RICHMOND FRAUD EXAMINERS

Conditions Improve for Whistleblowers

The Dodd-Frank Financial Reform Act signed into law in July by President Obama has been both lauded and derided for its new protections for fraud whistle-blowers. The debate notwithstanding, employers will be forced to focus more on rules prohibiting retaliation against whistle-blowers because, among other things, the new law closes the notorious loophole which enabled corporations targeted by whistle-blowers to hide behind the legal language in Sarbanes-Oxley (SOX) that exempted them from compliance with the whistle-blower law if the complaining employee worked for a subsidiary.

Countless complaints of financial wrongdoing have been brought by whistle-blowers who stuck their necks out under the belief that SOX-provided anti-retaliation measures would protect them -- only to be dismissed from their jobs because of this loophole. The companies they worked for had cases against them dropped thanks to the fancy footwork of their attorneys on whom the now remediated SOX flaw was not lost. 

Another critical element of the new financial reform law is its provision allowing employees to report alleged violations of securities law directly to the Securities and Exchange Commission (SEC) or the Commodity Futures Trading Commission (CFTC). The provision allows whistle-blowers to file their complaints directly in court instead of having to complete the painfully bureaucratic administrative process by the Occupational Safety and Health Administration (OSHA), which was the agency designated under Sarbanes-Oxley to process SOX-related fraud complaints.  OSHA's track record during the two Bush Administrations is widely considered to be overwhelmingly anti-whistle-blower. Numerous seemingly solid complaints about corporate financial crime were brought by courageous employees after the enactment of SOX, only to culminate in employment termination as well as the dismissal of their complaints.  The new pro-whistle-blower provisions of the Dodd-Frank law should remedy this, although the discouraging record of SOX-related whistle-blower complaints may have left some enduring reluctance on the part of many potential whistle-blowers.

In addition to eliminating the SOX whistle-blower flaw, the new financial reform law provides what has come to be termed a "bounty" for blowing the whistle on violations of federal securities law. Specifically, the law allows the SEC and the CFTC to award whistle-blowers who provide "original information" about a violation with between 10% and 30% of penalties in excess of $1 million that are collected by the government in connection with the conclusion of a successful enforcement action.  According to the prominent law firm Arnold & Porter, this provision "will likely increase the number of employees who report information to the SEC or CFTC; they provide a financial award for any fruitful tips and… may offset the perceived risk to employees of filing reports that might have otherwise jeopardized their current or future employment."

Importantly, the new provision extends to violations of the Foreign Corrupt Practices Act (FCPA) as well. Because FCPA is considered a securities law, the new "bounty" provision now also applies to employees who file complaints with the SEC for alleged violations of the anti-bribery provisions of the FCPA which, as has been widely reported, are now being vigorously enforced by the SEC and the Department of Justice. With giant-sized penalties like the $800 million one imposed on Siemens AG in 2008, the incentives for employees to report such violations would appear to be rather potent indeed.

Despite the new legal protections and incentives for prospective whistle-blowers, the financial reform act underscores the critical importance of having an effective whisteblower hotline in place. Sarbanes-Oxley requires large publicly traded companies to have such a reporting mechanism in place. However, since the enactment of SOX some eight years ago, employees have not been afforded the protections intended by the Act. Many have been terminated for reporting alleged fraud with less-than-favorable results from filing their complaints of SOX violations with the Occupational Safety and Health Administration (OSHA) -- the agency originally designated by SOX to administer legal proceedings in response to employee complaints of retaliation.

Now, the financial reform law empowers employees who have been retaliated against for blowing the whistle to sue their employers directly in federal court. It also significantly lengthens the deadline by which such complaints must be filed. Specifically, according to Arnold & Porter, the law states that filing a complaint in court is allowed if "the employee reported the alleged violation (1) to the CFTC, for a period of up to two years after the alleged retaliatory act transpired; or (2) to the SEC, the later of (a) six years after the alleged retaliatory act, (b) three years after the employee reasonably should have discovered the retaliatory act, or (c) no later than 10 years after the alleged violation of the securities laws." These limitations periods are significantly longer than provided for in the SOX whistle-blower provisions.

Implication: According to Arnold & Porter, "An employer found liable for retaliating against a whistleblowing employee could be ordered to pay substantial damages and take certain actions including:

* Reinstating the employee with the same seniority status that the employee would have had if the alleged discrimination had never occurred.
* Paying the employee back pay with interest for claims relating to commodities violations or double back pay (i.e., twice the amount in the SOX provision) with interest for claims relating to securities violations.
* Compensating the employee for litigation costs, expert witness fees, and reasonable attorneys' fees."

Bottom line: The financial reform act puts significant new compliance burdens on employers. It also markedly broadens the intended impact of having public companies implement and manage a robust whistle-blower hotline. Specifically, the internal benefits of having an employee hotline -- widely and repeatedly reported by the Association of Certified Fraud Examiners as being instrumental in facilitating the filing of employee fraud complaints -- are now extended beyond the corporation. As labor attorney Jason Zuckerman wrote, "Recognizing that robust whistle-blower protection is critical to preventing another financial crisis, Congress included in the Dodd-Frank financial services reform bill… numerous provisions designed to encourage whistleblowing and to provide robust protection from retaliation."

Key point: If employers handle fraud complaints submitted by employees with fairness and efficiency, the incentives to circumvent corporate hotlines in favor of the federal judicial system may be substantially diminished. This is disputed by some labor attorneys who predict that the prospect of significant monetary awards for reporting securities violations directly to the SEC and/or CFTC will diminish management's opportunity to resolve fraud complaints internally. The jury, as they say, is still out on that point.

Congress Poised to Grant Request for Health Care Anti-Fraud Strike Forces

Congress is set to grant President Barack Obama’s request for a record $1.7 billion to fight health-care fraud, in part to almost triple investigations into crime rings that steal from Medicare. The money, included in both House and Senate versions of a fiscal 2011 spending bill for the Health and Human Services Department, amounts to a $250 million increase. Almost half of that, $116 million, would go toward expanding a program of fraud “strike forces” to 20 cities from seven.  UnitedHealth Group Inc., based in Minnetonka, Minnesota, and smaller health insurers stand to benefit from an increase in the federal government’s fraud effort. Insurers are often victimized by the same criminals that target Medicare, said Louis Saccoccio, executive director of the National Health Care Anti-Fraud Association, a Washington-based group.

“If a certain health provider is defrauding Medicare there’s a good chance they’re defrauding the private side as well,” Saccoccio said. UnitedHealth, the biggest U.S. health plan by sales sees helping companies battle medical fraud as one of the “strong growth areas” for Ingenix, its information-technology and consulting unit, said Andrew Slavitt, Ingenix’s chief executive officer, said in a July 20 call with analysts.

Medicare estimates that about 7.8 percent of the $308 billion it spent in fiscal 2009 was “improper,” a term that encompasses non-criminal waste along with fraud. There is no similar estimate for the private market, Saccoccio said, though his group estimates that about 3 percent of national health spending is lost to fraud every year. National health spending totaled about $2.3 trillion in 2008, according to the most recent estimate from the government’s Centers for Medicare and Medicaid Services.

The strike force program has stopped fraud schemes totaling about $1.9 billion and led to charges against more than 800 people, according to Laura Sweeney, a departmental spokeswoman. The amount of fraud the strike forces have deterred from happening is “far higher but nearly impossible to calculate” said Kirk Ogrosky, a partner at Arnold & Porter LLP in Washington and a former federal prosecutor who began the strike force program in Miami in 2007.  In the strike force’s first year operating in south Florida, Ogrosky said, Medicare observed a $1.2 billion decrease in claims from the area for purchases of home medical equipment, the industry that prosecutors first targeted.  The Obama administration estimates that a budget increase for anti-fraud programs will pay for itself and then some, bringing in $10 billion for the government over a decade.

Jay Darden, another former federal prosecutor who is now a partner at Patton Boggs LLP in Washington, said that the government should consider intensifying its law enforcement in places like Miami -- a hotbed for health-care fraud -- before expanding to more cities.  “I think there’s 20 cities where Medicare fraud is a problem,” Darden said in a phone interview. “I’m not sure you could say there are 20 cities where Medicare fraud is the size of the problem as it is in Miami and Los Angeles and in the southern district of Texas.”  The southern district includes Houston and McAllen, a town that was the focus of a New Yorker story last year examining differences in Medicare spending across the U.S.

The legislation carrying the extra money for fraud-fighting is stalled in Congress due to a partisan debate over government spending. Senator Tom Harkin, the Iowa Democrat who is chairman of the appropriations subcommittee that wrote the bill, said last week that it is unlikely to become law before the end of the year. The full Senate Appropriations Committee approved the bill last week on an 18-12 vote. The additional cities weren’t identified.

The Miami Master of the Ponzi Scheme

As a kid, Luis Felipe Perez cleaned bathrooms at a taco joint. By his 30s, he was a high-end jeweler, riding the streets of Hialeah in a Bentley. He traveled with bodyguards. Donated tens of thousands of dollars to local and national politicians. And even dined at a fete for the king and queen of Spain when the royal couple visited Miami. But his businesses, the feds say, were a sham. His jewelry companies had no employees -- and the man known simply as ``Felipito'' orchestrated a $40 million Ponzi scheme and took part in a $12 million bank fraud conspiracy, according to law enforcement authorities. Even diamonds offered as collateral to investors were fake.



Perez, already facing federal charges for the alleged pyramid scheme, was indicted last week on additional federal charges, accused of conspiring with two others in a scheme to fraudulently obtain millions of dollars in commercial lines of credit. The allegations paint a far different portrait of Felipito from the Hialeah golden boy who gave his mother his first paycheck for $60 and who was mentored by the late Rolando Blanco, a pillar of the community. With his groomed goatee and penchant for well-cut suits, Perez, 38, cut a dashing figure around town. ``In Hialeah, a person who goes around in a Bentley is not an everyday thing,'' said former Police Chief Rolando Bolaños. ``And Felipito did it with a chauffeur, bodyguards and a laptop. It was like his mobile office.''

The Securities and Exchange Commission says investors' money supported Perez's lavish lifestyle. He and his ex-wife bought a $3.2 million Mediterranean-style villa on the edge of Coral Gables, east of U.S. 1. Perez also spent $400,000 to lease luxury cars; $200,000 on vacations; $300,000 on clothes for his wife; $200,000 on extravagant dinners; and $100,000 on art, according the SEC.  In June, Perez was accused of swindling about 35 investors in a $40 million Ponzi scheme from 2006 through May 2009. He faces a civil complaint by the SEC and six federal counts of securities fraud.  He allegedly promised investors high rates of return -- up to 120 percent annually -- in exchange for investing first in his jewelry business, then in pawn shops in New York.

His criminal-defense attorney, Alvin Entin, said that for several months Perez has been cooperating with authorities in a widening investigation. ``It's going to continue,'' Entin said of the probe.  The legal case involving Perez has already grown. The latest federal indictment, filed Wednesday in Miami, alleges Perez helped orchestrate a $12 million bank-fraud conspiracy with accountant Berta Sanders, 61, of Miami Lakes, and Richard Garcia, 29, of Miami, a former loan officer at Wachovia Bank, now Wells Fargo. Both Sanders and Garcia have been released on bond. Sanders has pleaded not guilty. According to the indictment: Sanders prepared at least 25 fraudulent loan applications on behalf of borrowers to gain commercial lines of credit -- $12 million in total. Garcia told Sanders what information needed to be faked to gain the credit. And Perez recruited borrowers, encouraging them to invest the money in his business ventures.  The borrowers -- who are not named by federal authorities -- allegedly paid Sanders 10 percent of the loan amounts for her help. Sanders shared $134,000 with Garcia, who faces six counts of receiving gifts to procure loans. The bank allegedly ended up suffering $10 million in losses after borrowers defaulted on most of the lines of credit.

In addition, Perez, Sanders and Wachovia Bank face a civil suit in Miami-Dade Circuit Court. A lawyer for the bank, Niall McLachlan, declined to comment.  In the civil case, business owners Mayra Velez, Manny Alfonso, Luis Estrada and Daniel Hernandez claim to have been ``caught in the conspiracy.'' The suit details how they were introduced to Sanders, paid her commissions for obtaining loans -- each in the hundreds of thousands -- and how they invested the money with Perez with his promise of high returns. The complaint names bank employees Garcia and Daniel Rivera, who no longer work there. Rivera could not be reached for comment. Their attorney, Peter Valori, said the plaintiffs did not know about false information on their applications and together lost more than $5 million.  The plaintiffs may not be so innocent, said Joshua Entin, who represents Perez in the civil lawsuit. ``They should concern themselves more with the false information presented to the bank to obtain funds that eventually were invested with my client,'' said Entin, the nephew of Perez's criminal-defense attorney.

Perez faces six counts of securities fraud; each count carries a maximum of 20 years in prison. The bank-fraud charge has a 30-year maximum. He is currently in custody. Perez, born in Havana in 1972, arrived in South Florida with his parents at the age of 5. His mother, Aida Perez, said her son was always a hard worker.  ``My son brought me his first check for $60 when he started working at 12 years old, cleaning bathrooms and making picadillo in a taquería,'' said Aida Perez, who runs Aida Hair Designs in Hialeah.  Perez eventually became an entrepreneur mentored by Blanco, whose business ventures included towing companies and real estate. After Blanco's death in 2007, Hialeah named part of West 77th Street in his honor. ``Felipito was like a son to Rolando Blanco,'' said former Hialeah Mayor Raul Martinez.

Fostering a Culture of Compliance

We're hearing lots of buzz these days about "culture of compliance" and "chief compliance officer" and "ethical climate." But what does it really mean to have a culture of compliance? Compliance with what?
Well, the short answer is that it depends on your organization. The long answer is that there are a multitude of regulations and internal policies with which organizations and their employees must comply to maintain a positive reputation, both internally and externally, as well as to avoid hefty fines and even jail time in many cases. Federal legislation, such as the Sarbanes-Oxley Act and the Foreign Corrupt Practices Act, impose numerous responsibilities on U.S. organizations. Many industries, such as the energy and banking sectors, have additional federal regulations with which companies must comply, resulting in entire departments dedicated to ensuring compliance. And then there are the internal policies and procedures that companies implement, by which employees and consultants are expected to abide.


 

So how do we create a culture of compliance in this world of so many rules? There are a few important things organizations can do to exude strong ethics and foster a culture of compliance:

1) Tone at the top -- This phrase has been exhausted in the business world, but for good reason. An organization's image, both internally and externally, is created almost entirely from the attitudes of the executives of the organization. If the executives believe that the rules don't apply to them (which, by the way, is a fraud risk), their staff members aren't likely going to be motivated to follow the rules themselves. But an executive team that shows the world how important the rules are by strictly following them is much more likely to inspire the staff to behave in the same manner.

2) Training -- Employees can't possibly be expected to follow the rules if they don't know what they are. Let's be honest -- many employees aren't going to do their own homework and find out what all of the organization's policies and procedures state, nor are they likely to learn about the industry regulations on their own. So it's important to provide training to employees on the policies, procedures, and regulations with which they are expected to comply. The benefit of such training is two-fold:

* It gives employees the tools they need to contribute to the culture of compliance with the knowledge of the requirements.
* It shows the staff that the organization's leaders value compliance enough to take the time to train them.

Live training is typically the best way to show employees just how important compliance is to the organization. Make it fun and engaging with quiz questions throughout the course or an interactive game at the end. Allowing people to sit in the back of the room and nod off during the training probably isn't going to be terribly effective, so keep folks engaged. If computer-based training is the best option, make sure it's created in a way that doesn't allow employees to hurry through it without retaining any of the content. A quiz at the end is a helpful way to ensure people were paying attention or at least already knew the rules. So train well and train often -- people forget this stuff over time, too. Once-a–year review courses are probably enough to keep people fresh.

3) Code of Conduct/Ethics Policy -- Even the tone of the code of conduct can influence the ethical climate and culture of compliance in an organization. If the code of conduct is long, punitive in tone, and boring, employees are not as likely to be inspired to follow it. However, if the code of conduct is clear and concise about the expectations of staff behavior, employees are much more likely to adopt and adhere to its contents. Adding some lighter and more humorous language to the code of conduct, depending on the type and culture of the organization, can sometimes engage and inspire employees as well. (For an example of a code that uses casual and humorous language to inspire adherence, see Google's code of conduct.) Make sure the code of conduct is displayed all over the company's offices to remind people of what they are expected to do. Again, people tend to forget things if not regularly reminded of them. Posting the code of conduct around the office and on the organization's website also communicates the importance of compliance to the organization's management.

4) Chief Compliance Officer -- Designating a high-ranking employee in the organization as the chief compliance officer or chief compliance and ethics officer adds additional support to the culture of compliance. Ideally, this person should be a well-respected individual with a strong ethic and a charismatic personality to best inspire the staff to be compliant and ethical. In some organizations, this person is the director of internal audit; in others, it's a separate vice presidential position. Any number of positions in an organization may be suitable for this designation.

Creating a culture of compliance and establishing a high ethical standard in an organization reduces employees' motivation to commit fraud and creates an inspiring and ethical environment in which to work.

Smaller companies and nonprofit organizations -- in which the chief compliance officer is also the CFO/controller/bookkeeper -- also can and should work to proactively create a culture of compliance. Such organizations frequently don't have enough employees to adequately segregate duties to provide sufficient control over the money and financial statements. Therefore, they often have a higher risk of fraud due to increased opportunity, making it even more crucial to create a culture of strong ethics and compliance.

The four practices mentioned in this article are not expensive, nor are they incredibly time consuming if done efficiently; any organization can implement them. The "culture of compliance" buzz is not a short-term fad. Not only is it important to help companies reduce the risk of fines and an unfavorable reputation, but it is also an excellent fraud prevention method.

September - October 2010 Lecture

 For our new members and  those of you who are unfamiliar with the way the virtual meetings work...at each virtual meeting, a password protected lecture is made available for downloading and reading.  The password was e-mailed you  with the meeting announcement.  To be able to open the lecture, you must have the Adobe Acrobat Reader installed on your computer.  If you don't have Adobe, you can download it for free at http://www.adobe.com/.  Chapter members  whose annual dues are current may receive credit for all twelve hours of CPE (2 hours for each of six annual meetings).   Invited guests who are not members of the Chapter but who have received a meeting announcement may download and receive credit for two lectures per year for a total of 4 CPE.   Guests who decide to join the Chapter may receive the entire 12 hours by paying the annual Chapter dues of $15.00. 

Click here to Join the Richmond Chapter Online!  

If you are a CFE or other professional interested in fraud investigation and prevention, we urge you to join our Chapter.  If you decide to do so you can join on line by clicking here.  Follow the directions on the form.  

• Members and invited guests should read the lecture material, then click on the link to the answers page below.  Answer the questions on the page and then submit the form by clicking on the button at the bottom of the page.   Don't forget to click on the submit button or we will not be able to receive your answers.

Your answers are graded  and, if you achieve a score of 75,  we will e-mail you a digitally signed certificate of completion.  Since our Chapter is certified by the Virginia Society of CPA's as a CPE provider, those taking our lectures will receive a certificate bearing the Chapter's provider number.  The number which appears on your certificate is the Virginia Society number for the Richmond Chapter of Certified Fraud Examiners.

Chapter members and invited guests can open this file and read it by clicking on the following link.  You will be asked by Adobe for a password...use the password we e-mailed or faxed you notifying you of the virtual meeting.  We will e-mail you a digitally signed certificate of completion after we receive and grade your answers." 

To open this month's lecture, click on the link at the top of the page.  When the lecture opens in Adobe, supply the password you were e-mailed....