A number of stories commemorating the tenth anniversary of the Sarbanes-Oxley law last Monday whined that prosecutors have brought few individual criminal cases tied to the financial crisis.
The SEC has been busy with non-crisis-related insider trading cases, but the scoreboard does show a handful of crisis-related civil complaints using Sarbanes-Oxley laws. But that misses the bigger picture.
The Department of Justice, the SEC and, of course, numerous private plaintiffs have sued banks quite a few times in the last 10 years since Sarbanes-Oxley went into effect for fraud and illegal acts including financial crisis crimes. The problem is not too few prosecutions, but that no one at the top of these organizations typically takes a fall for the crimes. There's also no penalty for repeatedly breaking promises to the DOJ and SEC to never break the laws again.
The moral hazard that results when banks take for granted taxpayer bailouts is nothing compared to the pass they get when the prosecutors and market watchdogs don't punish repeat offenders.
The law firm Gibson Dunn recently published a report on deferred prosecution and non-prosecution agreements, DPAs and NPAs, for the first half of this year. DPAs and NPAs are used when prosecutors believe criminal conduct may have occurred but, because of a company's extensive cooperation, willingness to fire responsible executives, or the potential for serious collateral damages, a guilty plea would not be in the public's best interest. The Department of Justice has used these agreements for more than a decade and the SEC since 2010. About 33% of DOJ agreements have primarily addressed fraud claims and approximately 26% have covered Foreign Corrupt Practices Act claims since 2000. Guilty plea collateral damage can affect shareholders, employees and other corporate stakeholders. The consequences of a guilty plea to a bank or financial institution include loss of state and federal charters, credit downgrades and breach of debt covenants as well as reputational risk.
Since 2007, the Department of Justice has used DPAs or NPAs 17 times against banks and fined them more than $4 billion. But, in spite of promising more than once not to commit crimes ever again, UBS, Barclays and Wachovia are recidivists. The SEC has used NPA and DPA agreements sparingly since 2010 and only two of them were for financial institutions, Fannie Mae and Freddie Mac. Those charges related to the subprime loan collapse and alleged wrongdoing from 2006 to 2008. The NPAs with Fannie and Freddie had no financial penalties and were announced in conjunction with still unsettled civil charges against three top former executives of each firm for securities fraud.
DPAs and NPAs include the caveat that if the offender corporation "commits any … crime subsequent to … this Agreement, or if [the offender corporation] has given false, incomplete, or misleading testimony or information at any time," the firm is subject to prosecution for any federal violation of which the DOJ has knowledge, including perjury and obstruction of justice.
JPMorgan Chase and Wachovia have been ordered to "cease and desist" breaking the law by the SEC in addition to being on the receiving end of NPAs and DPAs. Citigroup has signed three "cease and desist" orders between 2006 and 2011, including one for its CDO sales practices during the financial crisis. Citigroup has been a repeat offender in other areas.