Question

We recently discovered that one of our executives opened up a joint checking account in a different state in both his name and the name of the Company. The Company is a privately held company doing business in 40 states.

The employee opened up this "joint checking account without the Company's knowledge or consent. This employee has direct contact with many of our customers and has convinced some of them to deliver checks for select purchases directly to him. Delivering checks directly to an employee (even an executive) is a direct violation of Company policy which requires that all payments be mailed to a lock box identified on the invoice. The employee is cashing those checks in his “joint checking account.” He is then using some of the money to finance his lavish lifestyle, and the rest to create unauthorized product programs for customers to stimulate business and make his numbers look higher, and thereby increase his compensation. The employee has been doing this for several years, and the scheme appears to get bigger every year which is why he has been able to hide it for so long. He uses some of the extra money he gathers each year to pay off customers in prior years. It appears at this point that customers are out of pocket in excess of $1.5 million, and the employee has spent all of the money he misappropriated except for $50,000.

Customers are starting to raise questions. Since the employee was acting in direct violation of Company policy and it appears he was doing so only to benefit himself, the Company does not have any liability for his misconduct. Right? What options should the Company consider?

Answer

 [Readers: Last week, Tom Treptow, my colleague in our Anchorage office, addressed the issues associated with employer liability for wrongful conduct engaged in by nursing home employees. See Quirky Question # 112 for Tom’s insights into this topic. This week, as addressed in the analysis below, two of my colleagues in our Minneapolis office, Ed Magarian and Andrew Holly, have explored several related issues associated with wrongful conduct by a company’s employees. Specifically, Ed and Andrew, who both work in Dorsey’s Trial Department and who participate in our White Collar Crime Practice Group, examine the potential criminal and civil penalties that a company faces when one of its employees engages in criminal behavior.]

Ed and Andrew’s Analysis of Quirky Question # 113

Not so fast. Both federal and (in many cases) state criminal and civil laws have draconian rules regarding an employer’s responsibility for its employees’ acts. Under federal law, for example, a corporation may be criminally responsible for its employees’ illegal acts if (1) the employee is acting within the scope of his or her authority; and (2) his or her conduct “at least in part” benefits the corporation. See, e.g., United States v. Automated Medical Laboratories, Inc., 770 F.2d 399, 407 (4th Cir. 1985); United States v. Jorgensen, 144 F.3d 550, 560 (8th Cir. 1998). The rank or position of the employee will not provide a defense to a criminal charge. See United States v. Basic Construction Co., 711 F.2d 570 (4th Cir. 1983). Nor will a company be able to defend itself based on the fact that the employee’s actions violated company policy. Automated Medical Laboratories, 770 F.2d at 407.

For example, in Automated Medical Laboratories, the Fourth Circuit concluded that there was sufficient evidence to convict Automated Medical Laboratories (AML) based upon one of its employee’s falsification of documents presented to the FDA. Although the employee’s actions were geared towards helping him advance in the company, the Court concluded that he was “clearly acting in part to benefit AML since his advancement within the corporation depended on AML’s well-being and its lack of difficulties with the FDA.” Id. at 407 (emphasis added). Thus, the conviction was upheld even though the criminal acts were meant to benefit the employee, and had only an incidental benefit to the Corporation.

Under Federal law, then, your executive’s actions may subject your company to criminal charges even though your company had no knowledge of your employee’s conduct. Assuming your executive had the “actual or apparent” authority to accept payment from customers for purchases, he could be found to have been acting with the scope of his authority. See United States v. Investment Enter. Inc., 10 F.3d 263, 266 (5th Cir. 1998) (“A corporation is criminally liable for the unlawful acts of its agents, provided that the conduct is within the scope of the agent’s authority, whether actual or apparent.”); United States v. Bi-Co Pavers, Inc., 741 F.2d 730, 737 (5th Cir. 1984) (noting that an employee has “apparent authority” to take actions on behalf of the corporation that third parties would reasonably assume the agent to have). Here, a prosecutor could argue that your company received an incidental benefit from the executive’s actions. His attempts to “stimulate business” and to “make his numbers look higher,” the prosecutor could assert, benefited the company in part by increasing revenue for the Company. Therefore, even though the executive’s prime purpose was to benefit himself, your firm faces potential criminal charges because of his behavior. Automated Medical Laboratories, Inc., 770 F.2d at 407; United States v. Gold, 743 F.2d 800, 823 (11th Cir. 1984).

Even if your company is able to avoid criminal charges, your business still faces a substantial risk of civil liability. While some states have enacted statutes limiting a corporation’s liability for the crimes of an employee, (see, e.g., Iowa Code § 703.5), most states still have harsh civil rules that make an employer responsible for any action taken by employees in the course of their employment. E.g., Youngblood v. Wall, 815 S.W.2d 512 (Tenn. App. 1991) (“The employer is generally liable for the frauds and misrepresentations of his employee made within the scope of that employment even when he has no knowledge thereof under the doctrine of respondeat superior.”). Each state will have its own rules, but generally speaking an employee acts within the “course of employment” when his or her actions further the interest of the employer – even if the employer did not approve or know of the illegal means. See, e.g., Noah v. Ziehl, 759 S.W.2d 905 (Mo. App. 1988).

Just as with the criminal law risks, your firm faces a significant risk of civil liability. Again, your executive’s fraudulent scheme may have at least incidentally “advanced the cause of” the company by adding new customers, adding revenue for the company, increasing your sales, etc. See, e.g., Roethke v. Sanger, 68 S.W.3d 353, 361 (Ky. 2001). It may be difficult for your company to avoid civil liability, particularly if your retention or supervision of the employee was in any way reckless or negligent.

Note that compensatory damages may be the least of your worries in any civil suit filed by the victims of the fraudulent scheme. Since your executive was “employed and acting in a managerial capacity,” your company could face punitive damages as well. Restatement (Second) of Torts, § 909. (Punitive damages also could be authorized for the torts of non-management employees where the corporation authorized or ratified the tortious conduct, or it recklessly hired or retained the employee. Id.)

So even if your company took reasonable precautions to prevent this type of behavior, it could still face potentially devastating criminal charges and costly civil claims due to the actions of a rogue employee. And the negative publicity flowing from the mere threat of criminal charges – even weak charges – can in many cases be much worse than the criminal sanctions themselves.

How, then, should your company, or any firm that finds itself in similar circumstances, respond once it finds out that an executive has engaged in criminal conduct that exposes your company to both criminal prosecution and civil liability? Time is typically of the essence to take appropriate steps to lessen the risk of criminal prosecution and civil liability. Some options your company should consider include, for example:

1. Conduct an investigation to determine exactly what happened, who (if anyone) knew about the executive’s actions, and who was harmed. Your company must decide whether to conduct the investigation internally or to engage outside counsel. Whether conducted internally or by outside counsel, appropriate investigative processes must be observed or this could limit your options in negotiating with the government or with a plaintiff’s lawyer. It is often stated that “knowledge is power.” Finding out what happened will allow you to make intelligent decisions going forward, and determine the scope of the overall exposure.

2. Take immediate steps to prevent further potential harm, by determining whether your executive should be suspended pending further investigation. Additional, give thought to whether steps can be taken to preserve assets or prevent additional loss.

3. Consider how your company should address potential claims by victims. If your company’s liability is clear, you may want to consider proactively contacting customers to settle claims with them. Doing so could turn your business from being a target of an investigation to a victim, and persuade the prosecutor to exercise her or his discretion not to bring criminal charges against your firm. Once that step is complete, you may wish to consider other proactive options to mitigate the harm caused by the executive’s fraud. Depending on the particular facts uncovered during the investigation, potential options include:

Giving notice of a potential claim to any insurers that might be liable for such a loss.

Filing a lawsuit and seeking an emergency injunction to freeze criminal proceeds such as the joint bank account, and otherwise seeking recovery from the executive for the loss;

Investigating the bank. Why did the bank agree to open an account in your company’s name? Did the executive have proper credentials to open the account? Did anyone at the bank benefit from or know of the scheme? Time may be of the essence as the timeline on notifying the bank may be quite short.

Contacting the victims and (if feasible and warranted), consider compensating them for their losses.

Disclosing the issue to law enforcement authorities. Your company may actually decide to disclose the criminal behavior to the authorities if your firm initially uncovered it. If your executive were convicted of criminal conduct, your company could ask for an order of restitution (for amounts reimbursed to your clients).

Investigating whether other company employees were involved, or whether there are other irregularities in the business conducted by the executive.

Examining your company’s controls to evaluate whether they need to be modified. Ascertain how the wrongdoing escaped detection for so long and consider changes that will prevent this from happening again.

Examining the company’s compliance policy (or if your firm does not have one, draft and implement an effective compliance policy). Train employees on the compliance policy, and remind employees of all avenues to report irregular activity.

Additional factual circumstances, not presented in your question or perhaps currently unknown to you, may present other or different opportunities to respond to this crisis. The guiding principle, however, should be to develop a strategy designed to minimize the likelihood that your company will be prosecuted, be the subject of bad publicity, or named as a defendant in a civil lawsuit.