The most potent weapon in combatting corporate fraud against the U.S. government has been the False Claims Act (“FCA”). Under the FCA, the U.S. government may recover treble damages and civil fines for such fraud. Surprisingly, nearly 90 percent of these cases are now initiated under the FCA’s qui tam provision by private plaintiffs (known as relators) in the name of the United States. Relators have historically been whistleblowers with insider information, but their profile is rapidly changing. Complicating this emerging risk is the announcement by Assistant Attorney General Leslie R. Caldwell that all new qui tam complaints will be shared with the Criminal Division as soon as the cases are filed, so that DOJ can pursue parallel civil and criminal investigations. Companies can expect an increase in creative and complex qui tam cases, with DOJ lending its substantial resources to the growing plaintiffs’ bar.

The FCA’s power lies in its ability to extract treble damages from defendants along with statutory fines of up to $11,000 for each false claim. This combination means that FCA cases can easily become bet-the-company cases, even when the alleged damages are moderate.

DOJ Doubles Down on Qui Tam Enforcement

The FCA is one of the most powerful and lucrative enforcement statutes in the government’s arsenal. And not surprisingly, FCA cases are among the fastest growing areas of federal litigation. Indeed, the DOJ’s Criminal Division announced on September 17, 20141 that it would review all newly filed qui tam cases to determine whether a parallel criminal investigation might be appropriate. Assistant Attorney General Leslie R. Caldwell also stated that DOJ was committed to working with relators, their counsel, the “Civil Fraud counterparts, U.S. Attorney’s Offices, and investigating agencies” to “bring more cases and hold more companies and individuals responsible for the crimes they commit.” Companies can expect the tide of FCA enforcement cases to increase as DOJ gathers resources from across the government to prosecute the growing number of qui tam cases.

DOJ’s zeal for bringing more actions may cause more harm than expected. Indeed, in response to the government’s aggressive FCA enforcement agenda, law-abiding companies may be targeted by a new breed of relator—one without any inside information. This is because congressional changes to the FCA pursuant to the Fraud Enforcement and Recovery Act of 2009 (“FERA”) also arguably expanded the scope of the FCA to cover a broad range of regulatory violations. And the changes to the FCA’s public disclosure bar defense in the Affordable Care Act of 2010 (“Obamacare”) made it harder for companies to defend themselves against claims from FCA trolls with no insider information. All of which suggests that FCA trolls will increasingly target companies in industries that have until now largely avoided potential FCA liability.

Lessons Learned From a Recent Victory

In September 2014, Judge Mary McLaughlin, U.S. District Court, Eastern District of Pennsylvania, issued a 45-page opinion and dismissed a FCA complaint against Victaulic Company with prejudice. The victory spared Victaulic from substantial potential damages—but it also highlighted the novel ways plaintiffs are using the False Claims Act to target companies in industries where FCA lawsuits have previously been rare.

Victaulic provides pipe joining solutions to a global customer base through its facilities across the world. In this case, the relator alleged that Victaulic imported pipe fittings from its facilities in Poland and China into the U.S. and failed to designate or “mark” the country of origin on those imports over a nine-year period. Failure to do so could potentially subject a company to a “marking duty” of 10 percent of the product’s value under the Tariff Act.

Historically, relators were almost always whistleblowers with some kind of inside connection to the alleged fraud (such as current or former employees, suppliers, competitors or customers). Not so here. The relator in this case was a self-styled customs expert with no connection to Victaulic or its business.

The relator conducted her own investigation using publicly available information: shipping manifest data published and compiled by industry news publications, along with postings for Victaulic pipe fittings on eBay. Based on her so-called investigation, she alleged Victaulic had a practice of failing to mark its pipe fittings with the relevant country of origin and failing to pay the necessary marking duties. Her allegations were based exclusively on publicly available information.

Pillsbury’s attorneys laid out a number of grounds for dismissal, including: 1) the relator’s failure to state a claim; 2) the fact that she was not an original source of non-public information as required by the FCA; and 3) the fact that regulatory non-compliance does not and should not give rise to a claim under the FCA.

Judge McLaughlin dismissed the case with prejudice for failure to state a claim, but reluctantly concluded that she could not dismiss the case based on the other key jurisdictional grounds. Specifically, the judge held that the public disclosure bar, one of the strongest defenses available, did not apply. Judge McLaughlin noted that while information from eBay was “certainly readily accessible to the general public,” because all of the inferences did not fall neatly within any of the three enumerated categories of public disclosure listed in the FCA—under a strict reading of the statute—the public disclosure bar did not apply. The judge also declined to decide whether a failure to mark imported goods or to pay marking duties under the Tariff Act gives rise to a claim under the post-FERA version of the FCA.

The Rise of the False Claims Act Troll

The public disclosure bar was meant to protect companies from parasitic lawsuits by “opportunistic plaintiffs who have no significant information to contribute of their own[.]” Graham Cnty. Soil and Water Conservation Dist. v. U.S. ex rel.Wilson, 559 U.S. 280, 294 (2010). The bar, however, applies only if the information that forms the basis of the complaint is disclosed through one of the following three enumerated categories:

  1. in a Federal criminal, civil, or administrative hearing in which the Government or its agent is a party;
  2. in a congressional, Government Accountability Office, or other Federal report, hearing, audit, or investigation; or
  3. from the news media.

But when Congress revised the public disclosure bar in 2010 under Obamacare, it failed to update it for the internet age. As a result, numerous courts have faced the question of whether information from a public website or database constituted a public disclosure under the statute. Courts have been able to shoehorn many websites into the news media category—and the Supreme Court has agreed.

But in this case, Judge McLaughlin concluded that while the customs information was taken from a publicly available website, the information taken from eBay did not fit neatly into one of the three enumerated sources. And as such, the court found that the public disclosure bar could not apply. Nonetheless, the court was convinced that the plaintiff had failed to allege a FCA violation and in fact could not allege a FCA violation even if it was given a third bite at the apple.

The court’s opinion spared Victaulic from hundreds of millions in potential liability, but it also made it clear that an increasing number of companies may be vulnerable to a new breed of relators who have no insider information or connection to the alleged fraud at all. Moving forward, we expect other relators to build on this approach and develop complaints that rely on publicly available websites that do not neatly fit into any of the three disclosure categories under the FCA. Indeed, under Judge McLaughlin’s analysis, information from a host of publicly accessible websites, including social media (Facebook, Twitter), online communities (Reddit), and even industry trade associations might not be considered acceptable sources of public disclosure.

Equally troubling, however, is the judge’s conclusion that the 2009 FERA amendment to the FCA might make regulatory noncompliance the basis of a False Claims Act lawsuit. Prior to the 2009 FERA amendment, the Fifth Circuit and the DC Circuit had both held that regulatory noncompliance could not be the basis of a FCA claim. This court is the first court since the passage of the 2009 amendments, to revisit whether regulatory violations can form the basis for FCA violations. And while Judge McLaughlin did not issue a decision on this point, she indicated that the Congressional record was unclear about Congressional intent to overturn established precedent in this area. We anticipate that motivated relators and public interest groups will rely on this framework to bring novel “reverse false claims act “cases based on regulatory non-compliance.

Taken together, the decision’s treatment of the public disclosure bar and the “reverse false claims act” suggests that FCA trolls may be able to target a much broader set of companies and industries and avoid some of the most challenging defenses. Coupled with DOJ’s renewed commitment to qui tamcases, we expect FCA trolls to become much more active across industries as they leverage the mountain of online public information about companies operations and products and combine that with specific regulatory expertise to craft a novel set of complaints.

Practical Steps to Reduce Risk

In light of these recent developments, companies can take a number of steps to reduce the risk of a qui tam suit. These include:

  1. Conduct a substantive review of all compliance programs. An internal review will enable companies to:
  1. Identify any and all areas of regulatory concern.
  2. Develop and implement mitigation measures.
  3. Engage the relevant regulator to short-circuit any potential FCA claims.
  1. Create a communications protocol and compliance plan for the business team that minimizes the risks of creating misleading and inaccurate emails and documents.
  2. Revise training and compliance procedures and processes.
  3. Conduct trainings on FCA and related regulatory compliance measures for executives, managers, and staff.

While the above steps cannot immunize companies from all FCA risk, they can help illuminate what risks may exist, minimize unnecessary ones, and ultimately enable companies to make informed decisions about their FCA exposure.