Fred Gibson, a deputy inspector general at the FDIC, made news this week when he announced his agency was working with the FBI to investigate crime in federally insured financial institutions and recover more money from persons formerly affiliated with such banks. The FDIC has long held the power to investigate member-insured institutions, as well as individuals affiliated with such institutions, defined under some statutory constructs as “institution-affiliated parties.” Indeed, throughout the savings and loan crisis in the 1980s, the FDIC actively cooperated with other federal agencies with wide-ranging results. As The Wall Street Journal reported on November 17, 2010, the S&L probes of the '80s resulted in prosecutions of approximately 1,850 “bank insiders.” Thus, at first glance, the FDIC's announcement this week should come as no surprise. However, the FDIC has laid low for a decade, making some forget that it enjoys a lower standard of proof to recover civil remedies and a wide berth in the criminal arena as well. Current and former bank executives, as well as other individuals with relationships to financial institutions, should be prepared for several years of increased scrutiny.
The Federal Deposit Insurance Act of 1933 (Act) created the FDIC and gave it power to regulate financial institutions and punish them for risky behavior. The Act has been amended numerous times, including with the passage of the Financial Institutions Reform, Recovery and Enforcement Act (FIRREA), designed to bolster the FDIC's investigatory power to punish “failed” banks and the persons who contributed to their demise. Among other things, the FDIC has the power to terminate or suspend a financial institution's federal insurance, order an institution not to engage in behavior it deems “unsafe or unsound,” take affirmative action to remedy the effect of any “unsafe or unsound” practice (including taking “any action the agency deems appropriate”), and order civil monetary penalties totaling up to $1.25 million per day or one percent of the institution's total assets.
The FDIC also may, as the conservator or receiver of a failed financial institution, bring actions seeking civil monetary damages for damage caused to the institution by its directors and officers. In these actions, the FDIC must show only that the defendant was “grossly negligent” or disregarded the duty of care he owed to the failed bank, and the applicable standard may be less (e.g., simple negligence) if allowed under state law.
The Act also directs the FDIC to cooperate with other federal agencies to police its member institutions and affiliated parties. Indeed, at least two reporters covering Mr. Gibson's announcement linked the FDIC's investigations with the FBI's increased efforts to combat bank and mortgage fraud. Combining the FDIC's subpoena power with other agencies' arsenals gives it almost any tool necessary to proceed apace, civilly and criminally.
Increased Scrutiny for “Unsound” Practices
The federal criminal code contains several statutes designed to punish institutions and their affiliates for knowingly violating the law. For example, bank fraud, wire fraud, mail fraud, and obstruction statutes make it a crime for an institutional or individual target to lie to a financial institution to obtain money or property that does not belong to him. It also is a crime to lie to an agent who is investigating such actions. However, under the criminal code, an “unsound practice” in and of itself is not necessarily criminal, but more likely a bad business decision.
To prove an institution or an affiliated party acted criminally, the government must prove the target acted “knowingly,” commonly defined as being aware of one's own actions and conduct, and not acting through ignorance, mistake, or accident. The law also says a trier of fact may infer knowledge from a combination of suspicion and indifference to the truth. Commonly known as the “ostrich instruction,” juries are frequently instructed that a defendant cannot bury his head in the sand and refuse to learn of incriminating facts or circumstances that, if known, would be criminal.
On the other hand, the FDIC (or the bank's other primary federal regulator) may sue an institution or person civilly when it or he acts “recklessly,” or when he was “grossly negligent” in managing and supervising particular bank programs, which requires a lower standard of proof. For example, Illinois law defines “reckless” behavior as a conscious disregard for a substantial and unjustifiable risk that circumstances exist or that a particular result will follow. Thus, if a bank officer made it his practice to fund “unsound” loans that were unlikely to return a profit over time, or failed to carefully scrutinize lending practices, he likely subjected himself to a federal lawsuit and the other administrative penalties identified above. On the other hand, if a decision-maker acted legally, honored his fiduciary responsibilities, and made responsible decisions in the best interests of the financial institution, he should feel relatively comfortable.
As noted above, the standard of proof may be even lower in civil damage actions brought by the FDIC as the receiver of a failed bank, if state law allows. In one of the cases cited in the article in The Wall Street Journal, the FDIC filed a complaint on November 1, 2010 against directors and officers of a failed Illinois bank alleging in part claims based on simple (not gross) negligence.
Thus, the Federal Deposit Insurance Act provides an interesting and potential template for federal agencies seeking to expand their options for pursuing those who arguably caused the current financial crisis, namely banks and persons who approved risky investment decisions. The Act identifies situations in which an institution-affiliated party may be held liable for “unsound practices,” and covers almost any natural person with any contact with a financial institution (short of a customer or bank robber) and, in certain instances, can include entities. For example, institution-affiliated parties can be directors, officers, employees, controlling stockholders, and agents of a bank; any person required to file change-in-control notices with federal banking agencies; shareholders, consultants, and joint venture partners who participate in the conduct or affairs of an insured depository institution; and any independent contractor. Pursuant to the Federal Deposit Insurance Act, if any such person “knowingly or recklessly” violates any state or federal law, breaches a fiduciary duty, or engages in “any unsafe or unsound practice” likely to result in a “more than minimal loss to, or a significant adverse effect on,” an institution, he may be subject to the FDIC's broad remedial powers and penalty provisions. And the standard of culpability may be even lower when the FDIC complains as receiver of a failed institution invoking lower state law standards.
As the FDIC announces civil suits under these lower standards of proof, it may be that criminal investigators begin (or intensify) investigations into similar conduct, searching for potential criminal violations based on the same business decisions. In this way, institution-affiliated parties ordinarily subject to civil penalties or sued under the receivership provisions of the Act may find themselves in receipt of criminal subpoenas or agent requests for interviews. In this way, any affiliated person who was indifferent to his bank's allegedly unsound practices, or recklessly disregarded information about certain decisions made by a bank, may be a witness to, or the subject or target of, a federal criminal investigation. Although the FDIC has not said as much, it makes sense that criminal investigators will work with FDIC civil resources to recover maximum penalties.
So far, the FDIC has taken credit for only a couple of filed civil lawsuits arising out of the recent banking crisis, but the November 17 article in The Wall Street Journal reports that the FDIC's board of directors has approved 50 more such suits. The increase in filings is not surprising, given the lower standard of proof required for civil liability. Banks and individuals should not be alarmed if they receive (or learn of) criminal grand jury subpoenas targeting the same business practices and decisions. As the FDIC partners with the FBI and other agencies, they are likely to carefully scrutinize strategies to determine whether decision-makers were asleep at the switch or actively engaged in a risky investment strategy.
The fact that courts have not yet been clogged with FDIC-backed filings likely is the result of careful investigation by regulators and agents, as well as a 10-year statute of limitations for bank fraud prosecutions. Thankfully, the FDIC and other government investigators pride themselves on taking time to review records, interview witnesses, and carefully evaluate evidence, including to determine whether a target is criminal or civilly liable, or not at all responsible for an institution's failure. While the uncertainty may frustrate some, it is arguably a better course than diverting resources to respond to unsupportable claims.
A Harbinger of Things to Come
The FDIC's announcement this week is a harbinger of things to come: namely, an increased volume of civil lawsuits and criminal indictments to recover losses due to allegedly “reckless” and “unsound” practices over the past decade. Given the broad authority Congress granted the FDIC in the Federal Deposit Insurance Act, it was only a matter of time before the agency made an announcement like Mr. Gibson's this week. As other federal agencies partner with the FDIC, the scope of these lawsuits — civil and criminal — is likely to soon outpace even the FDIC's announcement this week.