As the Wells Fargo scandal unfolded, in the back of my mind was just how the requirements of the Sarbanes-Oxley Act, enacted in 2002 in response to the Enron and Worldcom debacles, did not protect the investors, general public and the bank’s employees.
Sarbanes-Oxley is referred to as SOX. It did not create much in the way of new regulations, but it did formalize how publicly traded companies implemented and enforced internal control policies and procedures. It also raised the stakes for key corporate managers – including the Board of Directors, CEO, CFO and in-house attorneys – as far as their individual roles in assuring that the controls governing financial and ethical performance were observed. For example, corporate attorneys must report suspicions of fraudulent acts to their company’s chief legal counsel and CEO. They can go to the audit committee if there appears to be insufficient effort to investigate.
SOX also created the Public Company Accounting Oversight Board (PCAOB), or Peekaboo, as it is known by industry finance, auditing and accounting professionals. Peekaboo oversees the external auditors’ work, which had been largely self-regulated. Audit firms are now subject to inspections by the Board.
Violating any SOX regulation could be worthy of criminal charges, yet few executives have faced charges, much less been convicted, under its umbrella. It is seemingly stupefying considering key executives must sign certifications as to the accuracy of the financial statements, but understandable when CEOs are shielded by sub-certifications their companies make lower-level managers sign, creating buffers. It is reminiscent of a scene from Godfather 2, where a lieutenant of the Corleone Family tells a Senate Committee how the Godfather had layers of people between himself and those who took care of the actual dirty work.
But the impact on Wells Fargo’s financial statements was minimal, only $2.4 million. By itself, that would not create any stir on Wall Street, certainly not enough to push the stock price upwards.
And probably not enough to subject John Stumph to criminal charges, much less convicted, for deliberate misstatement of the financial statements. Just think – the DOJ did not bother pursuing a criminal action against Countrywide’s Angelo Mozilo, so why would it start now?
However, the phony accounts did create an illusion of long-term customer loyalty. One could argue that shareholders would be inclined to hold the stock longer than they otherwise would. Think of it as contrived price support.
Regardless, it was fraud.
It is almost certain that some of the sub-certifiers who knew of the scheme would gladly cooperate with the Feds and help prosecutors construct a trail to Stumph and his key people. Call it buffer-busting.
The DOJ should also look to what SOX refers to as Entity Level controls. Also known as “the tone at the top,” these cover the corporate culture and how it affects the risk of circumventing the activity controls directly related to financial reporting. So, an overly aggressive marketing program, similar to the one used by Wells Fargo, may create an atmosphere of fear among the sales staff and lead to fraudulent actions. A definite red flag which should have caused the SOX auditors to dig deeper at Wells Fargo.
In the end, why do we have SOX if it is not used to help bring down unscrupulous executives?