in Murrays complaint
• Murray was SVP of Capital Management
• TXU had aggressive earnings targets
• CFO engaged in earnings management
• TXU didnt disclose exposures in trading markets
• Murray made numerous objections to management
• Murray was terminated 8/1/02

19
Collins v Beazer Homes(Georgia March 2003)

• Allegations in Collins complaint
• Beazer was taking deposits on homes but
  misapplying the funds for other purposes
• Collins suspected that Beazer division management
  was receiving kickbacks from a contractor
• Collins complained to corporate management
• Division management immediately terminated her

20

• Section 1107
• CRIMINAL WHISTLEBLOWER PENALTIES

21
Section 1107 Criminal Penalties Overview

• Very broad application
• Applies to public and private companies
• Whistleblowing of violations of any federal law
• Employers and their agents may face
• Fines up to 500,000 (250,000 for individuals)
• Imprisonment up to 10 years

22
Section 1107 Who is Protected?

• Any person!!

23
Section 1107 What Action is Protected?

• Providing to a law enforcement officer
• Any truthful information relating to
• The commission or possible commission
• Of any federal offense

24
Section 1107 What Retaliation is Prohibited?

• Any harmful action (!)
• Including but not limited to! interference
  with
• Lawful employment
• Livelihood

25
Federal Sentencing Guidelines Reward Effective
Compliance Program

• Compliance standards and procedures reasonably
  capable of reducing the prospect of criminal
  activity
• Oversight by high-level personnel
• Due care in delegating substantial discretionary
  authority
• Effective communication to all levels of employees

26
Federal Sentencing Guidelines Reward Effective
Compliance Program (contd)

• Reasonable steps to achieve compliance, which
  include systems for monitoring, auditing, and
  reporting suspected wrongdoing without fear of
  reprisal
• Consistent enforcement of compliance standards
  including disciplinary mechanisms
• Reasonable steps to respond to and prevent
  further similar offenses upon detection of a
  violation

27

• LIABILITY FOR SIGNING FALSE CERTIFICATIONS

28
CEO/CFO Certification

• Two separate CEO/CFO certifications for periodic
  reports Section 302 and Section 906
• Both sections require the CEO and CFO to include
  a certification for each annual or quarterly
  report of the issuer
• Section 906 imposes criminal sanctions
• Section 302 is a civil provision implemented by
  SEC regulations issued in August 2002

29
SOX 906 Criminal Liability
Must certify

• The periodic report containing the financial
  statements fully complies with the requirements
  of the Securities Exchange Act and that
  information contained in the periodic report
  fairly presents, in all material respects, the
  financial condition and results of operations of
  the issuer.

Penalties False 10 years/1M Willful 20
years/5M
30
SOX 302 Certification
The SEC regulations under Section 302 requires
the CEO and CFO to certify in each periodic
report regarding

• Financial and other information included in the
  report
• The establishment, maintenance and evaluation of
  disclosure controls and procedures
• Internal control disclosures must be made to
  auditors and AC
• Evaluation of internal controls and any changes
  thereto must be disclosed to auditors and AC

31
SOX 302Certification(contd)
Does the company require management below CEO/CFO
to sign sub-certifications? Percent of
respondents to survey who said yes

• Controller/CAO 68
• Financial reporting personnel 68
• Treasury personnel 54
• Risk management 32

Source Deloitte Touche Survey of Consumer
Business Companies, November 2002
32
Recent Enforcement Actions SEC v. David

• Irving Paul David was CFO of one investment fund
  and controller of another related fund (Smith
  Barney World Fund)
• David embezzled a total of 47k from two funds
• David signed a certification stating he had
  disclosed to the auditors and audit committee any
  fraud, whether material or not, involving
  management
• U.S. Attorney charged him with embezzlement
• SEC charged him for false certification

33
Recent Enforcement Actions Legato Systems

• Legato recorded income when customer (Logicon)
  not committed to pay
• Side letter
• Logicon has right to cancel
• Cancellation provision omitted from purchase
  order because of impact on revenue recognition
• SEC charges its CFO and two sales executives
• SEC also charges Logicons VP of sales with
  aiding and abetting

34

• ENHANCED LIABILITY AND CRIMINAL PROVISIONS

35
Statute of Limitations for Securities Fraud

• Section 804 amends 28 U.S.C. 1658 by adding
  subsection (b), which extends the statute of
  limitations for private rights of action
  involving claims of fraud, deceit, manipulation
  or contrivance in contravention of a regulatory
  requirement concerning the securities laws, to
  the earlier of (i) 2 years formerly 1 year
  after discovery of the facts constituting the
  violation or (ii) 5 years after such violation
  formerly 3 years.

36
Penalty Enhancements

• Section 902 creates new Section 1349, Attempt and
  Conspiracy, to Title 18 of the U.S. Code,
  providing that those persons who attempt or
  conspire to commit certain fraud offenses will be
  subject to the same penalties as those prescribed
  for the offense
• Section 903 increases the maximum penalties for
  mail and wire fraud from five years to 20 years
  imprisonment

37
Penalty Enhancements(cont d)

• Section 904 increases the criminal penalties for
  ERISA violations from one year to 10 years
  imprisonment and up to 500,000 in fines
• Section 1106 amends Section 32(a) of the Exchange
  Act to raise the maximum individual penalties
  from 1 million and 10 years imprisonment to 5
  million and 20 years imprisonment, and to raise
  the maximum corporate fine from 2.5 million to
  25 million

38

• Improper Influence On Auditors

39
Improper Influence on Auditors
New SEC rules say that officers may not
fraudulently influence, coerce, manipulate or
mislead an independent auditor

• To issue a report that is not warranted in the
  circumstances
• Not to perform procedures required by GAAS
• Not to withdraw a report
• Not to communicate with AC

40
What is Improper Influence?
SEC says the following may be improper influence

• Offering or paying bribes or other financial
  incentives, including offering future employment
• Providing an auditor with inaccurate or
  misleading legal analysis
• Threatening to cancel existing non-audit or audit
  engagements if the auditor objects to the
  issuers accounting
• Seeking to have a partner removed from the audit
  engagement because the partner objects to the
  issuers accounting
• Blackmailing, and
• Making physical threats

41

• Section 306
• ERISA BLACKOUT PROVISIONS

42
Blackout Notices

• Administrative Information
• Final regulations issued by DOL on January 24,
  2003
• Regulations are effective for Blackout Periods
  beginning on or after January 26, 2003

43
Blackout Notices(contd)

• Blackout Period Defined
• Any period of more than three consecutive
  business days during which the ability of
  participants or beneficiaries in an individual
  account plan to direct or diversify assets
  credited to their accounts or to obtain loans or
  distributions from the plan is temporarily
  suspended, limited, or restricted.

44
Blackout Notices(contd)

• Typical Blackout Period Scenarios
• Change in service providers (e.g., third-party
  recordkeepers)
• Change in payroll systems, vendors, or software
• Changing investment options

45
Blackout Notices(contd)

• Content of Notice
• Reason(s) for the Blackout Period
• Identification of the investments and/or rights
  affected by the Blackout Period
• Expected beginning and ending dates for the
  Blackout Period (specific dates or calendar
  weeks)
• If investments are affected, a statement advising
  evaluation of appropriateness of current
  investment decisions in light of inability to
  direct or diversify during Blackout Period

46
Blackout Notices(contd)

• Content of Notice
• If Notice is not provided 30 days in advance of a
  Blackout Period, a statement that 30-day advance
  notice is generally required and an explanation
  as to why notice was not given
• Name, address, and phone number of contact
  person/department for questions
• Notice must be written so that it can be
  understood by the average participant
• DOL has provided a model notice
• Not required, but its use satisfies certain safe
  harbors

47
Blackout Notices(contd)

• Form and Distribution of Notice
• In writing
• Distributed to affected participants and
  beneficiaries in any manner permitted under ERISA
  (including electronic media)
• Must be mailed (or sent electronically) by the
  distribution deadline (need not be received by
  the deadline)
• Must be sent to the participants or
  beneficiaries last known addresses

48
Blackout Notices(contd)

• Timing of Notice
• At least 30 calendar days, but not more than 60
  calendar days, prior to the last day on which the
  participants or beneficiaries may exercise the
  affected rights
• Example Trading permitted 1 x per month on last
  day of month Blackout Period 6/20 7/15
  (i.e., no trades on 6/30) last day to exercise
  rights is 5/31 thus, Notice must be provided
  30-60 days prior to 5/31 (i.e., no later than
  5/1)

49
Blackout Notices(contd)

• Civil Penalties
• Civil penalty for administrators failure to
  provide timely Blackout Notices
• DOL may assess up to 100 per day, per
  participant or beneficiary
• Penalty period begins on the last date the Notice
  could have been properly filed and ends on the
  date the Blackout Period ends
• Personal, joint and several liability of plan
  administrator