Criminal Justice Section  


Criminal Justice Magazine
Winter 2004
Volume 18 Number 4

Sarbanes-Oxley Puts Teeth into Criminal Sanctions

By Michael S. Pasano and Thierry Olivier Desmet

Michael S. Pasano is a litigation partner in the Miami office of Zuckerman Spaeder LLP. He is a former federal prosecutor in the District of Columbia and Florida and current Section vice-chair for planning. Thierry Olivier Desmet is an attorney in the division of enforcement of the Southeast Regional Office of the U.S. Securities and Exchange Commission.

Editor’s Note: The Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or statement by any of its employees. The views expressed herein are those of the authors and do not necessarily reflect the views of the commission or its staff. This article does not contain any nonpublic information.

Recent corporate scandals making headline news result from the discovery that mutual funds managers and directors failed to protect small investors by allowing hedge fund clients to engage in late trading and by helping them hide market-timing trades. This conduct, while reprehensible, is arguably the least egregious in the long list of highly questionable transactions that have been uncovered by regulators in the last two to three years. From the WorldCom scandal, a fraud resulting in the largest bankruptcy in American history, to the accounting fraud alleged at Xerox and Adelphia Communications Corp., to Dennis Kozlowski’s grotesque $1 million toga party billed to Tyco, the reputation of our markets, if not of capitalism itself, has been badly shaken.

The discovery of this culture of abuse and greed led Congress to conclude that the protection of investors necessitated increased federal scrutiny of corporate America. Opening a new chapter in the federalization of criminal law, an overwhelming majority of Congress passed the Sarbanes-Oxley Act of 2002 (SOX), which was signed into law on July 30, 2002. (Pub. L. No. 107-204, 116 Stat. 745 (2002).)

Designed to deter wrongful conduct and restore investor confidence in the securities markets, SOX contains civil and administrative reforms that address the perceived shortcomings of existing corporate governance and accounting industry practices. Importantly, SOX also creates new criminal statutes, amends existing criminal statutes, and enhances the penalties for existing federal offenses. (SOX’s criminal provisions are contained in Title VIII, the Corporate and Criminal Fraud Accountability Act of 2002; Title IX, the White-Collar Crime Penalty Enhancement Act of 2002; and Title XI, the Corporate Fraud Accountability Act of 2002.)

Although the current debate over SOX has mostly focused on reporting requirements and on the ethical roles of inside and outside counsel, the most significant impact of SOX will emerge in the criminal arena. Many of the corporate scandals have been in the news for a couple of years, but these massive financial cases are document-intensive and take years to investigate. Prosecutions associated with these corporate scandals, covering pre-SOX and post-SOX conduct, are beginning to culminate in trials or guilty pleas. Many Enron executives have been charged with conspiracy and securities fraud. A former Rite Aid Corp. executive recently pled guilty to charges that he conspired to inflate his company’s earnings. Prosecutors indicted the ousted chief executive officer of HealthSouth Corp., one of the largest health care chains in the country, on charges that he ordered earnings to be inflated and covered up the scheme with false accounting entries. HealthSouth’s chief financial officer also pled guilty to a charge of false certification of financial results. And this is just the beginning.

Relationships with external auditors

The relationships between corporations and their external auditors are fundamentally impacted by SOX, and these parties will have to adapt to the new requirements. First, accounting firms will seriously have to address their document retention responsibilities. Section 103(a)(2)(A)(i) requires accountants who audit public companies to retain all audit and review work papers for at least seven years. The rule, which is effective for all audits completed on or after October 31, 2003, defines the categories of documents to be retained. ( See SEC Final Rule: Retention of Records Relevant to Audits and Reviews, Release No. 33-8180 (Jan. 24, 2003).) These documents include work papers; documents that form the basis of the audit; documents created, sent, or received in connection with the audit; documents containing opinions, analyses, or financial data related to the audit; and documents related to a significant matter that are inconsistent with the final conclusions of the auditor. ( See id.) Pursuant to section 802, any knowing or willful failure to retain such papers for at least seven years is punishable by a fine and up to 10 years in prison. (18 U.S.C. §§ 1519-1520.)

Second, SOX section 303(a) prohibits any officer or director of a public company or person acting at the direction of any officer or director of a public company from fraudulently influencing, coercing, manipulating, or misleading any independent public or certified accounting firm for the purpose of rendering the issuer’s financial statements materially misleading. ( See Rule 13b2-2(1), effective June 27, 2003; see SEC Final Rule: Improper Influence on Conduct of Audits, Release Nos. 34–47890 (May 20, 2003).) The types of conduct that the commission perceives as constituting “improper influence” include, but are not limited to: offering or paying bribes or other financial incentives, including offering future employment or contracts for nonaudit services; providing an auditor with an inaccurate or misleading legal analysis; threatening to cancel or canceling existing nonaudit or audit engagements if the auditor objects to the issuer’s accounting; seeking to have a partner removed from the audit engagement because the partner objects to the issuer’s accounting; blackmailing; and making physical threats. ( See id.)

Sections 103(a) and 303(a) strengthen the independence of outside auditors by ensuring that relevant documents are kept intact and by prohibiting issuers from applying pressure on auditors to modify their opinions.

More whistle-blowers

SOX section 1107 prohibits anyone from knowingly taking any harmful action against a person with the intent to retaliate against that person for providing truthful information to a federal law enforcement officer relating to the commission or possible commission of any federal crime. (18 U.S.C. § 1513(e).) All adverse employment actions appear to be covered by this section, which encourages cooperation between corporate insiders and federal authorities. The maximum penalty for violation of this section is 10 years in prison and/or a fine.

As a result of the enactment of section 1107, corporations will expend resources to create workplace guidelines that address reports of possible wrongdoing by their employees and make sure that no retaliatory measures are taken against them. Moreover, more employees will come forward to report to regulators acts perceived to be fraudulent.

More obstruction of justice prosecutions

Like the bank fraud and healthcare fraud enactments that preceded them, SOX provisions promise to be broadly used by federal prosecutors. Particularly likely are increased prosecutions alleging obstruction of justice.

SOX section 802, which amends the federal obstruction of justice statute, prohibits anyone from knowingly altering, destroying, mutilating, concealing, covering up, falsifying, or making a false entry in any record or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any bankruptcy case under Chapter 11 of the Bankruptcy Code, or in relation to or contemplation of any such matter or case. (18 U.S.C. §§ 1519–1520.)

The language of this section means that a federal investigation or bankruptcy need not be pending for a crime to be committed or a prosecution to take place, and can simply be contemplated. For example, this section would cover a person’s destruction of documents before a formal SEC investigation even begins. In addition, not only does the broad language of this section appear to cover conduct by anyone ordering destruction or concealment, but also appears to apply to conduct by anyone actually following such orders. The maximum penalty for violation of this section is 20 years in prison and/or a fine.

SOX section 1102 prohibits anyone from corruptly altering, destroying, or concealing a document with the intent to impair the object’s integrity or availability for use in an official proceeding or otherwise obstruct any official proceeding. (Amending 18 U.S.C. § 1512.) A violation of this section is punishable by up to 20 years in prison and/or a fine.

Using SOX sections 802 and 1102, prosecutors will file more obstruction charges similar to the prosecution of former Silicon Valley investment banker Frank Quattrone, accused of advising his colleagues to “clean up” their files, a prosecution that recently resulted in a mistrial. Federal prosecutors have already charged a former Ernst & Young partner with violating SOX section 802 for allegedly obstructing an investigation by altering certain documents relating to his firm’s audit of a failed dot-com.

More expansive fraud charges

Fraud has always been a loosely defined concept. Under SOX, more and more conduct may be deemed fraudulent and actionable. It will be much easier, for example, for prosecutors to convict defendants in false financial statement cases.

SOX section 807 prohibits anyone from executing a scheme or artifice to: 1) defraud anyone in connection with any securities; or 2) obtain any money or property in connection with the sale of securities by means of false or fraudulent pretenses, representations or promises. (18 U.S.C. § 1348.) This new alternative to Title 15 allows prosecutions without the requirement of the use of the mail or wires. In addition, the “willfulness” requirement present under Title 15 does not appear to be present under section 807. Clearly, section 807 is broader than Title 15, which limited the prohibited conduct to that applying to a fraud “in connection with the purchase or sale” of a security. The maximum penalty for violation of section 807 is 25 years in prison and/or a fine.

As a result of the enactment of SOX section 807, more expansive claims under Rule 10b–5 may be filed. In a recent civil case, In re Enron Corporation Securities, Derivative and ERISA litigation , 235 F. Supp. 2d 549, 588–89 (S.D. Tex. 2002), the trial court, accepting the SEC’s proposed approach to liability, found that a secondary actor can be found primarily liable under Rule 10b–5 if the secondary actor “acting along or with others, creates a misrepresentation on which investors relied.” The secondary actor, be he or she a lawyer, accountant, or investment banker, need not initiate, disseminate, or even sign a document to be culpable. This same analysis, using aiding and abetting and conspiracy principles, could easily be applied to a criminal case, especially given the expansion of court rulings upholding vicarious liability and lessened scienter standards. Secondary actors in Enron, WorldCom, and other large fraud cases will be prosecuted for their role in structuring or facilitating fraudulent schemes.

More convictions of top officers

SOX’s new certification requirements will result in more prosecutions, and convictions, of top corporate officers.

SOX section 906 requires that each periodic report containing financial statements be accompanied by a written statement by the issuer’s chief executive officer and chief financial officer certifying that the information contained in the periodic report fully complies with section 13(a) or 15(d) of the Securities Exchange Act of 1934, 15 U.S.C. § 78a–78mm (2000), and that the information contained in the periodic report fairly represents, in all material respects, the issuer’s financial conditions and results of operations. Section 906 forces CEOs and CFOs to take responsibility for periodic reports and undercuts the defense that the review of the company’s financial operations was the responsibility of lower-level employees. section 906(a) prohibits anyone from filing such a certification knowing that the report does not comport with the requirements of section 906. (18 U.S.C. § 1350.) Pursuant to section 906(c)(1), certifying a periodic report while knowing that it does not comport with SEC requirements is punishable by 10 years in prison and/or a fine of up to $1 million. However, pursuant to section 906(c)(2), if the violation is willful , the certifying officer may be imprisoned for up to 20 years and/or fined up to $5 million. This drastic difference in sentence has confused, even horrified, corporate executives more than any other section of SOX. Yet, the distinction between the concepts of “knowing” and “willful” violations is nothing new. “Knowing” misconduct involves engaging in a voluntary act, which is not the product of mistake or accident, without regard to knowledge of the law, such as in cases where the defendant “consciously avoids” knowing whether the particular conduct in question constitutes a violation. On the other hand, “willful” misconduct requires a showing of actual knowledge of the illegal nature of the act in question. ( See, e.g., United States v. Obiechie , 38 F.3d 309, 314 (7th Cir. 1994) (holding that “willfully” means “intentional violation of a known legal duty” whereas “knowingly” requires only “knowledge of the pertinent facts and not knowledge of the applicable law”); United States v. Jacques Dessange, Inc. , 103 F. Supp. 2d 701, 707 (S.D.N.Y. 2000) (noting that “willfully” means “with an intent to violate a known legal duty”).) Interestingly, section 906 does not expressly provide any criminal penalty for the failure to certify financial reports.

Even though SOX is still rather new, prosecutions are already under way. Prosecutors recently announced that Richard Scrushy, HealthSouth’s former CEO, was indicted on charges that he violated SOX section 906, as well as conspiracy and money laundering charges. HealthSouth’s chief financial officer already pled guilty to a charge of false certification of financial results. The HealthSouth indictments mark the first time officers have been criminally charged with lying about a company’s financial condition under SOX. Many more prosecutions will result from violations of section 906.

Harsher sentences

Although drug carriers usually receive very harsh sentences under the federal sentencing guidelines, defendants convicted of white-collar offenses typically have not. The enactment of SOX renders harsher sentences for white-collar defendants likely.

SOX section 805 directs the U.S. Sentencing Commission to review the Sentencing Guidelines to ensure that the base offense level and existing adjustments for obstruction of justice are “sufficient to deter and punish that activity.” (18 U.S.C. App. § 2B1.1; see also U.S.S.G. § 2J1.2(b)(3).)

SOX section 902 states that an attempt or conspiracy to commit a fraud offense is subject to the same penalties as those prescribed for the offense. (18 U.S.C. § 1349; conspiracy to defraud was previously covered by 18 U.S.C. § 371.) Of course, prosecutors could still use the wire and mail fraud statutes. Under SOX, those penalties have been increased as well. Section 903 increases the maximum penalty of imprisonment for mail and wire fraud from five to 20 years in prison. (18 U.S.C. § 1341.)

Section 904 increases the maximum penalty of imprisonment for a willful violation of the reporting and disclosure provisions of the Employee Retirement Income Security Act of 1974 (ERISA) from one year to 10 years, the maximum fine for individuals from $5,000 to $100,000, and the maximum fine for corporate entities from $100,000 to $500,000. ( See 29 U.S.C. § 1131.)

Section 1104 directs the U.S. Sentencing Commission to r eevaluate the sufficiency of the Sentencing Guidelines to ensure that they reflect the serious nature of the fraud penalties set forth in SOX. (18 U.S.C. App. § 2B1.1; see also section 905(b)(1) at 18 U.S.C. App. § 2B1.1.)

Section 1106 enhances the maximum penalties for willful violations of the securities laws committed by individuals by increasing the maximum term of imprisonment from 10 to 20 years and increasing the maximum fine from $1 million to $5 million. For corporate entities, section 1106 increases the maximum fine from $2.5 million to $25 million. ( See section 32(a) of the Exchange Act, at 15 U.S.C. § 78ff.)

The U.S. Sentencing Commission enacted guidelines changes to effectuate SOX. Basic offense levels and enhancement factors have been increased. Additional increases are under consideration. All of these increases in statutory sentences and attendant guidelines boosts, meant to deter improper conduct in the securities industry, will result in harsher sentences for white-collar criminals.


SOX addresses numerous issues arising out of the environment of fraud seen in the Enron, WorldCom, Xerox, and other recent corporate scandals and drastically increases the sentences for violations of the securities laws. SOX’s creation of more, and more expansive, may have a deterrent effect on potential corporate wrongdoers, at least in the short run and while it is extensively covered in the press.

Even more important is that the enactment of these new laws represents an unprecedented commitment of investigative and prosecutorial resources to securities fraud matters and will likely result in an increase in criminal securities fraud prosecutions.

Return to Table of Contents - Winter 2004

Return to Criminal Justice magazine home page