We have all been reading (over and over) about the Yates Memorandum and the renewed focus on individual culpability. As I have said (over and over), the proof will be in the results – if we see an increased number of criminal cases against individuals.

Whether this new aggressive approach will extend to senior executives and even corporate board members will be a matter of great interest. My expectation is that, if the evidence is there, prosecutors will bring the case. Up until the Yates Memorandum, we saw an unfortunate number of criminal cases where the evidence was present against individuals and prosecutors declined to bring the case.

On the civil enforcement side, the SEC has been quietly (or not so quietly depending on your focus) racking up enforcement actions against corporate directors, particularly in cases relating to oversight and management of internal financial controls.

The SEC has been focus on Audit Committee directors and launching enforcement actions when board members recklessly signed or approved financial statements that contained material inaccuracies. In other cases, the SEC has filed enforcement actions against board members for failing to inquire or conduct any reasonable follow up to decisions to delay filing of required reports (e.g. 10-Ks).

The SEC appears to be following a standard formula – when directors are aware of red flags and fail to act or follow up on such red flags, the SEC is responding by bringing enforcement actions against those directors (and others at the company). Audit committee chairs and members are prime targets for enforcement actions based on theories of failure to act. When a board member is made aware of a red flag, the board member has to act or inquire as to how an issue is being resolved. A failure to act can quickly turn into a violation of securities law.

Some have questioned the SEC’s aggressive enforcement actions in this area, claiming that the SEC’s standards are retrospective in nature and hold board members to a standard approaching strict liability. Of course, the SEC only gets involved when serious breakdowns occur in financial reporting or mismanagement, and it is reasonable to look back and identify the missed opportunities where directors failed to act or ignored clear red flags.

The SEC also has focused on the relationship between directors and senior management. If the relationship is too deferential and boards members failed to exercise independent authority to review certain issues, the SEC has been willing to impose liability on the directors for their cozy relationship with senior managers.

In its enforcement approach, the SEC is sending a strong message that it expects corporate boards to exercise oversight of management and not serve as a rubber stamp for management’s actions. Directors have a duty to the company and its shareholders and the SEC is going to make sure those duties are carried out.

We all know that corporate boards set the tone of an organization and its commitment to a culture of compliance is critical. As the SEC stretches its enforcement program into corporate boardrooms, there is an even greater likelihood that failures to act or other negligent-type behavior will be punished. Corporate directors will be held not just to a knowing standard but to a “should have known” standard for civil liability. The SEC’s aggressive enforcement program is meant to deter negligent performance issues and improve overall board functioning.