Outside directors are rarely charged in corporate fraud actions brought by the Securities and Exchange Commission (SEC, or the Commission). Recently, however, in SEC v. Krantz, Chasin, and Nadelman, the SEC charged three outside directors with fraud for failing to take reasonable steps in response to red flags signaling management misconduct relating to an accounting fraud by a public company.1 The SEC further alleged that the directors enabled the company’s former CEO to divert at least $10 million from the company for personal gain. While the facts of Krantz are extreme, the case nevertheless provides important insight into the SEC’s views on how independent directors should respond to evidence of management misconduct.
The Evolving Views of the SEC on the Oversight Responsibilities of Independent Directors
For more than 35 years, the SEC has made clear its view that outside directors must make themselves familiar with the corporation’s public disclosures and accounting practices and must investigate "red flags" that come to their attention indicating that the corporation’s public disclosures may be false or misleading. In many corporate fraud cases over the years, however, particularly before the frauds at Enron and WorldCom, the Commission chose not to charge outside directors for failing to take reasonable steps, as opposed to committing affirmative bad acts, but instead chose to admonish them (and warn their counterparts in other companies) in reports issued pursuant to Section 21(a) of the Securities Exchange Act of 1934 (the Exchange Act).2 Even post-Enron and WorldCom, SEC cases charging outside directors for failing to heed red flags remain rare. Against this backdrop, any SEC enforcement action against outside directors for failing to take reasonable steps is noteworthy and educational.
The SEC’s first action against an outside director for failing to take reasonable steps came in 2003 when it sued an outside director of Chancellor Corporation, Rudolph Peselman, for financial fraud.3 Peselman, who served on Chancellor’s audit committee, had allegedly failed to take steps to determine whether management’s position on the accounting for a transaction was correct despite there being a disagreement between management and the company’s auditors, and had allowed Chancellor to replace the auditors over the disagreement.4 According to then-SEC Enforcement Director Stephen Cutler, Peselman was "reckless in [his] oversight of management and asleep at the switch." Cutler called the case the "first salvo" against board members who ignore misconduct and said the Commission would use the Peselman case as a model.5
Three years later, in 2006, the SEC charged two outside directors of Spiegel, Inc. in connection with the decision to withhold required financial reports to avoid issuance of a "going concern" opinion by the company’s auditors.6 Four years after that, in March 2010, the SEC filed charges against the former chairman of infoGROUP Inc.’s audit committee for failing to take appropriate action with respect to "significant red flags" related to the company’s failure to disclose millions of dollars in compensation and other benefits provided to the CEO.7 Allegedly, the outside director had failed to appropriately investigate the CEO after serious questions were raised.
SEC v. Krantz
The Commission’s most recent case in this area came on February 28, 2011, when the SEC filed fraud charges against Jerome Krantz, Cary Chasin, and Gary Nadelman, three former outside directors and audit and compensation committee members of DHB Industries, Inc. (DHB or the Company), a supplier of body armor to the military and law enforcement.8 The SEC is seeking fraud injunctions, disgorgement of ill-gotten gains, monetary penalties, and officer and director bars against Krantz, Chasin and Nadelman. At the same time that it filed the litigated action against the three former directors, the SEC filed a settled enforcement action against DHB.9 The SEC alleges that DHB, through its senior executive officers, engaged in accounting and disclosure fraud and misappropriation of company assets that resulted in the Company filing materially false and misleading periodic reports with the SEC. Ultimately, the Company was compelled to file for bankruptcy.
The cases against the Company and the former directors are only the most recent actions involving the financial fraud at DHB. Beginning in 2006, the SEC and the Department of Justice (DOJ) charged DHB’s former CEO David Brooks (a recidivist securities law violator) and two other former DHB senior officers for their roles in the fraud. Last year, following an eight-month trial, Brooks was found guilty of insider trading, fraud and obstruction of justice. Brooks was also found guilty of lying to the Company’s auditors.10
The pervasive misconduct at DHB is detailed in a series of charging documents filed by the SEC and the DOJ as well as the company’s own filings and a Second Circuit opinion rejecting the settlement of a derivative case filed against the DHB Board.11 Briefly, from at least 2003 through 2005, senior management at DHB engaged in widespread accounting fraud, disclosure fraud and misappropriation of Company assets. DHB lacked adequate internal accounting and financial reporting controls. As a result, senior management was able to manipulate DHB’s gross profit margins and earnings by overstating inventory values, falsifying journal entries and failing to include appropriate charges for obsolete inventory. DHB’s lack of internal controls also enabled Brooks to funnel at least $10 million out of DHB through fraudulent transactions with a related entity he controlled. Brooks and others also misappropriated millions from the Company through the use of Company funds to pay for personal expenses, including luxury cars, jewelry, extravagant vacations, prostitutes and Brooks’ horse racing empire. In 2007, DHB restated its financial results for 2003, 2004 and 2005, which eliminated all of DHB’s previously reported 2003 and 2004 profits.
As charged by the SEC, another reason that Brooks and the other two senior managers guilty of criminal fraud were able to carry out their scheme for three years was a failure by DHB’s three non-management directors "to carry out their responsibilities as ‘independent’ directors and Audit and Compensation Committee members" because they "were willfully blind to numerous red flags signaling accounting fraud, reporting violations and misappropriation at DHB. Instead, as the fraud swirled around them, they ignored the obvious and merely rubber-stamped the decisions of DHB’s senior management while making substantial sums from sales of DHB’s securities."
The SEC’s complaint against Krantz, Chasin and Nadelman describes a number of red flags that should have put the outside directors on notice of the misconduct. For instance, DHB’s then-auditors issued a material weakness letter to the Audit Committee concerning DHB’s internal controls over financial reporting, particularly with respect to inventory. When that audit firm resigned,12 DHB’s new auditors also identified multiple internal control deficiencies. The directors also learned that DHB’s then-controller had concerns over the Company’s inventory valuation and had resigned. Despite these concerns raised by the Company’s auditors and controller, Krantz, Chasin and Nadelman allegedly failed to take any meaningful actions. Further, the directors were aware of specific allegations about DHB’s undisclosed related-entity transactions through a company that Brooks controlled. Instead of conducting an independent investigation, the SEC alleges that Krantz, Chasin and Nadelman "allowed Brooks to commission and control an investigation into the issue, which essentially allowed senior management to investigate itself." The law firm that Brooks hired ultimately resigned and called into question its report of the investigation based on previously undisclosed information. Brooks thereafter hired a second law firm and a consulting firm to investigate the issue, again controlling the investigation. Brooks subsequently fired the consulting firm when it questioned his personal expenses. The directors also became aware that the SEC had subpoenaed DHB for documents and requested information regarding the company that Brooks controlled. Despite the resignations of the auditors and law firm, Brooks’ termination of the consulting firm and several SEC subpoenas and request letters, Krantz, Chasin and Nadelman allegedly "continued to ignore these numerous red flags" and failed to take reasonable steps to address them.
The SEC’s complaint further alleges that Krantz, Chasin and Nadelman "willfully ignored red flags because of their loyalty to Brooks and their own self-interest" and "lacked impartiality to serve as independent Board or Audit Committee members." The three outside directors were longtime friends and neighbors of Brooks and had personal relationships with Brooks that spanned decades. Further, they each had business relationships with Brooks that allegedly influenced their impartiality and independence. Krantz served as the insurance agent for DHB and Brooks’ family while also serving as a board member. Chasin and his family went out to dinner with Brooks and his family two or three times a month. Chasin also worked for DHB for a few months on two occasions prior to joining DHB’s board and each time Chasin was paid approximately $100,000. Nadelman and his family regularly attended Brooks’ family social functions and he was a significant investor in one of Brooks’ private companies. The complaint further alleges that the outside directors were influenced by Brooks’ wealth and the perks that he provided to them, including lucrative stock warrants and seats to DHB’s skybox at Madison Square Garden, which Brooks told the directors they could use to help their outside businesses.
Implications for Public Company Outside Directors
As alleged, the failures charged put the DHB outside directors on the wrong end of the continuum of directors’ failures to respond reasonably to red flags. Nevertheless, despite the extreme facts, the case against the DHB directors provides a useful primer on what the SEC believes outside directors should and should not do when confronted with red flags. In Krantz, as in Chancellor, Spiegel, and infoGROUP, the SEC focused on the fact that the directors ignored red flags indicating significant misconduct by senior management. Clearly, it is critical for directors to take appropriate action when the apparent misconduct of senior management comes to their attention.
Of course, in addition to SEC enforcement actions, directors may face liability to shareholders for failing to take reasonable steps in response to red flags. Outside directors are routinely named as defendants in shareholder derivative lawsuits asserting claims for breaches of the duties of care and loyalty and less frequently named as defendants in securities fraud class actions. The Delaware Supreme Court has explained that "[w]here directors fail to act in the face of a known duty to act, thereby demonstrating a conscious disregard for their responsibilities, they breach their duty of loyalty by failing to discharge that fiduciary obligation in good faith."13
Krantz also illustrates how critical it is for outside directors to maintain their independence from management in fact and appearance. When C-suite misconduct occurs and the SEC learns that outside directors have close personal or business ties to senior officers, the SEC will closely scrutinize the directors’ oversight of management and response to any red flags. Delaware law provides useful guidance on the standard for evaluating director independence. The Delaware courts have said that the mere existence of a personal or business relationship with management does not compromise an outside director’s independence, but certain friendships or business dealings may suggest that a director is incapable of acting in the best interests of the company. "At bottom, the question of independence turns on whether a director is, for any substantial reason, incapable of making a decision with only the best interests of the corporation in mind."14
The Commission gives credit for self-policing and cooperation in considering whether to bring an enforcement action, what charges it brings and what sanctions it seeks. As set forth a decade ago in the Seaboard Report, the SEC will consider, among other things, what steps the company took upon learning of misconduct to resolve the issues and ferret out the information necessary to learn the truth fully and expeditiously.15 When the facts indicate possible misconduct by senior management, Seaboard suggests that the Board needs to consider carefully whether a committee consisting solely of outside directors should oversee and perform the review and that where appropriate, that committee should hire outside persons to perform the review who have no previous ties to the company. Section 10A of the Exchange Act, as amended by the Sarbanes-Oxley Act of 2002, provides that audit committees have the authority to engage independent counsel and other advisers as they determine is necessary to carry out their duties.16 Further, public companies must provide for appropriate funding, as determined by the audit committee in its capacity as a committee of the board of directors, for payment of compensation to any advisers employed by the audit committee.17
More recently, in early 2010, the SEC introduced new cooperation initiatives that provide further guidance to directors in the event of unlawful conduct by management. The initiatives include cooperation agreements, deferred prosecution agreements and non-prosecution agreements.18 In December 2010, the SEC entered into its first non-prosecution agreement with a company, in a matter involving children’s clothing marketer Carter’s, Inc. The SEC explained that the agreement "reflects the relatively isolated nature of the unlawful conduct, Carter’s prompt and complete self-reporting of the misconduct to the SEC, its exemplary and extensive cooperation in the investigation, including undertaking a thorough and comprehensive internal investigation and Carter’s extensive and substantial remedial actions."19
What Outside Directors Should Do When Red Flags Appear
Taken together, the SEC’s Seaboard Report and the cases against independent directors from Chancellor in 2003 to Krantz in 2011 provide a useful review of the SEC’s views on what outside directors should do when red flags suggest a potentially significant problem with management misconduct that could call into question the company’s financial statements or other disclosures. First, the outside directors should determine whether the allegations are sufficiently serious and credible that Board oversight is necessary and appropriate. If the answer is yes, either the audit committee or another Board committee exercising their business judgment, with assistance of independent counsel as needed, should:
- Determine whether to engage counsel to represent the company in the matter.
- Determine whether the matter poses sufficiently small risk that it can be investigated internally (by internal audit, for example) or whether the committee should retain experienced outside counsel to conduct an investigation.
- If the committee retains outside counsel, consider whether the circumstances allow the use of counsel previously engaged by the committee or company or whether fresh counsel are required.
- Discuss with outside counsel whether forensic investigators should be retained to assist counsel.
- Determine whether and when the matter should be reported to regulatory authorities and/or prosecutors.
- Refrain (as a committee or individually) from approving SEC filings and other public disclosures before addressing all material red flags.
Responding to the New SEC Whistleblower Regime
We also suggest that all directors of companies subject to the US federal securities laws pay close attention to the SEC whistleblower regime established by The Dodd-Frank Act of 2010. Effective July 21, 2010, the date Dodd-Frank was enacted, whenever eligible individuals voluntarily provide the Commission with original information that leads to an SEC enforcement action resulting in monetary sanctions exceeding one million dollars, the Commission is required to pay one or more of the whistleblowers a total of 10 to 30 percent of monies recovered in the SEC enforcement action and any related actions by the DOJ, US bank regulators, US self-regulatory organizations and US state attorneys general in a criminal case.20 While the final SEC rules for whistleblowers remain to be adopted, the Dodd-Frank whistleblower award and anti-retaliation systems are already in effect. Boards should not wait until the final rules are in place before reacting to the new challenges. We suggest the following steps:
- Ensure that hotline systems implemented in response to Sarbanes-Oxley are operating effectively and have provisions for anonymity, where allowed. If your company operates in countries where anonymous hotlines are restricted, implement separate hotlines for those countries tailored to local requirements.
- Ensure that the organization is prepared to respond to complaints in a timely and appropriate manner. This includes making early case assessments, involving the appropriate individuals in the process, resolving complaints quickly and accurately and tracking complaints from initial contact through investigation and resolution.
- Initiate a robust training and communications effort to ensure that employees know what and how to report internally and that they are aware of the protections given to good-faith reporters.
- Ensure that best anti-retaliation practices are implemented throughout the organization, including at all consolidated subsidiaries wherever located.
- Ensure that developments are monitored so that when final SEC whistleblower rules are issued, the company’s policies, procedures, training and communications can be appropriately amended.