Barriers to Corporate Fraud: How They Work, Why They Fail

The collapse of Enron Corp. in the fall of 2001 had a peculiar side effect: accounting became front page news. For the next year, accounting fraud at a long series of Fortune 500 companies made headlines. The worst cases led to spectacular bankruptcies, mass layoffs, and criminal prosecutions. Many other companies remained intact, but paid millions of dollars to settle charges that their books did not correspond to financial reality.

The economic costs of the corporate scandals were substantial: trillions of dollars in shareholder wealth lost and a climate of uncertainty that may have suppressed business investment and hiring after the 2001 recession ended. The barriers to corporate fraud set in place after the Great Depression had clearly failed to protect public investors and were put under close scrutiny. Congress responded by passing the Sarbanes-Oxley Act of 2002, strengthening regulation of auditors, directors, and corporate executives and increasing criminal penalties for fraud.

During the 2003-2004 school year, Professor William Black’s class at the Lyndon B. Johnson School of Public Affairs of the University of Texas examined corporate fraud from a multi-disciplinary perspective. Rather than viewing fraud as simply a securities law matter, the class considered the insights of criminology, sociology, management science, business ethics, behavioral economics, complex systems theory, and other fields. This report is the result of their investigations.

The report focuses on the internal controls on American corporations (including corporate governance, business ethics, managerial structure and compensation, internal counsel, and whistleblowers), as well as external controls (government regulation, external auditors and accountants, and the judicial process). A recurring theme is the limited efficacy of many safeguards and watchdogs in cases of “control fraud,” where fraud is directed or abetted by top management, and where unethical or abusive practices may become the organizational norm. It may then be easier for employees, directors, auditors, and even government regulators to go along with the prevailing trends, rather than take a stand which might disrupt the smooth functioning of the business, and could bring on devastating personal and organizational consequences.

Another broad question raised by the report is whether the post-Enron scandals were a one-time event, made possible by the stock market bubble of the 1990s and several other unique historical developments which together constituted a “perfect storm,” or whether fraud is a cyclical phenomenon associated with the end of long bull markets. The question has policy implications: if recent corporate scandals represent an unfortunate result of a unique set of conditions, one might conclude that the restraints now in place are sufficient to prevent outbreaks of fraud under normal circumstances. On the other hand, if fraud is cyclical and can be expected to reappear once stock prices begin to soar again, one might conclude that the post-Enron scandals have revealed fundamental weaknesses in law and regulation. This report provides an overview of anti-fraud barriers and will not be updated.

Barriers to Corporate Fraud: How They Work, Why They Fail

December 27, 2004 (RL32718)



The collapse of Enron Corp. in the fall of 2001 had a peculiar side effect: accounting became front page news. For the next year, accounting fraud at a long series of Fortune 500 companies made headlines. The worst cases led to spectacular bankruptcies, mass layoffs, and criminal prosecutions. Many other companies remained intact, but paid millions of dollars to settle charges that their books did not correspond to financial reality.

The economic costs of the corporate scandals were substantial: trillions of dollars in shareholder wealth lost and a climate of uncertainty that may have suppressed business investment and hiring after the 2001 recession ended. The barriers to corporate fraud set in place after the Great Depression had clearly failed to protect public investors and were put under close scrutiny. Congress responded by passing the Sarbanes-Oxley Act of 2002, strengthening regulation of auditors, directors, and corporate executives and increasing criminal penalties for fraud.

During the 2003-2004 school year, Professor William Black's class at the Lyndon B. Johnson School of Public Affairs of the University of Texas examined corporate fraud from a multi-disciplinary perspective. Rather than viewing fraud as simply a securities law matter, the class considered the insights of criminology, sociology, management science, business ethics, behavioral economics, complex systems theory, and other fields. This report is the result of their investigations.

The report focuses on the internal controls on American corporations (including corporate governance, business ethics, managerial structure and compensation, internal counsel, and whistleblowers), as well as external controls (government regulation, external auditors and accountants, and the judicial process). A recurring theme is the limited efficacy of many safeguards and watchdogs in cases of "control fraud," where fraud is directed or abetted by top management, and where unethical or abusive practices may become the organizational norm. It may then be easier for employees, directors, auditors, and even government regulators to go along with the prevailing trends, rather than take a stand which might disrupt the smooth functioning of the business, and could bring on devastating personal and organizational consequences.

Another broad question raised by the report is whether the post-Enron scandals were a one-time event, made possible by the stock market bubble of the 1990s and several other unique historical developments which together constituted a "perfect storm," or whether fraud is a cyclical phenomenon associated with the end of long bull markets. The question has policy implications: if recent corporate scandals represent an unfortunate result of a unique set of conditions, one might conclude that the restraints now in place are sufficient to prevent outbreaks of fraud under normal circumstances. On the other hand, if fraud is cyclical and can be expected to reappear once stock prices begin to soar again, one might conclude that the post-Enron scandals have revealed fundamental weaknesses in law and regulation. This report provides an overview of anti-fraud barriers and will not be updated.

Barriers to Corporate Fraud: How They Work, Why They Fail


The corporate scandals of the early 21st century have sparked much speculation as to their cause, and much work by legislators and regulators to set in place reforms to prevent them from recurring. Explanations for these events seem to rely on one of two distinct models. One theory claims that collapses such as these are cyclical and may be an inevitable adjunct to prolonged bull markets. When the good times are rolling, virtually all investments are buoyed by the rising market. Investors have less incentive to monitor the firms they invest in, and regulators tend to become less vigilant when investor losses are rare. In this atmosphere, fraud can prosper, and even established, respectable firms may see little harm in embellishing their accounting results to provide the endless stream of good news that the overheated market demands. Eventually the party ends, investor skepticism and regulatory zeal return, and the market's self-cleansing forces restore the balance. Until the next time.

Another explanation—which may be called the "perfect storm" theory—holds that the confluence of several unique historical circumstances in the late 1990s enabled rogue managers and companies to commit fraud on a scale far grander than the cyclical explanation would have predicted. Among the factors that combined to form the perfect storm were a booming new technology sector based on the Internet, the creation and enthusiastic adoption of new financial strategies and instruments, the demographic impact of baby boomers beginning to save for retirement, changes in the relationship between auditors and their clients, and, of course, a stock market driven to "irrational exuberance" by year after year of double-digit returns.

In examining these theories, this report focuses on the internal controls on American corporations (including corporate governance, business ethics, managerial structure and compensation, internal counsel, and whistleblowers), as well as external controls (government regulation, external auditors and accountants, and the judicial process).

This report surveys the barriers to corporate fraud within the context of the competing explanations: the cycle vs. the perfect storm. The explanation one chooses will affect the preferred public policy response. If the series of corporate scandals that began with Enron represents an unfortunate result of a unique set of market conditions, one might conclude that the restraints now in place are sufficient to prevent outbreaks of fraud under normal circumstances. On the other hand, if fraud is cyclical and can be expected to reappear once stock prices begin to climb again, one might conclude that the post-Enron scandals have revealed fundamental weaknesses in law and regulation. This was arguably Congress's frame of mind when it passed the Sarbanes-Oxley Act—the most significant amendments to securities law since the 1930s—during the worst of the scandals. Some observers characterize that law as an over-reaction,1 while others see it as a first step.2 The 109th Congress may consider proposed laws and regulations that affect mutual funds, stock options accounting, hedge funds, insurance companies, government-sponsored enterprises, and other financial institutions. This report provides a broad perspective for considering major issues in antifraud law and regulation.

Corporate Governance

Boards of Directors

A board of directors oversees the management of a corporation on behalf of the shareholders. Though boards normally allow managers broad latitude to conduct day-to-day operations, state corporate and federal securities laws mandate that directors approve certain major company decisions, such as the issuance of stock, distribution of dividends, mergers, the level of executive pay, amendments to corporate by-laws, and other matters. In times of crisis, the board can fire management and take any action deemed necessary to protect the interests of the ultimate owners of the business, the shareholders. Shareholders elect directors to the company board, with the number of votes cast usually in proportion to the number of shares held.

In the wake of the post-Enron scandals, the role of the board of directors has been the subject of much legislative and regulatory activity. It is clearly desirable to have the board play an active role in preventing and detecting management fraud, but many observers stress the limitations of the board's monitoring capacity, given that its members serve part-time and must rely heavily upon the representations of management.

Kostant describes the situation in this way: "[i]n the governance mechanisms, senior inside management, especially the chief executive officer, selected the board of directors, and while the board in theory had ultimate authority for the management of the corporation, it largely deferred to the policies and practices of the senior inside managers. Direct challenges to the CEO by the board were rare, and the board usually followed the directives of the inside managers in opposing derivative suits."3 Kostant notes that management has been allowed to "capture the mechanics of corporate governance" and has created a power dynamic "relatively unchecked by weak exit and non-existent voice."4 In other words, corporate actors (not just employees, but also advisors and contractors such as financial institutions or accountants) have become more reluctant to walk away from a corporation whose management is engaged in improper practices, and they are even less willing to take a public stand against such practices.

Director Selection

Shareholders normally give the slate of directors nominated by management a near-unanimous vote of approval.5 The usual practice for shareholders dissatisfied with a company's management is to sell their shares. Attempts to unseat management by electing an opposing slate of directors, as at Disney in 2004, are rare. A basic criticism of boards of directors is that they provide rubber stamp approval for management rather than substantive oversight; the selection process partly explains why this might be so.

Directors are chosen for a variety of reasons, including their knowledge of the company's business, their reputation, or their personal and professional relationships with management. Many directors hold positions on a number of boards, which may ultimately affect a board's ability to effectively carry out its duties.6 Active or retired CEOs frequently serve as directors. Directors who are (or have been) managers of other companies may tend to make decisions much as they would for their own firms, and use governance tactics which they have either already found successful in their own dealings or wish to test for future use.7 CEO-directors are unlikely to challenge current management, and change becomes less likely as the proportion of directors who are CEOs in their own right increases.8

The means by which directors are selected may create a social dilemma, further undermining the ability to effectively monitor management. Board members are often appointed due to personal relationships, and these directors will likely find it difficult to protest the manager's actions.9

No corporation would nominate an outspoken critic of its management to its board. Similarly, few prospective directors would choose to serve on the board of a firm whose management they did not respect and trust. The need for a collegial and cordial atmosphere for the board to get its work done—both directors and managers have other demands on their time—conflicts with the need to have a board ready to ask tough and unpleasant questions when fraud is suspected. Scholars and practitioners argue that a certain level of consensus between management and boards is necessary for company planning and the implementation of policy. Forcing directors into a stronger monitoring role may create suspicion and discord between the groups and ultimately damage the company.

Board Independence as a Barrier to Fraud

After the recent wave of corporate scandals, there was a strong push to strengthen the role of independent directors, those who have no ties to the company or its management and can presumably exercise more impartial judgement. The Sarbanes-Oxley Act requires that a board's audit committee, which hires, oversees, and pays the firm's outside auditor, be made up entirely of independent directors. The Nasdaq and New York Stock Exchange (NYSE) adopted rules in 2003 that require companies whose stock is traded on their markets to have a majority of independent directors on their boards. The new rules included a more stringent definition of "independence." According to NYSE Rule 303A.02 ("Independence Tests"):

  • No director qualifies as "independent" unless the board of directors affirmatively determines that the director has no material relationship with the listed company (either directly or as a partner, shareholder or officer of an organization that has a relationship with the company). Companies must disclose these determinations.
  • A director who is an employee, or whose immediate family member is an executive officer, of the company is not independent until three years after the end of such employment relationship.
  • A director who receives, or whose immediate family member receives, more than $100,000 per year in direct compensation from the listed company, other than director and committee fees and pension or other forms of deferred compensation for prior service (provided such compensation is not contingent in any way on continued service), is not independent until three years after he or she ceases to receive more than $100,000 per year in such compensation.
  • A director who is affiliated with or employed by, or whose immediate family member is affiliated with or employed in a professional capacity by, a present or former internal or external auditor of the company is not "independent" until three years after the end of the affiliation or the employment or auditing relationship.
  • A director who is employed, or whose immediate family member is employed, as an executive officer of another company where any of the listed company's present executives serve on that company's compensation committee is not "independent" until three years after the end of such service or the employment relationship.
  • A director who is an executive officer or an employee, or whose immediate family member is an executive officer, of a company that makes payments to, or receives payments from, the listed company for property or services in an amount which, in any single fiscal year, exceeds the greater of $1 million, or 2% of such other company's consolidated gross revenues, is not "independent" until three years after falling below such threshold.

The California Public Employees Retirement System (CALPERS), the largest institutional investor in the United States, has a broader definition of "independence" than that of the NYSE. CALPERS guidelines (which are not legally binding upon U.S. firms) state that former executives, advisers, consultants, customers, suppliers, contractors and family members with relationships to the corporation, and individuals affiliated with a not-for-profit entity receiving "significant" contributions from the corporation within the previous five years are not independent.

Not all feel that director independence will improve the performance of corporate boards. In a February 2004 speech at the University of Texas Law School 26th Annual Conference on Securities Regulation and Business Law Problems, SEC Commissioner Cynthia Glassman suggested that independent directors do not necessarily function effectively as overseers of management of a corporation:

Increased director independence is often treated like the silver bullet that will prevent future misconduct - or even managerial inefficiency. But at each point along the path, the heightened independence of the Board has failed to prevent subsequent crises, and the evidence is inconclusive regarding whether there is a correlation between independence and performance.... "Independent" is not a proxy for "good," especially given our tendency to focus on economic independence, and not independence of thought. It should not be surprising, therefore, that the results of reform efforts have been mixed.10

Glassman posited that because there is no easily identifiable optimal configuration of (or role for) a board, one cannot conclude that absolute independence is a necessary feature of any board of directors. Rather, when determining appropriate policy and reforms, regulators need to take into account all of the different ways boards can function within a corporation. To that end, regulators must remember that boards play dual roles in a corporation: as manager and as monitors. Therefore, "the goal of our regulatory reforms should be to make sure both the roles are appropriately accounted for and balanced, and to avoid unnecessarily infringing on either legitimate role," Glassman said. Moreover, regulators must take into account the tension that will always exist resulting from the dual roles directors hold. "What do we really want from directors? We want a Board that is collegial, informed and involved enough with management to provide strategic guidance. We also want a Board that is far enough removed to ask tough questions and take decisive independent action when necessary," Glassman said.

It has been further argued that continued regulatory focus on the independence of directors will have an adverse effect both on a board's ability to execute its managerial duties for the company and on the company's ability to recruit a board which will best fit the individual company's needs. If boards are forced to focus most heavily on the monitoring and oversight of the actions of management, they risk destroying the cooperative relationship with the managers who must implement their decisions.11 Requirements for independence may make the board selection process more strenuous, and the possibility of increasing board member liability or responsibility for the actions of the company-either by law or perception-may make otherwise valuable candidates more reluctant to step forward. Moreover, board independence may not be advisable in companies in highly specialized industry sectors, where the number of board candidates with relevant experience is limited, especially if management feels it necessary to seek advice from its directors.

The CEO/Chairman Split

Perhaps the ultimate threat to board independence arises when the CEO also serves as chairman of the board. The dual role has become increasingly common. Defenders of the practice argue the appointment of CEO as chairman eliminates the possibility that the board would not have the same information as executives. Holding both positions creates a more streamlined corporation and helps avoid an inherent disjunction of information between the board and top management. Hence, proponents argue that the sharing of information can unify the management and directors.12

But a chairman's service in both capacities may also create problems. If a board's task is to monitor (and potentially override) the decisions of management, it is difficult to believe that the CEO would be inclined to disagree with his or her own decisions. By sharing the role, a CEO can suborn the board. It will be harder for a board to reject one of its own and will make the monitoring function increasingly difficult.

Short of lawfully forcing the CEO/chairman split, a step the NYSE and Nasdaq rules do not take, another option is to appoint a director with the power to offset the CEO or appoint other directors to espouse the views of management, thereby relieving the CEO of that responsibility, while still allowing management's views to be discussed through a constructive dialogue.13

The Enron Board and Potential Failures of Independence Requirements

Although independence requirements have been a major thrust of post-Enron reforms, it should be noted that independent directors were unable to prevent Enron's collapse. Enron's board included skilled corporate managers and former regulators and qualified as a "supermajority independent" board—one in which all directors came from outside the company, with the exception of the CEO.14 Jeffrey Skilling and Kenneth Lay were the only Enron employees to serve on the board. The board's audit, compensation, governance, and nominating committees were composed entirely of independent directors.

However, its independence and expertise did not prevent the board from twice suspending its code of ethics to allow CFO Andrew Fastow to create, manage, and personally profit from ostensibly independent accounting entities whose real function was to hide business losses. Neither did the board force management to examine seriously the issues raised in Sherron Watkins' whistleblower memo, nor request to see the Vinson and Elkins investigative report of her concerns that was conducted at management's request.15

The Senate Permanent Subcommittee on Investigations concluded that the board acted inappropriately in a number of ways, including breach of fiduciary duty, approval of situations putting corporate managers in conflicting positions, tolerating high-risk accounting policies, and the creation of excessive compensation plans.16 The Subcommittee's report also cited a lack of independence with regard to financial ties between the company and individual directors. But the greatest problem with the Enron board seems to have been not its actions, but its inaction. The board was unwilling to challenge actions by management that were ultimately devastating to the firm and its rank-and-file employees, except through the institution of a few controls that were not closely monitored. The board also failed to monitor Enron's outside auditor, Arthur Andersen.

Corporate Officers and Managers: Creating an Ethical Environment from the Top Down

Corporate officers17 and managers play the central role in running day-to-day operations and establishing the long-term goals of a business entity. Officers also play a large role in setting the corporate culture of an organization, determining who is promoted or passed over and what type of employee behavior (e.g., risk-taking) is rewarded or punished. In many cases, not only corporate employees but corporate directors take their cues from officers and managers. Corporate officers' power and autonomy are often such that when they are bent on fraud, there is no effective force within the business to counter them.

SEC Commissioner Cynthia Glassman has called for executives to be the conscience of their company and for the SEC to be the enforcer of that conscience.18 With officers and managers wielding so much power in today's corporate landscape, many believe that ethical corporate behavior must truly come from the top down. The problem for corporate governance is how to create incentives that reward managers for ethical behavior.

Berle and Means, in their classic study The Modern Corporation and Private Property,19 first explored a key issue in corporate governance: the agency problem that results from the division of management and ownership. In a closely-held corporation, in which corporate officers are also the primary shareholders, owners' and managers' interests are automatically aligned. This is not the case in publicly held corporations, where ownership is usually dispersed among thousands of shareholders.

A traditional view has been that in order to keep managers honest and ethical, it is important to align managerial interests with the interests of the corporate owners. To protect shareholders from managerial abuse, corporate governance practice and securities law, respectively, take a carrot-and-stick approach. Corporations have sought to eliminate conflicts of interest by creating generous financial incentives to encourage managers to focus on creation of shareholder wealth. Securities law, on the other hand, establishes fiduciary duties and responsibilities for management, and provides penalties when these are not met.

CEO Incentive Compensation as Corporate Governance

Conceptually, the problem of division between ownership and control has a simple solution: give managers substantial amounts of company stock. As stockowners, managers will have a stake in the long-term performance of the company. Since the 1970s, finance scholars and management theorists have given strong support to stock-based executive compensation as a corporate governance tool.

It is now common for CEOs of large companies to receive hundreds of millions of dollars worth of stock and stock options during their tenures. Stock-based pay often vastly outweighs salary and bonus compensation. Research on whether this compensation shift has improved corporate performance and competitiveness is mixed, and beyond the scope of this report. The post-Enron scandals, however, suggest that executive pay policies have not reduced the propensity of corporate mangers to engage in fraud. There are a number of explanations for the failure of pay practices to improve ethical standards.

First, CEOs of large corporations are able to exercise a significant amount of bargaining power when negotiating their employment contracts and change-in-control contracts.20 A large differential lies between CEO bargaining power and other corporate workers' bargaining power. The only oversight of CEO contract negotiations is provided by the board of directors, which (as discussed above) is normally disinclined to challenge top management. The principal-agent problem remains.

According to Bebchuk and Fried, the contracting approach of CEOs in determining their compensation package can produce a conflict of interest between the board of directors and top management.21 Bebchuk argues that one should not assume that the board of directors' main goal is to maximize shareholder value; that they, too, may be subject to agency problems.22 Directors have the incentive to secure their reappointment to the board. Average director compensation in the 1,500 largest U.S. corporations was $102,000 in 2003.23 In the case of Enron, directors were paid up to $380,000 annually. (These figures exclude all the non-monetary perks directors receive such as business and social contacts.)

The only real consequence the board or CEOs face in challenging each other is turnover—the possibility of losing their positions—but, under current corporate practices, CEOs' and boards' tenures are mutually determined. That is, boards approve compensation schemes for officers, and have legal authority to remove them, but CEOs often have significant influence in determining board membership through control of the nominations process.

Directors represent the shareholders, but the shareholders do not select directors in any meaningful sense. The slate of directors proposed by management generally passes by a near-unanimous vote. A situation where shareholders put forward a slate contrary to the desire of management is exceedingly rare. Hence, directors must stay in the good graces of management to keep their positions on the board.

In corporations lacking a controlling shareholder, most of the directors have nominal equity interest in the firm.24 This fact, together with a general willingness to approve ever-higher levels of compensation,25 ties the board's hands when it comes to determining a CEO's employment contract. Thus, the board generally does not use its pay-setting powers to control CEO behavior.

Problems with Stock-Based Compensation

In order to align managerial interests with shareholder interests, stock-based compensation—in the form of restricted shares or stock options—has become the norm at large U.S. firms. However, stock-based compensation has not always kept corporate officers working for the best long-term interests of the company.

After Enron, there is a sense that rising amounts of stock-based pay may sometimes be too much of a good thing. While having a substantial equity stake may indeed align managers' and shareholders' interests, when that stake grows into the hundreds of millions of dollars, managers have a counter-incentive. That is, when a company is in trouble, managers may seek to protect their own stakes by issuing false accounting statements, giving themselves time to sell their own stock before public investors become aware of the company's financial problems.26 This was the pattern at Enron, and it was repeated elsewhere. At the 25 largest U.S. businesses to declare bankruptcy during the 18 months after January 1, 2001, the 25 highest-paid insiders had earned $3.3 billion since 1999, while over the same period shareholder value declined by $211 billion and over 94,000 jobs were lost.27

Other problems with stock and options as an incentive tool have been observed. When managers sell stock or exercise options, restoring pay-performance sensitivity requires giving them new options or shares. Stock cashouts can lead to the weakening of managers' incentives or, alternatively, may force the firm to restore incentives to the pre-cashout level.28 Though many companies have taken steps to restrict executives' abilities to cash out vested equity incentives through "trading windows" and "blackout periods," these limitations are not prevalent throughout all businesses and industries. And even in firms that have such restrictions, managers who are privy to undisclosed bad news may still use trading windows to unload a substantial amount of their holdings.

Some argue that bonus pay based on financial performance creates incentives that are less problematic than stock-based compensation. Stock option pay, for example, may promote excessive risk taking in the pursuit of managerial wealth, whereas executives whose pay is linked to annual performance targets might be expected to be more risk-averse. A criticism of bonus pay is that recipients may have too short a time horizon and fail to make the investments that are crucial to the firm's long-term growth. Sanders and Hambrick investigate the effects of CEO pay structure on firm performance and investment and reach the "counterintuitive" result that reliance on bonus pay does not reduce two out of three measures of long-term investment. Furthermore, they find that bonus pay does not have a negative impact on subsequent firm performance.29

Regarding executive stock option plans, Sanders and Hambrick find a nonlinear pattern: at moderate levels, option plans have a positive effect on the firm's subsequent performance, but at higher levels, option pay sometimes results in significant costs to stockholders. Half the firms they studied had levels of option compensation exceeding the level they considered optimal.30

Cost to Shareholders

The difference between the pay that CEOs actually receive and what they would have received under an arm's length transaction is thought to reflect the imbalance of power between the CEO and shareholders. Managers' ability to influence their pay can lead to compensation arrangements that generate worse incentives than those that arm's length contracts would provide. Managerial influence may lead to the adoption of compensation packages that provide weak or perverse incentives. These inefficiencies can lead to the reduction of shareholder value, a serious consequence. The economic impact of CEO pay, often dismissed as symbolic in the context of a multi-billion dollar corporation, can be material. Studies show that CEO compensation was on average 7.89% of corporate profits in the 1,500 firms that make up the ExecuComp dataset in 2000.31

Executive Pay and Public Opinion

One check on CEO and executive compensation is public outrage. During the 1990s, some firms were criticized for their CEOs' excessive paychecks, and the annual compensation of CEOs of criticized firms was reduced over the following two years by an average of $2.7 million.32 One response is recent efforts to "camouflage" the executive pay package.33 An example was provided by Jack Welch of General Electric, who was widely respected when he retired, but was later criticized when details of his extensive retirement package, which had not been disclosed to shareholders, became known during divorce proceedings. Observers argue that a major problem with the current executive compensation landscape is the frequent lack of transparency. Where efforts to conceal the true level of compensation exist, it is not likely that pay practices will foster ethical conduct.

Some critiques of "excessive" executive compensation proceed from an egalitarian standpoint. CEO pay has risen so far above rank-and-file wages that some maintain that many executives view themselves as a special class, beyond the reach of law and regulation.34 Paul Volcker, former chairman of the Federal Reserve, now speaks out frequently about the ill effects of corporate greed. Since the enactment of Sarbanes-Oxley, he has stated, "there is a bit more discipline [among managers]. However, I think corporate America is still in a state of denial and despair. People think they deserve all this money and they don't want to be the only one to say 'no.' And so the problem keeps spiraling."35

Fiduciary Duties

Corporate officers owe a legal fiduciary duty to the corporation and its owners. The principal-agent theory outlines the expectation held by shareholders that their primary interests will drive the decisions made by management. These interests are often thought to be the maximization of profits for the firm.

Some, however, call for an expansion of the fiduciary concept, to include stakeholders other than the owners. Evan and Freedman define stakeholders as "those groups who have a stake in or claim on the firm...includ[ing] suppliers, customers, employees, stockholders, and the local community, as well as management in its role as agent for these groups." They liken firm mismanagement in the community to a crime that "violates an implicit social contract, and maintain that m Management, as corporate agents, must address these issues of stakeholder protection:36

Persons are responsible for the consequences of their actions through the corporation, even if those actions are mediated. Any theory that seeks to justify the corporate form must be based partially on the idea that the corporation and its managers as moral agents can be the cause of and be held accountable for the consequences of their actions.37

They hold that another principle of stakeholder management is:

Management bears a fiduciary relationship to stakeholders and to the corporation as an abstract entity. It must act in the interests of the stakeholders as their agents, and it must act in the interests of the corporation to ensure the survival of the firm, safeguarding the long-term stakes of each group.38

The problem, they maintain, is that this fiduciary relationship is not kept in balance and is quite often used as a justification for unethical acts. The authors acknowledge the principle's inherent conflict by offering that it "gives no instructions for a magical resolution of the conflicts that arise from prima facie obligations to multiple parties...."39 It is left up to management to foster an environment that acknowledges all parties' stake in the survival of the firm. Stakeholder theory holds that no one group should be given primacy over another. Situations will occur when one group will benefit at the expense of others, but "relationships among stakeholders must be in balance; when they are not the survival of the firm is in jeopardy."40

The Sarbanes-Oxley Act

The Sarbanes-Oxley Act sought to improve fiduciary performance and accountability. The act increased the accountability of CEOs and CFOs in regard to SEC reporting and increased civil and criminal penalties for corporate fraud-related offenses.

Pursuant to Sarbanes-Oxley, on August 29, 2002, the SEC adopted new rules 13a-14 and 15d-1441 under the Securities Exchange Act, which require a company's CEO and CFO to certify in each quarterly and annual report that

  • he or she has reviewed the report;
  • based on his or her knowledge, the report does not contain any untrue statement of a material fact or omit to state a material fact necessary in order to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by the report;
  • based on his or her knowledge, the financial statements, and other financial information included in the report, fairly present in all material respects the financial condition, results of operations and cash flows of the issuer as of, and for, the periods presented in the report;
  • he or she and the other certifying officers:
  • (1) are responsible for establishing and maintaining disclosure controls and procedures;
  • (2) have designed such disclosure controls and procedures to ensure that material information is made known to them, particularly during the period in which the periodic report is being prepared;
  • (3) have evaluated the effectiveness of the issuer's disclosure controls and procedures as of a date within 90 days prior to the filing date of the report; and
  • (4) have presented in the report their conclusions about the effectiveness of the disclosure controls and procedures based on the required evaluation as of that date;
  • he or she and the other certifying officers have disclosed to the issuer's auditors and to the audit committee of the board of directors (or persons fulfilling the equivalent function):
  • (1) all significant deficiencies in the design or operation of internal controls (a pre-existing term relating to internal controls regarding financial reporting) which could adversely affect the issuer's ability to record, process, summarize and report financial data and have identified for the issuer's auditors any material weaknesses in internal controls; and
  • (2) any fraud, whether or not material, that involves management or other employees who have a significant role in the issuer's internal controls; and
  • he or she and the other certifying officers have indicated in the report whether or not there were significant changes in internal controls or in other factors that could significantly affect internal controls subsequent to the date of their evaluation, including any corrective actions with regard to significant deficiencies and material weaknesses.

Sarbanes-Oxley also created a criminal penalty for CEOs and CFOs who knowingly certify false reports. Officers who certify a report knowing that the statement does not meet the statutory requirements will, upon conviction, face up to $1 million fine, up to 10 years in prison, or both. A CEO or CFO willfully certifying compliance knowing that the periodic report accompanying the statement does not comport with the requirements of the law will face a fine of up to $5 million, imprisonment of not more than 20 years, or both. An assertion of ignorance may now carry criminal penalties. Additionally, Sarbanes-Oxley explicitly prohibits anyone from defrauding shareholders and increases the fines and/or terms of imprisonment that apply to corporate fraud and related crimes.


The Authority for Auditors

Auditors evaluate financial statements to ensure that they accord with Generally Accepted Accounting Principles (GAAP). Federal securities law requires that all SEC-regulated companies (those whose securities are sold to the public) have their financial statements certified by an independent auditor. Assuring that public companies comply with accounting rules is the function of private auditors; the SEC does not ordinarily conduct audits itself.

Neither does the SEC promulgate accounting standards, although it has statutory authority to do so. Rather, the agency delegates this responsibility to the Financial Accounting Standards Board (FASB), a private-sector body. During the Enron investigations, a Senate committee reported that FASB "has been subject to criticism for its lack of speed in promulgating standards and for being too close to the accounting industry."42 Funding for the FASB came from the accounting industry, until the Sarbanes-Oxley Act sought to isolate FASB from the industry by establishing an assessment upon publicly-traded companies to fund the accounting standards setting body.

Before Enron, oversight of auditors was primarily the responsibility of the American Institute of Certified Public Accountants (AIPCA), as was the promulgation of auditing standards. In response to widespread auditor failures, the Sarbanes-Oxley Act (Sections 101-109) created the Public Company Accounting Oversight Board (PCAOB) to strengthen auditor oversight. The PCAOB, which is a private body operating under SEC oversight, has two major functions: (1) to issue rules establishing standards for auditing practice, ethics, and independence, and (2) to monitor auditing firms for compliance with these and other applicable rules and investigate and publish violations with fines, censures, or suspensions from the practice of auditing public companies.

In addition to the PCAOB, auditors remain subject to professional discipline to ensure that they maintain compliance with auditing standards. The SEC may bar or suspend from practice any accountant deemed to have engaged in "unethical or improper professional conduct." States from which the accountant receives his license can fine, suspend, or bar the accountant from practice. The Professional Ethics Division within the AICPA can initiate investigations into allegations of unethical or wrongful conduct. If it determines guilt, it can bar the accountant from AICPA membership. The staff of the Senate Committee on Governmental Affairs found that "these avenues of professional discipline for accountants have been criticized—particularly in the wake of the Enron scandal—as fairly ineffective. State boards of accountancy vary in their approaches and do not have sufficient resources to monitor the professionals in their States. Meanwhile, the AICPA, as the industry trade association, tends not to act aggressively, particularly against accountants in the most established firms."43

The Purpose of the Audit

Auditors act as monitors of public corporations by certifying financial statements of those corporations. They ensure that a corporation has implemented effective risk management processes and internal control systems and has developed financial statements that accord with GAAP. "Benefits of effective monitoring include transparent financial statements, active trading markets, and the ability to use unbiased financial accounting numbers as inputs into contracts among shareholders, senior claimants, and management."44 Auditors, in effect, serve as "watchdogs" or "gatekeepers" for investors and creditors.

The auditor provides only "reasonable assurance" that a corporation has fairly represented its financial condition and implemented effective internal controls. The auditor cannot endorse the truth of a financial statement with absolute certainty because the auditor remains largely dependent on management and other corporation employees to provide the needed material to perform its function (although auditors can and sometimes do obtain information independent of corporate management). Other sources of uncertainty include the use of estimates and inconsistencies in internal controls. "An audit provides only reasonable assurance against material misstatements, whether intentional or unintentional, in the financial statements. In reality, an audit does not guarantee that error or fraud has not affected the financial statements."45 Investors, however, often perceive the audit as providing absolute assurance that a corporation is not committing fraud. A survey in the early 1990s showed that almost half of investors believed that the certified audit guaranteed that a corporation was not releasing unintentionally false financial statements, and more than 70% believed that a certified audit meant the corporation absolutely was not engaging in fraud. As a result, investors' expectations exceed the assurance actually provided.46

Scholars argue whether or not auditors may have an incentive to certify false and misleading financial statements made by corporations. One view is that maintaining a high professional reputation provides sufficient incentive for auditors to not endorse questionable financial statements. "An accountant's greatest asset is its reputation for honesty, closely followed by its reputation for careful work. Fees for two years' audits could not approach the losses [that the auditor] would suffer from a perception that it would muffle a client's fraud.... [The auditor's] partners shared none of the gain from any fraud and were exposed to a large fraction of the loss. It would have been irrational for any of them to have joined cause with [the client]," wrote Judge Easterbrook for the Seventh Circuit in 1990.47

Columbia law professor John Coffee noted that having an auditor vouch for a corporation's statements "is necessary because the market recognizes that the gatekeeper has a lesser incentive to lie than does its client and thus regards the gatekeeper's assurance or evaluation as more credible. To be sure, the gatekeeper as a watchdog is typically paid by the party that it is to watch, but its relative credibility stems from the fact that it is in effect pledging a reputational capital that it has built up over many years of performing similar services for numerous clients."48

The opposing school of thought maintains that auditors will forgo reputational capital in favor of certifying false or misleading financial statements if that is the best means by which to secure profits. "Despite the clear logic of the gatekeeper rationale, experience over the 1990s suggests that professional gatekeepers do acquiesce in managerial fraud, even though the apparent reputational losses seem to dwarf the gains to be made from the individual client."49 This could occur for unintentional or intentional reasons. Unintentionally, the auditor might make "unconsciously biased judgments" during the audit due to a relationship with management that could permit the release of an incorrect audit.

Matthew Barrett explains that "people are less willing to harm individuals that they know relative to strangers. People are even less willing to harm paying clients, or individuals they consider paying clients, with whom they enjoy ongoing relationships."50 Alternatively, auditors might intentionally certify misleading audits to maintain profitable relationships (such as the provision of non-audit consulting services) with the corporations they audit. "The auditor's business interests in fostering a long-term relationship with a client's management encourage auditors to render 'clean' audit opinions in an effort to retain any existing engagements and to secure future business," states Barrett. He notes that "auditors that issue anything but an unqualified opinion frequently get replaced."51

Three Participants in the Audit Process

Three separate actors contribute to the audit: (1) the internal audit committee, (2) the internal auditor, and (3) the external (or independent) auditor.

Audit Committee

The internal audit committee oversees the audit process for the public firm. "The audit committee provides, on behalf of the board of directors, oversight responsibility for the firm's financial-reporting process.... The audit committee selects the outside auditor and meets separately with senior financial management and with the external auditor. The committee also questions management, internal auditors, and external auditors to determine whether they are acting in the firm's best interests."52 The Securities & Exchange Commission (SEC) approved final corporate governance rules applicable to companies listed on the New York Stock Exchange (NYSE) and NASDAQ on November 4, 2003.53 The rules describe the purposes, responsibilities and composition requirements for internal audit committees. The NYSE rules mandate that the audit committee:

  • oversee the corporation's external auditor;
  • develop procedures for handling complaints regarding a company;
  • annually obtain and review reports of the external auditor;
  • discuss the corporation's audited quarterly and annual financial statements with management and the external auditor;
  • confer about the corporation's earnings press releases and financial earnings guidance provided to Wall Street analysts and rating agencies;
  • evaluate the corporation's risk assessment and risk management policies; and
  • establish hiring policies for employees or former employees of external auditors.

The NASDAQ rules add that the internal audit committee must review and approve all related-party transactions.

Members of the internal audit committee typically come from the board of directors. The Sarbanes-Oxley Act mandates that the audit committee include at least three members, all of whom are independent of the company.54 At least one member of the audit committee must be a "financial expert," who, as defined in Section 407, must have accounting and auditing experience.

The statute does not precisely define what constitutes accounting or financial management experience. Roman Weil, professor at the University of Chicago's Graduate School of Business, offered the following definition: "To be financially literate, every person on the audit committee should understand the transactions that require management to make important accounting judgments, the accounting issues management has to confront in explaining those transactions, the decisions management made and why, and the potential implications for financial reporting of management's choices.... You'd think it would be a basic requirement on these audit committees, but it's unbelievably scarce.... How can an audit committee meet its oversight if it doesn't understand—or think to ask about—these types of judgments, and the extent to which management has used its discretion to affect reported income?"55

Internal Auditor

The internal auditor provides management and the audit committee with an ongoing assessment of a company's accounting methods and results. Charles Elson, the director of the University of Delaware's Center for Corporate Governance, argues that the internal auditor should primarily report to the audit committee. "Internal audit, like external audit, needs to report ultimately not to management, but to the audit committee.... That's also why the audit committee should be composed solely of independent, equity-holding members, with no connection with management."56

The internal audit function can remain in-house or, alternatively, the internal audit committee can outsource the internal audit to an accounting firm. Section 201(a) of Sarbanes-Oxley permits the audit committee to outsource the internal audit to an external auditor, but not to the same accounting firm that is serving as the independent, external auditor. Prior to the passage of Sarbanes-Oxley, the same accounting firm could conduct both the internal and external audit functions for a corporation.

External Auditor

As required by law, a public company contracts with an external auditor to provide certification that management and internal auditors have not misled creditors and investors, and have followed GAAP in preparing financial statements. External auditors, in effect, perform the same function as internal auditors, assessing the financial reporting of a corporation. However, they also provide the additional outside check on the work of the internal auditor.

The requirement that a firm hire an outside auditor to certify its financial services dates from the 1930s, to the same legislation that created the SEC.57 The external auditor is the only professional whose services must be obtained, as a matter of law, by firms selling securities to the public.

Debates within the Auditing Profession

Sarbanes-Oxley, the SEC, and the stock exchanges have brought about major changes in the regulation of auditors since the Enron scandal. Several further reform steps are under debate within the profession. The following are among the major issues under consideration.

Outsourcing the Internal Audit to an External Auditor

Section 201(a)(5) of Sarbanes-Oxley specifically prohibits the external auditor from also serving as the outsourced internal auditor. A January 2003 SEC rule, effective May 6, 2003, declares that an external auditor compromises its "independence" if at any point during the audit period the outside firm performs internal audit or other prohibited non-audit services for the contracting public corporation. A discussion has arisen within the accounting field as to whether or not the law and the SEC should ever permit the outsourcing of an internal audit to any external audit firm, even when no apparent conflict of interest exists.

Proponents of outsourcing cite "improved services at lower costs" as the primary reason to permit outsourcing of the internal audit.58 External auditors presumably will have the most up-to-date expertise in auditing practice, as well as superior institutional knowledge and professional resources. These advantages may often enable external auditors to perform internal audits at a lower cost to the company than when the internal audit is performed by in-house staff. Moreover, outsourcing the internal audit permits management to concentrate on its primary task of directing the company, rather than focusing on accounting matters.

Some leaders in the field, however, support a ban on outsourcing internal audit work to an external auditor. They cite evidence that in-house auditors are more likely than external auditors to uncover fraud within the corporation. In a 1998 KPMG survey of executives from 5,000 large U.S. corporations, not-for-profit organizations and local governments, "respondents consistently rated internal auditors among the entities most likely to detect fraud from within their organizations, while external auditors were among the least likely. According to the survey, key factors in detecting fraud included customer and employee notification and anonymous letters. These factors might not be effective if someone such as a full-time internal auditor were not immediately available to receive such communications."59

Another survey found that external auditors were not as "proactive" as internal auditors in detecting fraud: "Most of the outsourced internal audit departments we encountered appeared to have lost their focus on adding value and improving company governance. The departments were often not proactive and failed to initiate change, thereby allowing their service to become less relevant to the organization."60

Opponents of outsourcing contend that external auditors simply do not understand the business of a corporation as well as an in-house audit department would, and, as a result, are less likely to detect fraud. Opponents also believe that over the long term, outsourcing will not save costs, given the concentration and limited price competition in the accounting industry.

Non-Financial Risk Management

A relatively new school of thought argues that auditors should expand their role to include non-financial risk management in addition to standard financial risk management. This school maintains that fraud does not arise from only from the manipulation of financial statements, but may appear in various types of non-financial reporting that encompass the entire culture of a corporation. "We as a profession must stand up for the cause of a strong external audit as the best way of both detecting fraud and instilling management and financial discipline. But this will not work unless we are prepared to expand the scope of the audit rather than just telling the wider public that they are wrong and do not understand its limitations. I believe that verification by auditors will be needed on management statements concerning internal controls; performance indicators of a company's health; vital non-financial indicators; risk management strategies and risk assessment; corporate governance practices; management discussion and analysis as part of the annual report; human capital data, staff turnover and investment in training and research and development.," writes Allen Blewitt, CEO of the Association of Chartered Certified Accountants (ACCA), the British equivalent of the AICPA.61

Dawn-Marie Driscoll, chair of the audit committee for Scudder Funds and executive fellow at the Center for Business Ethics at Bentley College, agrees: "The responsibility of audit committees has broadened beyond looking at financial results or, for that matter, financial controls, to including managing risk.... A key component for managing risk is managing the culture and the integrity of the organization."62

Auditor Independence

The Sarbanes-Oxley auditor independence provisions prohibit outside auditors from performing several types of non-audit services for their audit clients, including bookkeeping, financial information systems design and implementation, appraisals, actuarial services, internal audit services, management or human resources functions, legal and expert services unrelated to the audit, broker/dealer, investment adviser, or investment banking services, as well as any other service that the PCAOB determines to be impermissible.63 The need to strengthen auditor independence rules was one of the key conclusions drawn by congressional investigators into the post-Enron scandals:

[A]llowing the same firm to audit a company and provide consulting services for that company might tempt the firm to work with and please management in the audit function in order to assure itself further consulting work. Moreover, to the extent that some of the consulting work may involve setting up internal audit systems or even helping to structure transactions, the firm might end up auditing its own work, perhaps leading it to be either less critical or more trusting than it should be.64

However, the law continues to permit accounting firms to conduct certain non-audit services for their audit clients, provided that such services are approved in advance by the audit committee. The most important such service, in terms of accounting firms' revenues, is tax work. There is debate as to whether this practice compromises the independence of the external auditor.

In February 2003, the Joint Committee on Taxation published a staff study of Enron's tax practices and the role of financial institutions, including Arthur Andersen, in devising various tax shelters and transactions.65 Chairman Grassley described these transaction as "just a little bit short of racketeering."66 Chairman Grassley and Ranking Member Baucus subsequently wrote to the SEC asking whether auditors should be banned from providing tax services to their audit clients.

Another compromise of auditor independence may arise in spite of the Sarbanes-Oxley requirement that the outside auditor be hired by the audit committee. It has been argued that management ultimately will interject its own preferences into the hiring process because terms of the contract will require management's approval:

[Sarbanes-Oxley], the SEC, and the NYSE have sought to change the relationship between the auditor and client by giving the audit committee of a company's board of director's a more central role and relationship with the external auditors. We believe that this is a naïve hope and will result in further dashed expectations. With all the talk of having the audit committee 'hire' the auditor, no one has talked about how fee disputes will be settled, how scope questions will be answered, or how reporting and disclosure debates will be resolved. Corporate audit committees will turn to management for help in resolving such critical questions. The audit committee is a company-centric body that must work closely with company management. More responsibility on the audit committee might result in a few more company hands on the fiddle, but the tune will substantively remain the same. This needs to change.67

Others see a potential conflict between independence standards for audit committee members and the statutory mandate that the committee include a financial expert with auditing and accounting experience. Inevitably, a large number of these financial experts will be retired partners of the Big Four accounting firms, which perform most corporate audits.68 "Auditors and audit committees will therefore increasingly have to be on guard against the resulting risks of conflict of interest. More company directors are likely to have an intimate knowledge of how their audit firms work, have friends and contacts at the firm and a working knowledge of its audit processes. All of which means that, should they ever stoop to such levels, they will find it easier to hoodwink their auditor."69



Corporations hire legal counsel, both internal and external, to assure that the corporation remains in compliance with applicable laws and regulations in subject matters as diverse as corporation formation, creation of contracts, and securities filings. In addition to such transactional work, corporations also hire legal counsel for litigation purposes, i.e., (1) defending the corporation if it is sued civilly or criminally prosecuted, and (2) representing the corporation in civil suits it brings against others. The following section addresses the corporate governance and fraud detection/prevention role of attorneys as both inside and outside professionals.

What is the role of attorneys in preventing and detecting fraud? In order to answer this question, this section will look to state and federal regulations regarding attorney conduct as well as the profession's methods of self-regulation; civil malpractice suits and criminal prosecution of corporate counsel will also be addressed. Examples from case studies will be included where appropriate. Additionally, while corporate inside and outside attorneys are governed by the same rules, in-house corporate attorneys have a unique perspective due to their role inside the corporate organization and their reliance on a sole client.

Who Governs the Conduct of Lawyers?

Historically, attorneys have been a self-regulating profession, with state and local bar associations leading the way in promulgating ethical standards and the judiciary playing the lead enforcement role. At the national level, the American Bar Association (ABA) plays an important role in developing the Model Rules of Professional Conduct, which many state bar associations then adopt. With 400,000 members, the ABA is the largest voluntary professional association in the world, and ABA members represent about half of all lawyers practicing in the United States. The ABA was founded in 1878 at a time when most lawyers learned their trade by apprenticeship and no national code of legal ethics existed. Today, one of the 11 stated goals of the ABA is "to achieve the highest standards of professionalism, competence, and ethical conduct."70

The original Canons of Professional Ethics were adopted by the ABA in 1908, and although the canons were worded in an advisory manner, courts began enforcing the canons as if they were binding legal rules.71 The current ABA Model Rules serve as an example for states and have been adopted in at least 39 states. Although the Model Rules are theoretically designed to be adopted by states in its entirety, states are free to alter the ABA Model Rules as they wish. In 1997, the ABA began a five-year project to revise and examine the ABA Model Rules. Additionally, after the passage of the Sarbanes-Oxley Act of 2002 by Congress, the ABA Task Force on Corporate Responsibility recommended changes to Model Rule (MR) 1.13 of the code.72 Sarbanes-Oxley also mandated that the SEC promulgate new regulations regarding attorneys who practice before that federal agency.

The ABA may lead the way in devising model rules of ethical behavior, but it rests with state bar associations and courts to adopt and enforce those rules. Most states have mandatory bar associations which license all attorneys in the state and provide a system of professional discipline, the most drastic punishment of which is disbarment. Additionally, an injured client may sue his or her attorney for money damages in a traditional malpractice action which can be based on contract, tort, and fiduciary principles or can be based on civil statutes. Attorneys are also subject to criminal prosecution if they commit fraud or otherwise break state or federal laws in the course of their representation.73

So, who governs lawyers? The ABA, state bar associations (including disciplinary committees), the judiciary, civil lawsuits, state and federal criminal and civil laws, and government agency regulations. The issues of civil and criminal liability for attorneys and other corporate actors are addressed in other sections of this report. This section will focus on ethical rules, federal legislation, and agency regulations.

Key Issues


Historically, the attorneys who first promulgated the ABA ethical canons were litigators and as such their primary concern was maintaining the adversarial legal system. Paramount to this was preserving lawyer-client confidentiality.74 ABA Model Rule 1.6 has governed this issue of confidentiality, essentially barring attorneys from disclosing information without client consent unless it is to aid the lawyer in defending a malpractice suit, to ask advice in regard to following the model rules, or if the attorney reasonably believes his client is going to commit a criminal act that is likely to result in imminent death or substantial bodily harm.75 Thus, in regard to criminal activity by a client, financial fraud or crime would not be subject to disclosure by an attorney unless it would cause imminent death or certain substantial physical injury. Purely financial crimes are not violent in nature and would fall out of the purview of the original MR 1.6.

However, in August 2003, the ABA amended MR 1.6 in reaction to corporate scandals like Enron, WorldCom, and Tyco. The new MR 1.6 allows attorneys to disclose confidential client information in two new circumstances: 1.6(b)(2) to prevent the client from committing a crime or fraud that is reasonably certain to result in substantial injury to the financial interests or property of another and in furtherance of which the client has used or is using the lawyer's services, and 1.6(b)(3) to prevent, mitigate or rectify substantial injury to the financial interests or property of another that is reasonably certain to result or has resulted from the client's commission of a crime or fraud in furtherance of which the client has used the lawyer's services.76

Thus, the ABA has expanded the exception to total client confidentiality without consent to include not only substantial physical harm to a person but substantial harm to another's property or financial interests as well. If a client uses or has used an attorney's services to commit a fraud which has caused or will cause another substantial financial injury, the attorney may disclose client information without the client's consent. However, the new MR 1.6 does not require an attorney to disclose; it is still the attorney's choice whether to do so. However, before the rule was amended in 2003, an attorney could have been subject to disciplinary action or a malpractice lawsuit by a client if the attorney had disclosed information relating to a client's financial crime. The new rule opens the door for attorneys to disclose, but whether it is in the attorney's financial interest to do so remains an important question. If an attorney discloses a client's financial fraud under MR 1.6, he may have difficulty obtaining future business from corporate clients who may be concerned the attorney will disclose their confidences as well.

Diligent Representation

In addition to the duty of confidentiality, another important duty an attorney owes to a client is the duty of diligent representation. This duty is set forth in MR 1.3.77 If an outside counsel is aware that a corporation's practices may not be in compliance with the law, the duty of diligence should dictate that the attorney advise its client of the potential illegality of these matters. Additionally, if an outside firm is hired to investigate allegations of wrong-doing it should do so to the best of its ability. Of course, central to diligent representation of one's client is actually identifying one's client. The issue of "who is the client" can become very complicated for corporate attorneys, both inside and outside counsel. So, who is the client for a corporate attorney? The legal entity that is the corporation? The corporation's shareholders? The Board of Directors? Corporate officers or managers? Other corporate employees? This issue remains unclear under current ABA ethical rules and in actual practice.

Several issues related to diligence of representation are raised in regard to legal representation of Enron. One of Enron's main outside law firms, Vinson & Elkins, has relied upon their attorneys' lack of accounting knowledge as an excuse for not catching Enron's fraud. Certainly, corporate attorneys cannot be as skilled in the intricacies of accounting practices and maneuvers as professional accountants. But, in a post-Enron age, some have argued that corporate attorneys must develop better knowledge of accounting principles in order to adequately represent corporate clients.

However, a potential argument in defense of Vinson & Elkins is that Enron did not rely entirely on that firm for its outside legal representation. Enron farmed out its legal work to several outside firms, as a result of which V&E arguably may not have had a complete picture of Enron's fraudulent activities. "Vinson & Elkins' share of Enron's legal pie continued to shrink—to 20% of work Enron farmed out in 2001... But Vinson & Elkins remained the firm Enron went to first with its most sensitive projects...."78

Also, after Enron employee Sherron Watkins sent her famous whistleblower memo to Enron CEO Kenneth Lay alleging fraudulent accounting practices, Lay hired Vinson & Elkins to perform an independent investigation of Watkins' charges. The law firm accepted the task, even though V&E had represented Enron in many transactions, raising questions about the independence of their investigation. Enron General Counsel Jim Derrick approved the hiring of V&E to conduct the limited review, which might be seen as a lack of diligence by Derrick to his client, the corporation. Further, V&E's investigation of Watkins' claims concluded that no fraudulent acts had occurred. Considering the subsequent contrary findings of the Powers Report, the collapse of Enron, and the criminal indictments of Arthur Andersen (Enron's outside accounting firm) and several Enron executives, many have questioned the adequacy of the V&E investigation into the Watkins' memo; this calls into question the diligence of V&E's representation of Enron in this matter.79

Conflicts of Interest

Usually, outside law firms have such a diversified client base that they are not financially dependent upon one client. This was not the case with V&E and Enron. Enron was Vinson & Elkins' biggest client, pouring roughly $35.6 million into the firm's coffers in 2001, 7.8% of its revenue. It seems likely that V&E's ability to give independent, objective legal advice was affected by its desire to keep Enron as a client; V&E attorneys appear to have let some suspicious Enron practices slide. For example, V&E did not prevent Enron's board of directors from waiving conflict of interest rules regarding Chief Financial Officer Andrew Fastow's dealings with special purpose entities (SPEs) in which he was involved.80 Another conflict of interest issue is raised by V&E agreeing to conduct a supposedly independent review of the Sherron Watkins whistleblower memo, instead of insisting that Enron hire a law firm with no previous association with the firm.

Conflicts of interest also abounded for Enron's internal counsel. One example is provided by Enron attorney, Kristina Mordaunt, counsel to CFO Fastow. In 2000, Mordaunt received a return of $1 million on an investment of $5,800 in an Enron-related SPE after a period of just a few months.81 It seems unlikely Mordaunt could provide Fastow with independent legal advice about the permissibility of Enron's many SPEs when she was being personally enriched by an investment in them.

Withdrawal and Disclosure

Recent changes have given corporate attorneys more freedom to report large-scale financial frauds by their clients. What effect these changes will ultimately have on attorney behavior remains to be seen. The American Bar Association recently amended MR 1.13, "Organization as client." This rule previously allowed attorneys for an organization (including attorneys for a corporation) who discovered that an officer or employee of the organization was involved in illegal action or planning to engage in illegal action to report the action to the highest authority that can act for the organization (generally the chairman of the board of directors or the CEO). If the lawyer felt his concerns were not being addressed, his only option was to withdraw from representation. He was not authorized to disclose the illegal action to anyone outside the organization (unless the action was one that would result in substantial physical harm under MR 1.6 discussed above). For inside counsel, withdrawal from representation of one's client means resigning one's job.

However, the amended MR 1.13 allows an attorney to disclose confidential client information if the highest authority in the organization does not act in a timely manner and the lawyer believes the violation is reasonably certain to result in substantial injury to the organization. Again, the lawyer has the choice whether or not to disclose information relating to such a violation; disclosure is not mandatory. Any disclosure that meets the criteria of the new MR 1.13 is exempted from the confidentiality requirements of the new MR 1.6. Attorney withdrawal provisions are discussed further by ABA MR 1.16.

MR 1.13 also notes that "an organizational client is a legal entity, but it cannot act except through its officers, directors, shareholders, and other constituents. Officers, directors, employees, and shareholders are the constituents of the corporate organizational client." So, at least in theory, the client of a corporate attorney is the corporation itself, considered an independent entity of its own under the law. But ambiguity still remains about what this means for corporate attorneys trying to balance obligations and dealings with shareholders, directors, officers, and employees.

The Sarbanes-Oxley Act mandated that the SEC make changes in its rules regarding attorneys who practice before the SEC. New rules (17 CFR Part 205) were adopted in August of 2003, incorporating some provisions similar to the ABA model rule: an attorney who discovers evidence of fraud is required to report "up the ladder" within the client corporation. If no remedial action is taken by the client, the SEC rules as proposed would have required the attorney to make a "noisy withdrawal" including these steps:

  • withdraw forthwith from representing the issuer, indicating that the withdrawal is based on professional considerations;
  • within one business day of withdrawing, give written notice to the Commission of the attorney's withdrawal, indicating that the withdrawal was based on professional considerations; and
  • promptly disaffirm to the Commission any opinion, document, affirmation, representation, characterization, or the like in a document filed with or submitted to the Commission, or incorporated into such a document, that the attorney has prepared or assisted in preparing and that the attorney reasonably believes is or may be materially false or misleading.

The "noisy withdrawal" provisions were extremely controversial, and were not included in the final rule. The SEC release accompanying the attorney rules stated:

Section 307 of the Sarbanes-Oxley Act of 2002 requires the Commission to prescribe minimum standards of professional conduct for attorneys appearing and practicing before the Commission in any way in the representation of issuers. The standards must include a rule requiring an attorney to report evidence of a material violation of securities laws or breach of fiduciary duty or similar violation by the issuer up-the-ladder within the company to the chief legal counsel or the chief executive officer of the company (or the equivalent thereof); and, if they do not respond appropriately to the evidence, requiring the attorney to report the evidence to the audit committee, another committee of independent directors, or the full board of directors. Proposed Part 205 responds to this directive and is intended to protect investors and increase their confidence in public companies by ensuring that attorneys who work for those companies respond appropriately to evidence of material misconduct. We are still considering the "noisy withdrawal" provisions of our original proposal under section 307; in a related proposing release we discuss this part of the original proposal and seek comment on additional alternatives.82

Many attorneys opposed the proposed "noisy withdrawal" regulations because they would force corporate attorneys to inform the SEC when they withdraw from representing a client under circumstances of MR 1.13. This way, the SEC would be alerted to possible fraud in a company. What disincentives exist for attorneys regarding "noisy withdrawal"? This rule would in effect force disclosure of large-scale corporate client fraud by attorneys (whereas the ABA rules make disclosure voluntary). Many corporate attorneys are concerned about losing current and future clients if they withdraw under the SEC rules. Many large corporate law firms have commented negatively on the "noisy withdrawal" rule, claiming that it disturbs the delicate but necessary relationship of trust between a client and an attorney. If adopted, the "noisy withdrawal" rule would give the SEC a powerful tool in its investigations of fraudulent securities filings, but no such rule has been formally proposed since the adoption of the August 2003 attorney conduct rules.


The role of attorneys as internal and external gatekeepers against corporate fraud is an uncertain one. Historically, an attorney's only avenue if he suspected corporate fraud was to report his suspicions up the corporate ladder or to withdraw from representation of his client. Recent changes to the ABA Model Rules of Professional Conduct have cleared prior hurdles to attorney disclosure of confidential client information relating to financial frauds. However, the revised ABA Model Rules merely allow disclosure of financial crimes to the appropriate authorities; the rules do not require such disclosure. Further, fear of job termination or damage to professional reputation is likely to dissuade many attorneys from voluntarily reporting client financial fraud. Additionally, the attorney rules which were adopted by the SEC pursuant to Sarbanes-Oxley merely direct attorneys to report possible securities violations or breaches of fiduciary duty up the corporate ladder. The SEC rule does not address fraud prevention in a corporation where officers, managers, and even boards of directors may be involved in fraud themselves. In such a situation, reporting up the corporate ladder will have no effect.

The proposed but un-adopted SEC "noisy withdrawal" rule would address fraud prevention in corporations with corrupt management or boards by requiring attorneys to alert the SEC if withdrawing from representation due to unaddressed allegations of financial fraud. But, the outpouring of negative feedback from corporate law firms in response to the proposed rule may make final adoption by the SEC unlikely. The controversy caused by the proposed "noisy withdrawal" provision shows how problematic casting attorneys as corporate whistleblowers or as gatekeepers against corporate fraud may be. At the heart of the issue is the strong tradition of attorney-client confidentiality in U.S. legal practice. But, examples of corrupt corporations like Enron illustrate the tragedy that can befall a corporate lawyer's true client, the corporation itself, when attorneys and other professionals act in the interest of dishonest corporate officers and neglect the interests of the corporation and its shareholders.


Companies possess another potentially powerful internal barrier to fraud—employees. It is a great advantage to anti-fraud efforts if employees feel a responsibility to report fraud within a corporation. Sociologists have identified a number of characteristics that make a business environment, or corporate culture, more conducive to whistleblowing. Employees must trust that they will be protected from reprisals and that their reports will be taken seriously and acted upon.

Complicity and Pressure to Comply

Because the very nature of a large organization tends to diffuse responsibility, individuals in the organization can become removed from any perception of an individual component of moral responsibility. They may come to feel that their personal responsibility is extremely limited and that something much bigger is at work. The perceived degree of complicity in unethical behavior is thus reduced as it is thought that no individual bears responsibility for the corporate decision.

Individuals in organizations are sometimes subjected to various pressures to comply with ethically questionable decisions. Corporate wrongdoers naturally do not wish to have their actions exposed. Individuals in positions of authority can utilize direct threats such as termination, denied promotions, salary stagnation, undesirable transfer, etc. More subtle pressure can also be used, such as reminders that performance reviews are imminent or that being a "team player" is an important factor. Compensation packages for many depend on performance measures that would be negatively affected by a revelation of wrongdoing. Finally, regardless of its merit, an organization has a tendency to punish the bearer of bad news. Individuals are thus reluctant to assume this role.

Sherron Watkins, who sent a letter to Enron's CEO detailing her fears of imminent accounting scandals, was not the only Enron employee who questioned the company's business and accounting practices. Objections arose from the legal department, from accounting, and even from within Arthur Andersen.83 Members of Enron's legal counsel were forced to negotiate with their superior, Andrew Fastow, on behalf of Enron while Fastow represented LJM and LJM2, off-the-books partnerships that generated great profits for Fastow and others while allowing Enron to manipulate its accounting statements.84 When employees expressed concern, they were often told to be more of a team player, or even transferred to another division. Enron was totally focused on the future and on the new deals it could bring; its corporate culture was intolerant of any restraints on risk-taking or "pushing the envelope." Mimi Swartz writes, "... Being ordinary was the kiss of death, and being a star—rich, smart, and free—was everything."85

Current Legal Whistleblower Protection

Since Enron, whistleblower protections have been enhanced at the federal and state levels. Sarbanes-Oxley expands the protections for any employee who becomes an informant in a federal investigation against fraud. Sections 806 and 1107 issue standard whistleblower protections and offer remedies for those who feel they have been wrongly discharged as a result of their participation in federal proceedings.

However, Sarbanes-Oxley is limited to publicly traded companies under the purview of the SEC. Employees of privately held companies and state agencies are not protected by these laws. State constitutions and legislatures do not offer uniform whistleblower protection. For example, the Texas Supreme Court ruled that the state constitution does protect state employees, but that those protections do not extend to private companies. After Sherron Watkins issued her second memo to Kenneth Lay, a member of Enron legal counsel called management's attention to her lack of legal recourse, though it was noted that she could pursue a so-called Sabine Pilot suit, which, even if found baseless, could be a blow to the public image of the company.86

Government Regulators

The recent wave of corporate scandals, combined with dramatic changes in technology and financial markets, has renewed focus on the role of government agencies in detecting and preventing corporate fraud. Aside from the theoretical and political debates over the appropriate role of government in regulating private enterprise, there are many disagreements over how regulators should do their job once they have been vested with regulatory authority. In basic terms, the objective of government regulation is to change the behavior of private individuals and corporations in order to protect consumers, competitors, suppliers, distributors, and workers.87 Once Congress has crafted legislation and vested an agency with regulatory authority, Congress and the President also decide the levels of resources to appropriate in order that agencies have the ability to carry out their legal mandate. This section examines some of the critical issues related to the effective detection and prevention of fraud by federal regulatory agencies including regulatory agency missions, budgets, and jurisdiction.

Overview of Problems and Regulatory Failures

When studying Enron and other recent corporate scandals, it is notable how small a role federal agencies such as the Securities and Exchange Commission (SEC), the Federal Energy Regulatory Commission (FERC), the Commodity Futures Trading Commission (CFTC) and the Department of Justice (DOJ) played in detecting fraud. These government agencies have been criticized for lacking the ability, the capability, and/or the will to prevent the corporate scandals that emerged beginning in 2001.

Critics of current regulatory structures in the United States have pointed to apparent problems in agency mission; authority and jurisdiction; the integration of industry participants into agencies (also known as regulatory capture); and the capacity of agencies to carry out their functions. These problems are discussed below:

Agency's Mission is Too Narrow or Poorly Understood

In the last decade, the federal government has made an effort to link agency budgets to concrete results through the Government Performance and Results Act (GPRA) of 1993 (P.L. 103-62). GPRA is a tool intended to help regulatory agencies define their mission, and then link budget requests to concrete outcomes.

While GPRA can be used to focus regulators' attention on fraud detection and prevention through mission definition, budget requests, and jurisdictional clarification, GPRA has been criticized for its failure to identify extreme risks, especially risks that would be considered inter-agency matters. In their strategic plans written between 1993 and 2001, neither the SEC nor FERC identified fraud as a material risk to the financial markets and the financial industry.

The DOJ also failed to identify corporate fraud as a high-priority problem. Several branches of the DOJ are charged with investigating and prosecuting white-collar crimes. These branches include the Fraud Section of the Criminal Division, which directs the federal law enforcement effort against fraud and white-collar crime; the Tax Division, which handles or supervises civil and criminal matters that arise under the internal revenue laws; the FBI; and the Office of the U.S. Attorney, which prosecutes criminal cases brought by the federal government. In the DOJ's strategic plan for fiscal years 2001-2006, (written before the discovery of Enron's fraudulent activities), DOJ's stated goals included the prosecution of white-collar crime, but the agency did not identify corporate fraud/white-collar crime as one of their "critical management issues" requiring extra attention and funding.88

Following the corporate scandals, DOJ began to refocus its mission in order to devote more attention to corporate fraud. In 2002, the White House created a partnership among federal agencies with the goal of better discovering and prosecuting corporate fraud. This new entity is called the President's Corporate Fraud Task Force, and it is housed within the Office of the Deputy Attorney General of the DOJ. Task Force members include the Director of the Federal Bureau of Investigation, the Assistant Attorney General-Criminal Division, the Assistant Attorney General-Tax Division, and various U.S. Attorneys. The heads of several federal agencies, including the SEC and the CFTC, are also members of the Task Force.89

Additionally, the DOJ established the Enron Task Force (ETF) in January 2002 to promote interagency cooperation in investigating and prosecuting criminal matters relating to the collapse of Enron. The ETF includes prosecutors from across the country, FBI agents (many with accounting and/or securities industry backgrounds), and agents from the IRS. The ETF is coordinating its investigative efforts with the SEC, the United States Attorney's Office for the Northern District of California, the CFTC, and the National Association of Securities Dealers (NASD), as well as numerous other government agencies, including FERC, the Department of Labor, and the Office of the United States Trustee.90 A number of Enron's top managers, as well as several mid-level employees, have been indicted and/or convicted of various criminal offenses.91

Lack of Authority and/or Jurisdiction

Although the mission of regulatory bodies would seem to include the prevention and detection of fraud, some regulatory agencies may lack the authority or jurisdiction to carry out that mission. Significant areas of financial markets are not currently regulated, such as foreign exchange trading, government bond markets, hedge fund investing, the private securities market, and over-the-counter derivatives. Federal regulation of these markets is limited because small public investors (who are presumed to be in need of government protection) do not participate—instead, all traders in the market are wealthy, sophisticated, and/or professional and are presumed to have the incentive and the capacity to protect themselves from fraud.

In general, these unregulated markets run smoothly, and Congress and regulators are wary of imposing government regulation that would raise costs for market participants without any clear public benefit. When scandals occur, however, the normal reaction by policy makers is to consider more stringent federal oversight. This happened in the 1990s in the Treasury market after Salomon Brothers cornered a bond auction, and in the municipal securities market after several episodes of default or near-default made it clear that investors needed more information about the bond issuers. In the wake of Enron, there were legislative proposals to impose disclosure requirements and other regulations on dealers in unregulated energy derivatives.92

In recent decades, U.S. financial markets have been far from static; new instruments and trading markets continue to emerge, often in unregulated sectors. Regulatory agencies may lack clear authority to pursue fraud in these new markets, or find that they are able to prosecute fraud only after the fact. The disclosure and reporting requirements that would allow them to detect some cases of fraud in advance are absent. Recently, the SEC has proposed a rule that would require hedge funds to register as investment advisers, on the grounds that hedge funds have grown so popular that they affect regulated securities markets, and that the expanding universe of hedge fund customers raises investor protection issues.93 The proposed rule was opposed by two of the five commissioners; many others believe that the costs to market participants will outweigh the benefits of improvements in the SEC's antifraud capability.

There is a trade-off between free, unregulated markets, where some fraud will occur, and government regulation, which offers protection to market participants but may hinder financial innovation. When massive fraud occurs, policy makers adjust their cost-benefit calculations, and new legislation or regulation comes into being. In rarer cases, when a proscribed activity has not been observed to cause trouble over a long period, regulators may move to repeal rules that were originally thought necessary to prevent fraud or manipulation.94

Turf wars among regulatory agencies may also result in less potent regulatory action. Lack of coordination among regulatory agencies holding shared jurisdiction over a specific industry often results in duplicate efforts or regulatory gaps. This, in turn, may result in less effective enforcement programs. Some regulators are unsure when it is appropriate to turn over investigations of fraud activity to the Department of Justice. In the case of Enron's involvement in the California energy crisis of 2001, Senate investigators found that federal energy regulators received early indications of both Enron's power market manipulations and its financial weakness, but failed to intervene, in part because of confusion over legal jurisdiction.95

The problem of unclear regulatory jurisdiction has been much studied by Congress, regulators, and academics. A common concern is that the current U.S. regulatory structure, where a dozen or so agencies oversee different financial industries, does not adapt well to changes in financial markets, where industry borders are porous and innovation is constant.96 One solution is to consolidate agencies into a single regulator, on the model of the Japanese Ministry of Finance or the British Securities and Investments Board. Some argue, however, that what critics of the present system call regulatory balkanization is really beneficial regulatory competition, and that jurisdictional constraints reduce the harmful impact on innovation of the "dead hand" of government intervention in free markets.

In their report on FERC and Enron, the staff of the Senate Governmental Affairs Committee claimed that Enron exploited regulatory gaps among FERC, SEC and the CFTC. Enron's ploys succeeded, in part, because FERC failed to communicate with the other agencies that regulated some aspects of the quickly changing power market. "Unfortunately, it isn't enough to simply set up the market rules; to fulfill its mission, FERC must understand what is actually happening in the market."97

With energy markets in the midst of transformation driven by deregulation and new forms of derivatives trading, no agency was well-positioned to prevent fraud. The CFTC had full jurisdiction over futures exchange trading, but very limited authority over (or information about) over-the-counter derivatives. CFTC's authority over fraud and manipulation in physical commodity markets (called cash, or "spot" markets) is unclear: the statutes and legislative histories provide little guidance, and the legal precedents are few.98 FERC, on the other hand, was created as a rate-setting agency in the days of controlled prices; it was very slow to establish regulatory oversight over deregulated energy markets. Indeed, its statutory mandate to do so was not clear.

Several federal agencies have now brought charges against Enron and other firms in connection with the manipulation of natural gas and electricity prices. But as the California electricity and Enron crises unfolded, no agency was in a position to monitor trading in a comprehensive or timely fashion. When markets are in a state of rapid evolution, it is of course very difficult for regulators to set up a regulatory scheme that will not quickly become outdated and cumbersome, or that will not force traders to adopt market structures that may be less than optimal. It is a challenge for congressional oversight to ensure that regulators do not move too soon, and risk choking off economically beneficial market innovation, or wait too long, and let opportunities for serious fraud arise.

Regulatory Capture

Even if regulators do possess the authority and jurisdiction necessary to regulate an industry, they may fail to act effectively because the values and priorities of the industry participants have become overly integrated into the values and priorities of the regulatory agency. This phenomenon, known as "regulatory capture," may occur over the course of many years, as a regulatory agency receives less and less funding to perform duties mandated by the law. As the regulatory bodies lose enforcement power, industry gains more control over the regulatory agenda. Ultimately, industry could garner so much power as to serve as the de facto leaders of the agency, rather than the formal regulators.

Laffont and Tirole provide a general overview of regulatory capture:

Interest groups try to capture government decision-making because it affects the industry and consumers' welfare. Interest groups have means to influence public decision makers: (a) monetary bribes are feasible, although not common. (b) More pervasive is the hoped-for future employment for commissioners and agency staff with the regulated firms or with public-interest law firms. (c) Personal relationships provide incentives for government officials to treat their industry partners kindly. (d) The industry may cater to the agency's desire for tranquillity by refraining from criticizing publicly the agency's management. (e) Last, but not least, the industry can also operate indirect transfers through a few key elected officials who have influence over the agency.99

A regulatory agency has a natural incentive to see its industry thrive: if the industry shrinks, so may the regulator. As a consequence, agencies may shy away from strict, letter-of-the-law oversight if there will be a significant negative impact on firms in the industry. The savings and loan debacle of the 1980s was an example of this; rather than swiftly closing down insolvent institutions, regulators (and legislators) sought to provide the industry with breathing space in hope of a turnaround. In the long run, this exacerbated the problem and raised the ultimate cost to taxpayers.

When agencies engage in turf wars, they may—consciously or not—act as proxies for their respective industries. In the 1980s, when both stock and futures exchanges created instruments that let investors buy and sell stock indexes, the CFTC and the SEC fought for years over jurisdiction. Each agency argued that the public interest would be best served if it regulated the new products. The deadlock spilled over into Congress, which was unable to pass a CFTC reauthorization bill until three years after the CFTC's 1989 "sunset." To outsiders, the debate over who should regulate stock index products seemed arcane and of little real consequence, but to the industries, large sums of money were at stake. If index products were judged to be securities, they would be traded on stock exchanges; if they were considered futures, they could be traded only on CFTC-regulated futures exchanges.

System Capacity

During times of tight fiscal policy, or when the public and legislative mood favors the idea that "less government is better," regulatory agencies may face long-term budget constraints or hiring freezes. In this situation, when regulatory agencies make decisions about how to allocate scarce resources, one result may be a cutback in anti-fraud activities. Particularly vulnerable is an activity colloquially known as "scouting," referring to investigations that arise within the agency itself, rather than in response to complaints from investors or other market participants. An agency that considers itself underfunded will tend to focus on highly visible cases, where Congress or the media is demanding answers, and will be less likely to launch expensive probes into areas where the staff believes that abuses may be occurring out of the public eye. Ideally, the scouting function is one of the most valuable an agency can perform, if it results in detecting and preventing fraud in the first place.

The SEC is one of the more notable examples of a regulatory agency hampered by inadequate system capacity. A GAO report released in March of 2002 found that around 1996, the SEC's workload began to increase much more quickly than the agency's staffing levels. From 1991 to 2000, the number of corporate filings received by the agency increased by 59%, while staff of the agency grew by only 29%.100 As a result, only about 8% of overall filings were reviewed at all by 2000. SEC's limited staff resources, high turnover, and relatively low pay, the GAO said, had "challenged SEC's ability to protect investors and maintain the integrity of securities markets."101 Staff often lacked the time or expertise to adequately review filings and applications.

Throughout the 1990s, SEC chairmen regularly asked appropriators for more funds, focusing particularly on the difficulty of retaining qualified personnel who could easily command higher salaries on Wall Street. In 2001, Congress approved a "pay parity" plan that authorized the SEC to pay certain employees at the level of federal bank examiners, whose salaries exceed the normal civil service scales.102 However, the money to fund pay parity was not immediately appropriated.

The SEC's budget picture changed dramatically with the Enron scandals. In January 2002, the Bush Administration requested $423 million for the SEC for FY2003. The Sarbanes-Oxley Act—passed in June 2002—authorized appropriations of $775 million. For FY2005, Congress has set the SEC's budget at $913 million, the amount requested by the Administration, representing a 116% increase in three years.


The range of problems and limitations outlined above suggests that the regulatory failure to prevent and detect fraud in recent years cannot be blamed on any one particular policy, agency, individual, or political party. Rather, several system-wide problems combined to prevent regulators from taking appropriate and timely action to protect the public from fraudulent and deceptive business practices. Future attempts to reform regulatory agencies may prove to be more effective by taking the full range of current and potential problems into account, rather than looking for a "silver bullet" to prevent a future Enron or California energy crisis from hurting the public once again.

Stock Analysts: Conflict of Interest Problems

Investors have traditionally looked to research analysts employed by investment banks to help decide which stocks to buy (or sell). For investment banking firms in the business of selling securities to the public, the temptation to use analyst reports as a sales tool is clearly a potential source of conflicts of interest. Since the 1960s, SEC regulations have required firms to enforce a separation between investment bankers and analysts to maintain the objectivity of analysts. These regulations became known as the "Chinese Wall" because they were meant to create a barrier as effective as the Great Wall of China between the two operations.103 Chinese Wall arrangements limited contacts between bankers and analysts; most large securities firms made sure that their investment banking and research departments were located on different floors in company headquarters.

In the wake of the collapse of Internet and other technology stocks, and the discoveries of control fraud at Enron and other prominent companies in 2001, serious questions were raised about analyst objectivity. Not only did analysts fail to see the trouble ahead at many firms, they continued to give stocks a "buy" rating even after the issuing corporation had been publicly linked to scandal.104

New York Attorney General Eliot Spitzer launched an investigation into analyst conduct at New York investment banks. Spitzer took advantage of New York's seldom-used Martin Act, which gives the attorney general broad authority to go after brokers who promote stocks "beyond reasonable expectations or unwarranted by existing circumstances." In April 2002, Spitzer filed an affidavit in New York state court alleging that stock analysts from Merrill Lynch issued positive research reports on technology companies whose stock Merrill was selling, even though the analysts' private opinion of the firms' prospect was strongly negative. To support his charges, Spitzer released internal e-mails by Merrill analysts, including Henry Blodgett, a tech-stock analyst who became a media star during the late 1990's for his bullish predictions. A company that received top ratings in published research might be described in-house as "a piece of junk" or worse. One analyst worried that regular investors "are losing their retirement" because of misleading advice, but went along with the game.105

Soon after Spitzer's charges against Merrill Lynch were made public, the SEC launched a formal inquiry into potential conflicts of interest facing Wall Street analysts. Several states also joined Spitzer and the SEC in an expanded investigation of Wall Street firms. The investigations resulted in a global settlement, involving a dozen of the largest investment banking firms, besides Merrill Lynch. Under the terms of the settlement, the firms agreed to pay fines totaling about $1.4 billion, to change their analyst compensation practices, to make new disclosures in analyst reports, and to institute other reforms.

To address analyst conflicts of interest, Title V of the Sarbanes-Oxley Act directed the SEC to adopt new rules to restrict the prepublication clearance of research or recommendations by investment bankers not directly responsible for investment research, limit the supervision and compensatory evaluation of research personnel to officials not engaged in investment activities, and protect securities analysts from retaliation or threats of retaliation by investment banking staff because of unfavorable research reports. The act specified that the rules must also require a stock analyst to disclose the extent to which he owns stock being discussed, whether he or his employer has received any income from the company whose stock is being discussed, whether his employer has had any business dealings within the past year with the company, and whether the analyst's compensation was tied to investment banking revenue.

In February 2003, the SEC adopted Regulation Analyst Certification ("Regulation AC").106 Regulation AC requires that brokers, dealers, and certain persons associated with a broker or dealer include in research reports certifications by the research analyst that the views expressed in the report accurately reflect his or her personal views, and disclose whether or not the analyst received compensation or other payments in connection with his or her specific recommendations or views. Broker-dealers would also be required to obtain periodic certifications by research analysts in connection with the analyst's public appearances.

A 2004 study finds that the settlement and SEC reforms have had a measurable effect on analyst recommendations. Kadan, Wang, and Zach report that while analysts employed by investment banks still tend to be more optimistic than independent analysts, the difference is significantly less marked than before the reforms.107 While analyst bias probably played a very minor role in the broad scheme of corporate scandals and stock market boom-and-bust, the issue illustrates how abusive practices can persist as an "open secret" among market participants. The fact that Spitzer, with his small staff, uncovered crooked practices that the SEC had apparently failed to notice raised questions about whether the federal agency had become too accommodating of the securities industry. Was the SEC's lack of aggressive action the result of the hyperbolical market climate of the 1990s, when stocks that traditional valuation models would have scorned continued to soar year after year? Or does it reflect a more basic problem that regulators face: by focusing on individual acts of egregious misbehavior, they may miss systemic problems "hidden in plain sight" that gradually evolve into business as usual.

Criminal Justice and White-Collar Crime

Criminal prosecutions related to corporate fraud108 exert considerable fascination, based partly on puzzlement. Why do corporate managers, already well-compensated, seek ill-gotten gains that put their reputations, families, and social positions at risk?

Edwin Sutherland coined the term "white-collar crime" in a 1939 speech he gave to the American Sociological Society. He found in his research that crime could not always be associated with poverty, dysfunctional family life, or mental illness because these factors did not explain the many large privately owned companies that participated in criminal activity. Sutherland defined white-collar crime as "a crime committed by a person of respectability and high social status in the course of his occupation."109 The combination of wealth, respectability and social status creates a high hurdle for a prosecutor seeking to bring this type of criminal to justice.

Theories and Definitions of White Collar Crime

Organized Crime vs. White-Collar Crime

Some researchers and government officials argue that white-collar crime is a form of organized crime. In 1998, the Solicitor General of Canada suggested the following definition of organized crime:

Economically motivated illicit activity of two or more individuals, whether formally or informally organized, where the negative impact of said activity could be considered significant from an economic, social, violence generation, health and safety and/or environmental perspective.110

This definition fits the concept of corporate fraud in several ways. Additional factors not found in this definition include the on-going nature of the criminal activity, the conspiracy of the individuals involved, and the potential to use corruption as a means.

Other definitions distinguish organized crime from white-collar crime by focusing on the non-violent nature of the latter. For example:

Non-violent crime for financial gain committed by means of deception by persons whose occupation status is entrepreneurial, professional or semi-professional and utilizing their special occupational skills and opportunities; also, non-violent crime for financial gain utilizing deception and committed by anyone having special technical and professional knowledge of business and government, irrespective of the person's occupation.111

White-collar crime is defined as a subset of organized crime, characterized not by violence, but by criminal acts related to the perpetrators' professional skills and occupations. In the context of corporate fraud, it generally refers to a pattern of deceitful acts, not a single, isolated transgression.

Moral Hazard vs. Criminal Intent

Moral hazard appears in financial transactions when one of the parties has an incentive to change its risk-taking behavior in a way that is not economically efficient, or optimal. Another way to put it is that the risk/reward calculus is distorted because gains from taking risks will accrue to one party, while another party (usually the government) will bear the losses. The classic example is deposit insurance: if bank customers are shielded from loss, bank managers may take imprudent risks, since the costs of failure will be borne by others. Moral hazard—in the form of a government safety net—has a prominent explanatory role in the savings and loan crisis of the 1990s.112

Questions of moral hazard are often associated with International Monetary Fund (IMF) interventions. Do these create expectations of a bailout that makes crisis more likely to occur?113

Excessive risk-taking due to moral hazard is not necessarily criminal, but moral hazard is frequently cited as a factor in corporate fraud cases. How do we distinguish between moral hazard and criminal intent? According to Black et al, risk-taking is activity that stays within the boundary of the law and in general is designed to increase profits or garner sufficient income to maintain solvency. White-collar crimes are acts committed by persons who knowingly and willfully breach their "fiduciary duty of loyalty."114


In order to deter a criminal, one must be able to detect the vulnerability in the system that is attractive to criminal activity. A key weakness in the fight against white-collar crime is the infrequency of prosecution. Because of their complexity, white-collar crimes are often difficult to detect and prosecute. Complex cases may involve extensive and convoluted paper trails, complex financial or accounting maneuvers, money laundering, and/or tiers of participants who may not know what the others are doing (and not all of whom may have criminal intent). Compounding these difficulties is the recent allocation of investigatory resources to anti-terrorism programs. Many investigators with experience in tracking the complicated financial schemes of white-collar crime are now devoted to tracking the finances of terrorist groups. As corporate structures becomes increasing complex and geographically diffuse, agencies are often faced with problems relating to jurisdiction.

Another weakness in deterrence is that white-collar criminals tend to have access to extensive legal resources. This makes successful prosecution more costly and less likely. The incentive and advancement structures for most prosecutorial agencies place emphasis on success rates and "efficient" allocation of resources. In those circumstances, only crimes likely to be prosecuted successfully with a minimum of cost are likely to be referred for action. Given the obstacles to successful prosecution, agencies are often reluctant to take legal action even after white-collar crimes have been uncovered and perpetrators have been identified.

White-collar criminals are thought to be less averse to risk, a state by itself that makes deterrence challenging. White-collar criminals tend not to have criminal records, and are often described by criminologists as high status, respectable criminals. If a person intent on committing fraud knows there are few obstacles and consequences to a scheme, the only thing preventing this behavior is the individual's own conscience. Additionally, in the realm of computer and Internet fraud activity, criminals have the advantage of anonymity, allowing frauds to continue with little deterrence and a low probability of detection.

Another possible reason why a person would not be averse to risk has a sociological explanation. When a company employs a person, their perception of identity now includes their membership in the organization. A person integrates a sense of self-worth into their identification as an employee. People are assumed to be motivated to secure and maintain identities that help them gain social approval from meaningful others and inclusion in meaningful groups. The goal of adopting certain organizational behavior then is to build and maintain valued business relationships. If a person chooses to deviate from what is accepted "normal" behavior for that organization, the person risks isolation and ostracism. But once the "deviant" behavior becomes normal for daily operations of the company, then the group-accepted view of deviant behavior is that which is a threat to the organization's bottom line. Hence, whistleblowers acting for the societal good are considered deviant by their co-workers.

Theory of Prosecution

In a 2004 lecture, investigator Sol Wisenberg stated that prosecution is a growth industry which is a "no lose" proposition for politicians seeking elected office.115 The public will always vote for someone they believe will take a tough stance against crime in its varied forms. However, the growth in prosecutions continues to be in the area of illegal drug activity. According to Wisenberg, white-collar crime has not been an area of growth. For the average prosecutor there is limited advancement unless that person can show a high rate of success in the courtroom. Prosecuting white-collar crimes, as noted above, is difficult and uncertain.

An additional problem with prosecution is the increasing reliance on the federal sentencing guidelines, which shifted the power to set punishment away from judges and towards prosecutors. The judiciary authority and power to set sentences was inherited through English common law, and supported by Supreme Court decisions over the past two centuries. In a judge's hands the sentence could range from too light for serious offenses, to too burdensome for minor infractions. Typically, white-collar criminals received very light sentences due to their higher social status. Congress sought to rectify this imbalance with amendments to the guidelines to more narrowly define the level of punishment a judge could administer. The outcome was to shift the discretion towards prosecutors. This situation righted the disparity in sentencing, but reduced transparency in the decision-making process. The government's prosecution and sentencing strategies are often worked out long before the prosecutors enter the courtroom.

Are White-Collar Crimes Victimless?

During the Reagan Administration, Attorney General William F. Smith stated that the administration's policy on crime was set by a priority to address violence first, and white-collar crime last. This priority has been modified during subsequent administrations, but white-collar crime is stills ranked lower, even though DOJ identifies more victims of white-collar crime than of violent crime. In 2000, the Office for Victims of Crime stated that according to the National Institute of Justice approximately 24 million persons become victims of fraud each year. By contrast, the Bureau of Justice Statistics reported that in 2000 there were 919,387 felony sentences handed down in state courts, but that only 82,077 of these offenses were identified as fraud. Does this mean that just over 82,000 people victimized 24 million people, or are many fraud cases not prosecuted? There is no way to tell given the current state of statistical reporting and research.

Economic Implications

By all accounts, the cost impact of white-collar crime is large. It has ballooned because of the relatively small chance of getting caught, the investigation and expense involved in bringing one case of fraud to justice, the basic trust most victims have in the transaction process, and the victims' belief that regulatory agencies are protecting them.

In fiscal 2003, the FBI received a total of $4.3 billion, including $540.3 million in net program increases to enhance Counter-Terrorism, Counterintelligence, Cybercrime, Information Technology, Security, Forensics, Training, and Criminal Programs. Also, the National White Collar Crime Center (a DOJ program) reported that between January 1989 and June 1995 (6.5 yrs) FBI actions recovered $383 million in fines, restitution, and recovered property, and referred $330 million in tax fraud cases to the Internal Revenue Service (IRS). In FY2001, Centers for Medicare and Medicaid Services spent $182 million and recovered $1.385 billion. But estimates of improper payments range over $12 billion. That means approximately $10.6 billion in one year was paid out to undeserving providers and/or beneficiaries and will never be recovered.

Current Enforcement Priorities

Criminal justice policy appears to be driven largely by the public's wish to feel protected from crime. Extensive media coverage of "blue-collar" crimes, especially violent ones, bolsters public perceptions that crime is occurring more frequently than is supported by the data. Public pressure, presumably based on these perceptions, rewards policymakers who "get tough" on crime. The major policy tool used to address blue-collar crimes has been retribution in the form of incarceration, as opposed to rehabilitation. This trend has produced record incarceration levels and comes at significant cost to the taxpayer.

Although media coverage of corporate fraud schemes and other white-collar crime has been extensive, both the public and policymakers have been less inclined towards a similar "get tough" strategy for dealing with these crimes. This situation invites a number of important research questions. Why has there not been a call to "lock up white-collar criminals and throw away the key"? What are the circumstances that have created an environment that is vulnerable to white-collar crime in the criminal justice system, regulatory agencies, and corporate governance procedures? Lastly, what options are available to address white-collar crime?

"Get tough" tactics appear to be less effective in addressing white-collar crime, largely because white-collar crimes involve money and not physical harm to the victims. Additionally, white-collar crime often lacks the image of the easily identified victim, reducing political motivation and inhibiting a mobilization of resources. The economic harm of white-collar crime is typically spread over many individuals or firms; the example of Enron—where employees' 401(k) accounts were gutted while executives sold millions of shares—is exceptional.

Implications for Regulation

Why has there not been a drive to increase punishments for white-collar crime? What options are available to better address white-collar crime through the criminal justice system? Observers have offered some possible answers to these questions, including:

  • Sentencing guidelines, limiting the judiciary's flexibility in meting out justice, have arguably caused an imbalance in the court system. Instead of the former disparity in sentencing, some claim that there is now less transparency in the decision-making process since prosecutors essentially make sentencing determinations before the trial.
  • The fact that estimates of the costs of fraud are rough and imprecise. This prompts some to maintain that more research and better data collection are needed to determine the real severity of the impact on American citizens.
  • In the areas of statistical reporting and research on fraud, there is a paucity of information. Existing instruments for measuring crime often fail to accurately assess white-collar crime rates both because of survey construction and the inherent limited mechanisms of data collection.

The Role of Civil Litigation in Deterring Corporate Fraud

The threat of prosecution by the criminal justice system can act to deter corporate boards, officers, or other employees from committing fraud. The civil legal system provides additional deterrents. The government, through federal and state agencies, can launch civil litigation against corporations or individuals. For example, the SEC can levy civil damages against offending CEOs and bar them from gaining similar future employment with a publicly-held company. Another type of civil action is private—one brought by an individual or entity against another individual or entity for a breach of contract or breach of some other legal duty. The threat of civil suits by an individual plaintiff, class of plaintiffs, or other private entity also acts as a potential deterrent to corporate fraud. Civil penalties from such actions can include monetary fines for damages, loss of employment and/or disbarment, and can sometimes be more costly to an individual than criminal penalties.

Recent trends in jurisprudence and legislation, however, have tended to increase the protections corporate officers and boards enjoy from civil liability. It remains to be seen whether recent corporate scandals like Enron will reverse this protectionist trend. Time will tell as many pending civil suits reach trial.

Types of Actions and Parties to Suits

The two types of civil actions that a private actor can bring against an individual or entity are suits based in contract and suits based in tort. Both types of actions may come into play in response to corporate wrongdoing, but suits brought in tort—based on the violation of a legal duty—are more common in the corporate fraud context. The types of tort actions which may be brought against corporate managers or directors are many and include suits for breaches of legal duties owed by corporate boards and directors to corporate shareholders and to the corporation itself under common-law (judge-made) and statutory (legislature-made) authority. It is important to note that for the most part, publicly-held corporations in the United States are governed by state law, not by federal law. Therefore, corporate laws governing the legal duties of directors and officers vary among the states. However, some civil causes of action are based upon federal securities laws and as a result are uniform among the states.

In the corporate fraud context, the most common plaintiffs are shareholders. An individual shareholder may bring a direct suit on his own behalf for injuries he has suffered as a shareholder of the corporation. A group of shareholders may also join together to bring a class-action suit for injuries suffered by all of them as shareholders. Or, a shareholder may bring what is called a derivative action—the shareholder files an action on behalf of or as a representative of the corporation itself, for injuries to the corporation. In the healthcare fraud context, medical patients who have been harmed by fraudulent corporate practices may be plaintiffs as well. The most common groups of defendants in the corporate fraud context are corporate officers and members of the corporation's board of directors.

Legal Duties and Statutory Bases of Civil Actions

Suits Based on Federal Statutes and Rules

Securities Exchange Act of 1934

The Securities Exchange Act of 1934 gave the SEC the authority to promulgate rules related to securities trading. SEC Rule 10b-5 was promulgated by the commission in 1942 and in 1947 was established as a valid basis for private litigation. Rule 10b-5 prohibits the seller of securities from making certain fraudulent and untruthful statements. The rule states:

It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or of any facility of any national securities exchange,

(1) [t]o employ any device, scheme, or artifice to defraud;

(2) [t]o make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in light of the circumstances under which they were made, not misleading; or

(3) [t]o engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person, in connection with the purchase or sale of any security.

Litigation under Rule 10b-5 became much more common until the Supreme Court first began limiting the scope of the rule in 1975. The rule had been interpreted very broadly to encompass many types of fraud, misreporting, and deception, and early case law was generally very favorable to plaintiffs.116 Rule 10b-5 was applicable to securities issued by both closely-held and publicly-traded corporations.

In 1975, a shift in the composition and ideological makeup of the U.S. Supreme Court led to several court decisions which began to limit the use of Rule 10b-5 in private securities litigation.117 In Blue Chip v. Manor Drug Stores, 421 U.S. 723 (1975), the court limited the type of plaintiffs allowed under Rule 10b-5 to purchasers or sellers of securities. In a 1976 case, the court held that a private plaintiff under Rule 10b-5 must prove intentional wrongdoing on the part of the defendant.118 A 1977 Supreme Court ruling held that Rule 10b-5 only applied to cases involving deception-not to unfair transactions which were appropriately disclosed.119 Additionally, the statute of limitations of Rule 10b-5 was uniformly established by the court in 1991 to be one year after discovery or three years after the transaction involving fraud or deception.120 Lastly, the court ruled in 1992 that a plaintiff bringing an action under Rule 10b-5 must show that the defendant's violations of the rule actually caused the plaintiff's loss.121

Despite these court-imposed limitations, private securities litigation under Rule 10b-5 continued to be common. One reason was a 1979 SEC amendment to its disclosure policies, encouraging corporations to disclose forward-looking information and projections regarding future financial performance. But, in response to fears about the filing of frivolous securities lawsuits, or strike suits, Congress acted in 1995 to limit further the filing of suits under SEC Rule 10b-5.

Private Securities Litigation Reform Act of 1995

The Private Securities Litigation Reform Act of 1995 (PSLRA, P.L. 104-67) was passed by Congress in response to what many saw as an overabundance of securities-related private litigation. President Bill Clinton vetoed PSLRA but was overridden by Congress. One of the most important aspects of PSLRA was that it provided a safe harbor for corporate defendants who made misrepresentations or omissions in statements identified as forward-looking. PSLRA also made several other procedural changes regarding securities lawsuits. It was meant to curb the number of suits filed, but studies of its impact have shown that the number of securities fraud cases since its implementation has not materially decreased, while the number of securities fraud suits brought as class actions has increased.122

Sarbanes-Oxley Act of 2002

The Sarbanes-Oxley Act of 2002 was the next major piece of federal securities legislation to come from Congress and was passed in response to corporate fraud scandals of the early 2000s, such as Enron, Tyco, and WorldCom. Section 806 of the Sarbanes-Oxley Act created a civil action to protect employees of publicly-traded companies against retaliation for whistle-blowing in securities fraud cases, 18 U.S.C. §1514A. Sarbanes-Oxley also extended the statute of limitations to file private suits under SEC Rule 10b-5 to the earlier of either two years after the discovery of the violation or five years after the commission of the violation (§804).

Although Sarbanes-Oxley did not specifically create any other new private causes of action in securities litigation, it is possible that some portions of the act may in fact give rise to civil lawsuits. Section 906 of the act created 18 U.S.C. §1350, which requires the CEO and CFO of a publicly-held corporation to certify the accuracy of certain financial reports filed with the SEC and imposes criminal penalties upon CEOs and CFOs who certify the reports knowing the reports contain inaccurate information. It is possible that, in the future, shareholders in direct or derivative suits could bring civil actions against a corporation's CEO and CFO for falsely certifying these financial reports.123

There is precedent for courts creating a private cause of action under federal securities law. In J.I. Case Co. v. Borak, the U.S. Supreme court held that a civil action could be brought under §14(a)(9) of the Securities and Exchange Act of 1934, even though the statute did not provide for a private cause of action.124 The court held that since the overall aim of the statute was to protect shareholders, it made sense for shareholders to be able to bring civil actions under the statute for damages incurred. Also, the Supreme Court recognized that the SEC had limited resources and that allowing a private cause of action would act as a needed supplement to the SEC's enforcement of the law. However, since Borak was decided, the Supreme Court has tended to more strictly limit the implied creation of private causes of action by federal securities statute. At present, it is unclear whether Section 906 of the Sarbanes-Oxley Act will give rise to private causes of action.

Suits based on State Statutes and Common Law

As noted above, most laws governing corporations are state laws or blue sky laws. State statutes and also judge-made law in each state jurisdiction determine the exact legal duties imposed on corporate officers and directors. This section will focus on the legal tenets applied by most state laws. This section will also discuss the provisions of the Model Business Corporations Act (MBCA) promulgated in 1984 and the laws of prominent states in the corporate law arena, such as Delaware.

Duties of Directors

Directors, both independent and connected to the corporation, are elected by and act as representatives of a publicly-held corporation's shareholders. Under state laws, directors owe a number of duties to the corporation and to the shareholders. Under the MBCA §8.30(a), these duties include the duty to act (1) in good faith, and (2) in a manner the director reasonably believes to be in the best interests of the corporation. MBCA §8.30(b) further provides that directors should act "with the care that a person in a like position would reasonably believe appropriate under similar circumstances." The standard for this duty of care has changed over time and differs in each jurisdiction. Even when directors violate this duty of care, they are often shielded by the common-law business judgment rule. The business judgment rule acts as a presumption that directors acted in good faith and forces the burden onto the plaintiff in a civil action to prove otherwise.

In light of the business judgment rule, most courts have been unwilling to attach liability to directors for a standard of care that fell below the level of fraud, illegality or a conflict of interest. But, a 1985 ruling by the Supreme Court of Delaware held that directors were liable for breaching their duty of care if they acted with gross negligence.125 The corporate community and state legislatures, including Delaware, quickly reacted against this ruling by the normally influential Delaware court. Legislatures began passing "raincoat statutes" to allow corporations to shield corporate directors from personal liability in cases where the directors acted in good faith, did not breach their duty of loyalty to the corporation, and did not derive an improper personal benefit from the transaction involved.126 So, the recent trend is to shield directors from liability regarding breach of their duty of care to the corporation unless their actions involve illegality, bad faith, or conflicts of interest. The justification for these raincoat provisions is that allowing directors to be personally liable for breaches of their duty of care would discourage many individuals from serving of boards of publicly-held companies.

MBCA §8.30 also provides that directors are entitled to rely on the opinions of experts such as corporate officers and employees, auditors, accountants, and attorneys when making corporate decisions. Directors may be able to escape civil liability if reliance on these experts is warranted and reasonable; the director cannot escape liability by relying on information from an expert which the director knows to be incorrect.

In addition to a duty of good faith and a duty of care, directors also have a duty of loyalty to the corporation. Under this duty, directors can be held liable for self-dealing transactions, transactions between a director and the corporation, and usurping corporate opportunities for oneself. Historically, transactions that involved conflicts-of-interest between directors and the corporation were not allowed by courts. But, recently, courts have upheld self-dealing transactions where the terms were fair to the corporation. If it is unclear whether the terms are fair or not, courts have upheld self-dealing transactions where a majority of uninterested directors has approved the transaction.

Duties of Officers

Officers are bound by a fiduciary duty to act in the best interests of the corporation. Officers are bound to fully disclose any transactions which may pose conflicts of interest. MBCA §8.42 lists the duties owed to a corporation by its officers; these duties are very similar to duties imposed on directors. Section 8.42(a) directs that officers shall act (1) in good faith, (2) with the care that a person in a like position would reasonably exercise under certain circumstances (duty of care), and (3) in a manner the officer reasonably believes to be in the best interests of the corporation. Section 8.42(b) also allows officers to rely on the opinions of employees and experts, such as attorneys and accountants, as long as that reliance is warranted, similar to the standard for directors. Officers are also shielded by the presumption of good faith afforded them by the business judgment rule.

Protections or Shields from Officer and Director Liability

Directors and officers of corporations are protected from civil liability by a number of provisions, both statutory and based upon common law. The previous section discussed the business judgment rule, officers' and directors' warranted reliance on employee and expert information, and raincoat statutes which allow a corporation to shield its directors from liability in certain cases. The following section will elaborate upon the business judgment rule and address the issues of indemnification, insurance, and the requirements of bringing a shareholder derivative suits as further protections from personal liability for directors and officers.

Background of the Business Judgment Rule.

The corporate business form itself is usually selected by individuals who are seeking to protect themselves from civil liability, especially to protect themselves from personal liability for unpaid debts should the business fail. Choosing to form a corporation instead of a partnership, for example, is a choice made to shield oneself from civil liability. A major part of the protection from liability comes from a common law concept called the business judgment rule. As corporate law in the United States developed during the early 20th century, cases came before courts in which plaintiffs, usually shareholders in corporations, made arguments that alleged unsound business judgment by the directors or managers of the corporation. In response, the judiciary claimed it did not have the experience or the inclination to look into and closely scrutinize the business decisions made by corporate directors and managers. It declined to make rulings based upon evaluating the soundness of a corporation's officers' business judgment.127 Most common-law jurisprudence since has followed what has become known as the business judgment rule.

However, the business judgment rule does not, in theory, act to shield corporate directors or officers from liability in instances of blatant incompetence or outright fraud. But, the business judgment rule has been held to excuse directors or officers from liability in regard to their exercise of the duty of care. In applying the business judgment rule, courts will only examine the validity and fairness of the process of corporate director and manager decision-making. The appropriate test looks at whether (1) due care was used in ascertaining relevant facts and law before making the decision and (2) the decision was made after reasonable deliberation.128 Courts applying the rule decline to examine the correctness or prudence of the decision-made, as long as the process by which it was made was reasonable. So, the business judgment rule provides a presumption that officers and directors acted in good faith; it is up to a plaintiff in a civil case to prove otherwise in most circumstances.

Indemnification and Insurance.

Indemnification and director and officer insurance act to protect directors and officers from personal expense related to lawsuits brought against them in their official capacity.129 Sections 8.50-8.59 of the MBCA deal with the indemnification and insurance of officers and directors of a corporation. Indemnification means that the corporation reimburses a defendant officer or director for expenses incurred in defending against an asserted claim or prosecution. Indemnification usually covers legal fees; in some cases, it may cover amounts paid to settle a suit, paid in judgment of a civil suit, or paid for a criminal fine. Indemnification can also take the form of advances for expenses, in which case the corporation pays expenses before a final judgment is rendered in a case. The reasoning behind indemnification and directors and officers (D&O) insurance is that without these protections, few qualified individuals would be willing to serve on corporate boards or as officers of corporations. Other arguments in favor of these devices are that they encourage innocent individuals to resist untrue charges and that they discourage frivolous suits by shareholders.

However, while it is generally accepted that officers and directors should be reimbursed for expenses when they are successful in defending a lawsuit, indemnification when officers or directors are found civilly or criminally liable would seem to be against public policy. For example, the SEC has taken the stance that it is against public policy for corporations to indemnify officers and directors against liabilities imposed under the Securities Act of 1933. Indemnification is governed by state law. Each state sets its own limits on indemnification, but most follow the general provisions of the MBCA.

MBCA §8.52 requires indemnification for a director who is "wholly successful, on the merits or otherwise," in the defense of a proceeding. This means that a corporation must indemnify the legal expenses of a director who successfully defends a case, even if his success is won on a procedural not substantive basis. For example, a director who has a case dismissed because the statute of limitations has run must be indemnified by the corporation. In cases where the merits are never litigated, it is assumed that the director does have an underlying substantive defense that was not yet heard.

MBCA §8.51 provides the conditions under which a corporation may indemnify a director. In order to be eligible for indemnification, a director must have 1) acted in good faith, 2) must have reasonably believed that his actions were in the best interests of the corporation (if in his official capacity) or at least that his conduct was not opposed to the best interests of the corporation (if outside his official capacity), and 3) in the case of a criminal proceeding, the director must have had no reasonable cause to believe his conduct was unlawful. The director also may only recover reasonable expenses in a derivative suit brought against him. Directors may not be indemnified if found liable in a suit alleging the director received a financial benefit to which he was not entitled.

MBCA §8.56 provides the conditions under which a corporation may indemnify an officer. Essentially, mandatory indemnification of an officer is required under the same circumstances as applied to a director. Permissive indemnification is allowed as well, generally under the same standards as applied to directors. However, if an officer is not also a director, the corporation may provide for further indemnification of the officer unless the officer received an undue financial benefit, intentionally harmed the corporation or its shareholders, or intentionally violated a criminal law.

Under the MBCA, a director or officer is not eligible for indemnification if found liable to the corporation itself under a derivative suit filed by a shareholder on the corporation's behalf. However, in a few states which do not follow the MBCA, indemnification is permitted even where the officer or director is found liable in a derivative suit, which would seem to fly in the face of public policies aimed at preventing fraud.

As an additional protection, a corporation may also purchase liability insurance for its directors and officers (D&O). D&O insurance provides protection against costs and liability for negligence, for misconduct not involving dishonesty or knowing bad faith, and for false or misleading statements in disclosure documents. However, there are several exclusions from D&O policies; they include (1) conduct that is sufficiently self-serving or egregious, (2) conduct which is insurable by other types of insurance policies (like bodily injury), and (3) "laser exclusions" which apply only to certain industries. Recent corporate scandals and higher monetary settlements in class action suits have resulted in higher costs for D&O insurance premiums.

Derivative Action Requirements.

The last protection from personal liability enjoyed by officers and directors of corporations to be discussed in this section comes from the statutory requirements connected to bringing a derivative lawsuit. As previously discussed, a derivative suit is a lawsuit brought by an individual shareholder on behalf of the corporate entity itself for harm done to the corporation. (In contrast, a direct suit by a shareholder would be for harm suffered directly by the shareholder.) Derivative suits may be brought in many contexts, for violation of federal and state securities laws and violation of legal duties owed by officers and directors to corporations. Derivative suits have been both praised as important devices to check misconduct by corporate insiders and criticized as overwhelmingly frivolous litigation brought mostly to enrich aggressive plaintiffs' attorneys.

Regardless, several requirements must be met for a derivative suit to be brought on behalf of a corporation. The bringing of derivative suits is governed by state laws and is not uniform; however many states require that in order to bring or maintain a derivative lawsuit, a shareholder must make a demand (essentially, ask the permission) of the current board of directors of the corporation.

This issue of making a demand on the board is complex and has been the subject of much conflicting jurisprudence. Generally, a shareholder must make a demand on the corporation in order to bring a derivative suit. If the demand to bring the suit is rightfully refused, the shareholder cannot bring the suit. When examining the decision by a board of directors to disallow a derivative suit, courts in most states will apply the business judgment rule-as long as the procedures followed by the board were reasonable, the decision itself will not be challenged. The board of directors can also ask the court to dismiss a derivative suit under the MBCA §7.44 if the board believes the bringing of the suit is not in the best interests of the corporation. Under the MBCA, a shareholder is required to make a demand upon the board in order to bring a derivative suit. This gives a great deal of power to the board.

If a derivative suit implicates one or more directors, those directors generally will not participate in the vote to determine whether the suit will be continued. In some cases, a majority of the members of the board of directors will be implicated as defendants in the derivative suit. In such cases, a shareholder may or may not be excused from making a demand upon the board to bring the suit, depending on the jurisdiction and the level of interestedness of the directors in the transaction being questioned by the derivative suit. But, the board may still create a Special Litigation Committee composed of uninterested directors to decide whether to allow a filed suit to continue. If the SLC decides the suit is not in the best interests of the corporation, the SLC can ask to the court to dismiss the suit. Whether the court should apply the good faith presumption of the business judgment rule to the decision of an SLC is a difficult issue which varies among jurisdictions. But generally, the burden of proof falls on the board of directors if the majority of the board of directors is interested in the derivative litigation. The burden of disproving the business judgment rule presumption of good faith falls upon the shareholder bringing the derivative action if the majority of directors on the board are not interested in the derivative litigation.

The modern trend in jurisprudence has been to restrict the bringing of derivative actions. In virtually all cases of derivative litigation considered by boards of directors or special litigation committees since 1984, the decision by the directors has been that the suit is not in the best interests of the corporation. Some would argue this is the result of frivolous lawsuits being filed; others would say that this shows "structural bias" among directors.130 In regard to the latter, some academics have argued that directors when asked to decide whether to pursue a derivative suit against other directors on the board suffer from "structural bias."131 Structural bias is the tendency of directors to not pursue actions against other directors. It is due to directors generally being in the same social circles and having friendly relationships as well as directors knowing that if they were implicated in the next derivative suit, they would not want the suit approved by the board. The argument is that the culture of boards of directors and the self-interest of directors result in few derivative actions being pursued.

Regardless of the causes, derivative suits function to deter and remedy fraud and misconduct among corporate directors and managers. Over the last 20 to 30 years, the number of derivative suits brought on behalf of corporations has declined. Some have indicated that this decline should be seen as a failure in the realm of corporate governance.

Enron and Civil Litigation

Enron has faced a huge number of civil suits related to its collapse in both federal and state court. Over 70 suits have been consolidated under multi-district litigation procedures in the U.S. District Court for the Southern District of Texas. These cases include class action suits by employees and shareholders as well as derivative suits based on federal securities violations and breaches of legal duties. Bankruptcy proceedings are also under way in the U.S. District Court for the Southern District of New York. Named defendants in the class action and derivative cases include officers such as Chairman of the Board Ken Lay, CEO Jeff Skilling, CFO Andrew Fastow, and Enron General Counsel James Derrick. Other named defendants include members of the board of directors such as Wendy Gramm and Robert Jaedicke, Enron's outside accountants (Arthur Andersen), and Enron's outside attorneys (Vinson & Elkins).

Despite the large number of filings, it may be difficult for plaintiffs to attach liability to Enron's board of directors due to the protections of the business judgment rule. Directors will likely argue they had reason to rely on the opinions of experts like Arthur Andersen and Vinson & Elkins and on the officers of the corporation.132 Enron is facing so much litigation alleging fraud that two of its D&O insurers have filed actions to rescind insurance coverage, claiming that Enron did not accurately disclose information and circumstances that might give rise to claims in the future.133

In summary, civil litigation can act as a check on corporate fraud through suits brought under state, federal, and common-law grounds. However, recent trends in legislation and jurisprudence have acted to restrict the filing of private lawsuits and the personal liability of corporate directors and officers. One reason to restrict liability is to encourage qualified and responsible people to sit on corporate boards of directors. However, protections like raincoat provisions, the business judgment rule, reliance on expert opinions, indemnification and D&O insurance, and the power of directors in deciding whether to allow derivative suits all limit the ultimate accountability of boards of directors and corporate management in civil litigation. Most corporate law is state-based law, but Congress does have jurisdiction over companies with nationally traded securities, which is the class of corporations which have been the subject of recent scandals and corruption. In the wake of scandals such as Enron, courts and legislatures may act to revisit the current protections that shield corporate insiders from civil liability.


This report has examined several systemic problems that contributed to the recent wave of corporate scandals. Failures occurred both within companies and among the external actors who were supposed to be regulating or watching them. Using Enron as a case study, the system failures can be summarized as follows:

What Went Wrong at Enron?

  • The capture of auditors, analysts, and banks and regulators through personal and professional contacts—Enron effectively suborned or mystified Merrill Lynch, Arthur Anderson, the bond rating agencies, and regulators such as FERC and the CFTC, with the result that watchdog institutions—public and private—either missed the fundamental problems at the firm or actively participated in covering them up.
  • Systems capacity issues at the SEC and other regulatory agencies. A lack of resources and staff expertise at federal agencies led regulators to overlook Enron's complicated and fraudulent financial schemes.
  • The inability of the media to serve as watchdog. The business media reports on problems at a company only if Wall Street analysts seem worried. Captured or biased analysts means that there is no bad news to report.
  • The board and auditors had incomplete information. Management withheld documents regarding transactions between Enron and special purpose entities and concealed the nature of the partnerships set up to run the SPEs.
  • The corporate culture was a pressure cooker of entitlement, teamwork, and a star system. Employees were constantly scrambling to create something new and be noticed by top management. They were repeatedly told that they were the best and brightest, and part of the Enron team. The peer review system simultaneously created a cutthroat environment where undercutting team members was often the way to save one's own job.
  • Whistleblowing was strongly discouraged by fear of losing one's job and a fierce devotion to the company and the prospect of future wealth.
  • Hubris. Enron's management was apparently unable to grasp that its arcane financial maneuvers would actually be the firm's downfall, making them unwilling to issue accounting restatements (or listen to internal objections).
  • The board wasn't paying attention. Though technically independent, Enron's directors repeatedly allowed management to make legally risky decisions. Lack of information and undue trust in management's ability to sustain the company's meteoric rise made directors' decisions little more than rubber stamps.

Why Now?

Many of these problems have existed at other companies, during other periods in time. In order to effectively detect and prevent fraud in the future, it is important to understand some of the reasons why the recent wave of control fraud came when it did. Some possible explanations that may be unique to this period in history are listed below:

  • The long bull market allowed companies to conceal financial difficulties, because stock analysts, regulators, and (above all) investors were willing to believe in company financials that defied traditional, rational explanation. In addition, the technology and internet booms created furious investor demand for new companies with rosy forecasts but no revenues. The conventional wisdom was: if you can make money at it, great!
  • The increasing acceptance of financial innovations in both the business and accounting fields created an environment in which accounting creativity was rewarded.
  • Auditing was a loss leader as consulting became the major profit center for big accounting firms. Therefore, the pressure was strong for accounting companies to overlook audit irregularities in order to help sell the client their consulting services.

An alternative view is that accounting and management scandals are to be expected whenever a long period of market exuberance winds down. If the phenomenon is seen as primarily cyclical, the unique circumstances of the 1990s listed above may have influenced the scope and particular features of the scandals, but the underlying dynamics have appeared before and will return. Finally, some observers, whose faith in market discipline has not been shaken by the outbreak of fraud, would say that the post-Enron reaction is simply evidence of the system working by purging the markets of bad apples.



See, e.g., Larry E. Ribstein, "Market Vs. Regulatory Responses to Corporate Fraud: A Critique of the Sarbanes-Oxley Act of 2002," Journal of Corporate Law, vol. 28, Fall 2002, pp. 57-59.


E.g., "Enron's Unfinished Business," Washington Post, Mar. 9, 2004, p. A22.


Peter Kostant, "Exit, Voice and Loyalty in the Course of Corporate Governance and Counsel's Changing Role," Journal of Socio-Economics, vol. 28, no. 3. (1999), p. 210.


Exit, voice, and loyalty are terms derived from the work of Albert O. Hirschman on the devices that corporations use to correct lapses in productive behavior. "Exit" occurs when members leave an organization, and is seen as insufficiently effective in triggering corrective action. "Voice" is any attempt to change, rather than escape from, an unsatisfactory situation. "Loyalty" is a brake on exit, causing individuals to remain when it might be rational to leave, and thus may be a stimulus to voice. Ibid., pp. 208-209.


Benjamin E. Hermalin and Michael S. Weisbach, "Endogenously Chosen Boards of Directors and Their Monitoring of the CEO," American Economic Review, vol. 88, Mar. 1998, p. 96.


James D. Westphal and Edward J. Zajac, "Defections from the Inner Circle: Social Exchange, Reciprocity, and the Diffusion of Board Independence in U.S. Corporations," Administrative Science Quarterly, vol. 42, no.1, 1997, pp. 161-183.


Gerald F. Davis and Henrich R. Greve, "Corporate Elite Networks and Governance Changes in the 1980s," American Journal of Sociology, vol. 103, July 1997, pp. 1-37.


Westphal and Zajac, p. 177.


Jay W. Lorsch and Elizabeth MacIver, Pawns or Potentates: The Reality of America's Corporate Boards, Boston, Harvard Business School Press, 1989. Cited in Mark S. Mizruchi, "Berle and Means Revisited: The Governance and Power of Large U.S. Corporations." Conditionally accepted by Theory and Society, Apr. 2004.


Available online at


Troy A. Paredes, "Enron: The Board, Corporate Governance, and Some Thoughts on the Role of Congress." In: Enron: Corporate Fiascos and Their Implications, eds. Nancy B. Rapoport and Bala G. Dharan, (New York: Foundation Press, 2004), pp. 520-521.


Gerard Sanders and Mason A. Carpenter, "Internationalization and Firm Governance: The Roles of CEO Compensation, Top Team Compensation, and Board Structure," Academy of Management Journal, vol. 41, no. 2, Apr. 1998 (Special Research Forum on Managerial Compensation and Firm Performance), pp. 158-178.


Bruce Cutting and Alexander Kouzmin, "The Emerging Patterns of Power in Corporate Governance: Back to the Future in Improving Corporate Decision Making," Journal of Managerial Sociology, vol. 15, no. 5, 2000, p. 499.


Charles Calomiris, "The Board Game," Financial Times, Dec. 6, 2002, and Robert W. Hamilton, "Corporate Governance in America 1950-2000: Major Changes, but Uncertain Benefits," Iowa Journal of Corporate Law, v. 25, Winter 2000, p. 349.


Vinson and Elkins served as Enron's outside counsel.


The Role of the Board of Directors in Enron's Collapse, Report prepared by the Permanent Subcommittee on Investigations of the Committee on Governmental Affairs, United States Senate (Washington: GPO, 2002), p. 45.


Corporate officers are those responsible for the management and day-to-day operations of the corporation. Officers are appointed by the board of directors. Each state's corporation statute will specify the officer positions that must be filled by each corporation. The required officer positions usually include the CEO (or president), vice-president, treasurer (or CFO), and secretary.


"Sarbanes-Oxley and the Idea of 'Good' Governance," Speech to the American Society of Corporate Secretaries, Washington, DC, Sept. 27, 2002. Online at


Adolph A. Berle and Gardiner C. Means, The Modern Corporation and Private Property, (New York: MacMillan, 1933), 396 p.


Stewart J. Schwab and Randall S. Thomas, "What Do CEOs Bargain For? An Empirical Study of Key Legal Components of CEO Contracts," Draft Paper submitted to the 2004 Corporate Governance Conference at the University of Texas at Austin, Apr. 16, 2004.


Lucian A. Bebchuk and Jesse M. Fried, "Executive Compensation as an Agency Problem," Journal of Economic Perspectives, vol.17, no.3, 2003, pp. 71-92.


Ibid., pp. 73-74.


Investor Responsibility Research Center, "IRRC's Study Shows Corporations Overhauling Boards and Director Pay," press release, Dec. 3, 2003.


George P. Baker, Michael C. Jensen, and Kevin J. Murphy, "Compensation and Incentives: Practice vs. Theory," Journal of Finance, vol. 63, no.3, 1988, pp. 593-616


Many directors are themselves current or former CEOs.


Oren Bar-Gill and Lucian A. Bebchuk, "Misreporting Corporate Performance," Harvard Law School Discussion Paper No. 400, revised July 2003, 33 p.


Ian Cheng, "The Barons of Bankruptcy," Financial Times, July 31, 2002, p. 8.


Bebchuk and Fried, "Executive Compensation as an Agency Problem," pp. 85.


Wm. Gerard Sanders and Donald C. Hambrick, "The Effects of CEO Incentive Compensation on Subsequent Firm Investment and Performance," Draft Paper submitted to the 2004 Corporate Governance Conference at the University of Texas at Austin, Apr. 17, 2004, p. 22. Available online at


Ibid., p. 23. Their sample included 1,000 firms randomly selected from the Standard & Poor's 500, Mid-Cap, and Small-Cap indices.


Steven Balsam, An Introduction to Executive Compensation, (San Diego: Academic Press, 2002), p. 262.


Randall S. Thomas and Kenneth J. Martin, "The Effect of Shareholder Proposals on Executive Compensation," University of Cincinnati Law Review, vol. 67, no. 4, 1999, pp. 1021-1081.


Bebchuk and Fried, "Executive Compensation as an Agency Problem," p. 79.


The ratio of CEO to average worker pay in large U.S. corporations was 50:1 in 1980, and 300:1 in 2003. See CRS Report 96-187, A Comparison of the Pay of Top Executives and Other Workers, by [author name scrubbed].


Gillian Tett, "The Gospel According to Saint Paul," Financial Times, Oct. 23/24, 2004, p. W3.


William M. Evan and R. Edward Freeman, "A Stakeholder Theory of the Modern Corporation: Kantian Capitalism," in: Tom L. Beauchamp and Norman E. Bowie, eds., Ethical Theory and Business. Third Edition (New Jersey: Prentice-Hall, 1988), pp. 97-104.


Ibid., p. 100.


Ibid., p. 103.


Ibid., p. 104.


Ibid., p. 103.


SEC Final Rule, RIN 3235-AI54, "Certification of Disclosure in Companies' Quarterly and Annual Reports." At


U.S. Senate, Committee on Governmental Affairs, Financial Oversight of Enron: The SEC and Private Sector Watchdogs, committee print, 107th Cong., 2nd sess., Oct. 7, 2002, S. Prt. 107-75 (Washington: GPO, 2002), p. 17.


Ibid., p. 18.


April Klein, "Economic Determinants of Audit Committee Independence," Accounting Review, vol. 77, Apr. 2002, pp. 435-453.


Matthew Barrett, "Enron and Andersen—What Went Wrong and Why Similar Audit Failures Could Happen Again," in: Enron: Corporate Fiascos and Their Implications, (New York: Foundation Press, 2004), pp. 155-168.


Ibid., p. 156.


DiLeo v. Ernst & Young, 901 F.2d 624 (7th Cir. 1990).


John Coffee, "Understanding Enron: 'It's About the Gatekeepers, Stupid,'" In: Enron: Corporate Fiascos and Their Implications, pp.125-126.


Ibid., p. 128.


Barrett, "Enron and Andersen," p. 161.


Ibid., p. 159.


Klein, "Economic Determinants of Audit Committee Independence," p. 435.


"NASD and NYSE Rulemaking: Relating to Corporate Governance," Release No. 34-48745. Available at


For definitions of director independence, see "Board Independence as a Barrier to Fraud" section, above.


Gardiner Morse, "Audit Committees Can't Add," Harvard Business Review, vol. 82, May 2004, pp. 21-24.


Michael Barrier, "Relating to the Audit Committee," Internal Auditor, vol. 59, Apr. 2002, p. 29.


The Securities Exchange Act of 1934.


Larry Rittenberg, Wayne Moore, and Mark Covaleski, "The Outsourcing Phenomenon," Internal Auditor, vol. 56, Apr. 1999, pp. 43.


George R Aldhizer III, James D Cashell, Dale R Martin, "Internal Audit Outsourcing," CPA Journal, vol. 73, Aug. 2003, p. 38.


Rittenberg, et al., "The Outsourcing Phenomenon," p. 44.


Allen Blewitt, "Strengthen the Sign-off," Financial Times, Jan. 22, 2004, p. 2.


Michael Barrier, "Relating to the Audit Committee," Internal Auditor, vol. 59, Apr. 2002, p. 29.


Sarbanes-Oxley Act, Section 201(a).


U.S. Senate, Committee on Governmental Affairs, Financial Oversight of Enron: The SEC and Private Sector Watchdogs, committee print, 107th Cong., 2nd sess., Oct. 7, 2002, S.Prt. 107-75 (Washington: GPO, 2002), p. 19.


Joint Committee on Taxation, Report of the Investigation of Enron Corporation and Related Entities Regarding Federal Tax and Compensation Issues, and Policy Recommendations, 108th Cong., 1st sess, Feb. 2003, (JCS-3-03), 3 vol.


Peter Behr, "Enron Skirted Taxes via Executive Pay Plan," Washington Post, Feb. 14, 2003, p. E1.


Robert Sack and Mark Haskins, "Of Fiddlers and Tunes," CPA Journal, v. 73, June 2003, p. 10.


According to the PCAOB website,, the Big Four audit 56% of all firms that file reports with the SEC.


Liz Fisher, "The Big Four Old Boys' Club," Accountancy, vol. 133, Mar. 2004, p. 29.


American Bar Association, "About the ABA,"


John F. Sutton, Jr. and John S. Dzienkowski, Cases and Materials on the Professional Responsibility of Lawyers, 2nd ed. (St. Paul: West Group, 2002), p.14.


American Bar Association, "Proposed Amendments to Rule 1.13 of the ABA Model Rules of Professional Conduct."


Sutton and Dzienkowski, p.521.


Based on discussions with John Dzienkowski, professor of professional responsibility, University of Texas School of Law, Jan. 27, 2004.


"2002 ABA Model Rules," in John S. Dzienkowski, ed., Professional Liability Standards, Rules & Statutes, 2002-2003, abridged ed. (St. Paul: West Group, 2002), pp.29-36.


American Bar Association, "Rule 1.6: Confidentiality of Information."


"2002 ABA Model Rules," in John S. Dzienkowski, ed., Professional Liability Standards, Rules & Statutes, 2002-2003, abridged ed. (St. Paul: West Group, 2002), pp. 21-22.


Ellen Joan Pollock, "Limited Partners: Lawyers for Enron Faulted Its Deals, Didn't Force Issue," Wall Street Journal, May 22, 2002, p. A1.


See, e.g., Dan Ackman, "It's the Lawyers Turn to Answer for Enron,", Mar. 14, 2002.


The SPEs were accounting entities used by Enron to generate fictitious profits. Fastow received a 10-year prison sentence after pleading guilty to two counts of securities fraud.


Mimi Swartz, Power Failure: The Inside Story of the Collapse of Enron (New York: Doubleday, 2003), p. 214.


U.S. Securities Exchange Commission, "Final Rule: Implementation of Standards of Professional Conduct for Attorneys," at


Arthur Andersen was Enron's outside auditor and was convicted of obstruction of justice in the Enron case, leading to the dissolution of the firm.


Testimony of Jordan Mintz, in U.S. Congress, House Committee on Energy and Commerce, Subcommittee on Oversight and Investigations, The Financial Collapse of Enron—Part 2, hearing, 107th Cong., 2nd sess., Feb. 7, 2002.


Swartz, Power Failure, p. 190.


Sabine Pilot suits refer to the decision in the case Sabine Pilot Service, Inc. v. Huack, 687 S.W.2d 733 (Tex. 1985). The decision protects employees discharged for refusing to perform an illegal act. As delineated by Enron lawyer Carl Jordan in an e-mail, Ms. Watkins could have had a case if "an employee's duties involve recording accounting data that she knows to be misleading onto records that are eventually relied on by others in preparing reports to be submitted to a federal agency (e.g., SEC, IRS, etc.).... If the employee alleges that she was discharged for refusing to record (or continuing the practice of recording) the allegedly misleading data, then she has stated a claim under the Sabine Pilot doctrine." As quoted in Leslie Griffin, "Whistleblowing in the Business World," in Enron: Corporate Fiascos and Their Implications, Nancy B. Rapoport and Bala G. Dharan, eds., (New York: Foundation Press, 2004), p. 214. For more information about Texas whistleblower laws pre- and post-Sarbanes-Oxley, see Ken Hughes, "Whistle-blower Claims Involving In-House Counsel and Officers," as presented at The Review of Litigation Symposium on Litigating Business Ethics at the University of Texas Law School, Mar. 26, 2004.


James W. Fesler and Donald F. Kettl, The Politics of the Administrative Process (Chatham, NJ: Chatham House Publishers, 1996), p. 340.


U.S. Department of Justice, Justice Management Division, Department of Justice Strategic Plan for 2001-2006, Nov. 2001, Executive Summary, p. 3.


U.S. Department of Justice, Office of the Deputy Attorney General, "The President's Corporate Fraud Task Force," at


U.S. Department of Justice, Office of the Deputy Attorney General, Corporate Fraud Task Force: First Year Report to the President, July 22, 2003, pp. 2.3-2.4, at


See CRS Report RL31866, Criminal Charges in Corporate Scandals, by [author name scrubbed] and [author name scrubbed].


See CRS Report RS21401, Regulation of Energy Derivatives, by [author name scrubbed].


Release IA-2266, "Registration Under the Advisers Act of Certain Hedge Fund Advisers," July 20, 2004.


An example is the SEC's pilot program to suspend the short-sale uptick rule (which is intended to prevent manipulative short sellers from driving down the price of stocks). The SEC's reasoning is that in today's markets, manipulative short selling is much less a problem that it was in the 1930s, when the uptick rule was imposed. See SEC Release 34-50103, "Short Sales," July 28, 2004.


U.S. Congress, Senate Committee on Governmental Affairs, Committee Staff Investigation of the Federal Energy Regulatory Commission's Oversight of Enron Corp, 107th Cong., 2nd sess., Nov. 12, 2002, p. 25.


See, e.g., U.S. Government Accountability Office, Financial Regulation: Industry Changes Prompt Need to Reconsider U.S. Regulatory Structure (GAO-05-061), Oct. 2004, 164 p.


Ibid., p. 32.


The CFTC did bring civil charges against an Enron trader in 2003 for manipulating the cash market in natural gas, but over its history, the agency has rarely brought actions that do not involve futures trading.


Jean-Jacques Laffont and Jean Tirole, "The Politics of Government Decision-Making: A Theory of Regulatory Capture," Quarterly Journal of Economics, vol. 106, Nov. 1991, pp. 1090-1091.


U.S. General Accounting Office, SEC Operations: Increased Workload Creates Challenges, GAO-02-302, Mar. 5, 2002, p.13.


Ibid., p. 22.


P.L. 107-123, the Investor and Capital Markets Fee Relief Act. See CRS Report RS20204, Securities Fees and SEC Pay Parity, by [author name scrubbed].


Christine M. Bae and Carlton R. Asher, Jr., "Chinese Walls—Procedures and Remedies for Dealing With Conflicts of Interest and Other Abuses by Broker-Dealers in Connection With Conduct by their Securities Analysts," in: Securities Arbitration 2002: Taking Control of the Process (PLI Corp. Law & Practice Course Handbook Series No. B001A6, 2002), pp. 128-129.


See CRS Report RL31348, Enron and Stock Analyst Objectivity, by [author name scrubbed] (pdf).


Robert O'Harrow Jr., "E-Mails Open Window on Wall St.: Blunt Notes on Stock Ratings at Heart of Analyst Probe," Washington Post, Apr. 12, 2002, p. A1.


"Regulation Analyst Certification: Final Rule," Release No. 33-8193, Feb 20, 2003. Available online at


Ohad Kadan, Rong Wang, and Tzachi Zach, Are Analysts Still Biased? Evidence from the Post "Global Settlement" Period, Working Paper, John M. Olin School of Business, Washington University in St. Louis, Sept. 2004, 32 p.


For a list of criminal cases related to recent corporate scandals, see CRS Report RL31866, Criminal Charges in Corporate Scandals, by [author name scrubbed] and [author name scrubbed].


Edwin H. Sutherland, White Collar Crime: the Uncut Version (New Haven: Yale University Press, 1983), 291 p.


Samuel Porteous, Organized Crime Impact Study: Highlights, Ottawa, 1998, p. 2.


U.S. Department of Justice, Bureau of Justice Statistics, Dictionary of criminal justice data terminology : terms and definitions proposed for interstate and national data collection and exchange, U.S. GPO, 1982.


See, e.g., Tucker, Jeffrey, "Mr. Moral Hazard," The Free Market: Mises Institute Monthly, vol. 16, no. 12, Dec. 1998.


See, e.g., Timothy Lane and Steven Phillips, "IMF Financing and Moral Hazard," Finance and Development, A Quarterly Magazine of the IMF, vol. 38, no. 2, June 2001.


William K. Black, Kitty Calavita, and Henry Pontell, "The Savings and Loan Debacle of the 1980s: White-collar Crime or Risky Business?" Law and Policy, vol. 17, no. 1, Jan. 1995, p. 30.


Lecture by Sol Wisenberg delivered to the Policy Research Project class, LBJ School of Public Affairs, University of Texas at Austin, Mar. 30, 2004.


Robert W. Hamilton and Jonathan R. Macey, Cases and Materials on Corporations, 8th ed. (St. Paul, MN, West Group, 2003), p. 980.


Ibid., p. 982.


Ernst & Ernst v. Hochfelder, 425 U.S. 185 (1976).


Santa Fe Industries, Inc. v. Green, 430 U.S. 462 (1977).


Lampf v. Gilbertson, 501 U.S. 350 (1991).


Litton Industries, Inc. v. Lehman Bros. Kuhn Loeb Inc., 967 F.2d 742 (2d Cir.1992).


Hamilton and Macey, Cases and Materials on Corporations, p. 1122.


Robert J. Jossen, "Using Sarbanes-Oxley in Civil Litigation," New Jersey Law Journal, Sept. 8, 2003.


377 U.S. 426 (1964).


Smith v. van Gorkom, 488 A.2d 858 (Del. 1985).


Hamilton and Macey, Cases and Materials on Corporations, pp. 832-833.


See Dodge v Ford Motor Co., 204 Mich. 459, 508 (stating the frequently cited proposition that "judges are not business experts.").


Hamilton and Macey, Cases and Materials on Corporations, p. 815.


See, generally: Hamilton and Macey, Cases and Materials on Corporations, pp. 1134-1159.


Hamilton and Macey, Cases and Materials on Corporations, p. 885.


Ibid., pp. 864-865.


See Mark Jaffe, "Suing Enron's Directors an Uphill Battle," Austin American Statesman, Jan. 23, 2002; and David J. Kaufman, "Enron's Implosion and Boards of Directors," Prentice Hall Law and Business Insights: Corporate Governance, vol. 16, Mar. 2002, p. 5.


Hamilton and Macey, Cases and Materials on Corporations, p. 1158.