The Limestone Cops — Tips on Madoff Red Flags Never Escalated at SEC

It’s hard to believe that with all the resources poured into government following the adoption of Sarbanes Oxley Act in 2002, the escalation process in the SEC failed in the Madoff case. New reports show that junior SEC staff neglected to involve more seasoned enforcement officers and failed to stop what ended up to be a $65 billion Ponzi scheme. See SEC chiefs in dark as Madoff evaded junior staff.

The cost to all the investors has been devastating and the internal escalation process in the agency needs signicant remediation.

Advertisements

CVS Pays $2.25 Million and Toughens Practices to Settle HIPAA Privacy Case

The U.S. Department of Health and Human Services and the Federal Trade Commission today announced that CVS, the nation’s largest retail pharmacy chain, will pay the U.S. government a $2.25 million settlement and take corrective action to ensure it does not violate the privacy of its millions of patients when disposing of patient information such as identifying information on pill bottle labels.  The settlement, which applies to all of CVS’s more than 6,000 retail pharmacies, follows an extensive investigation by the HHS Office for Civil Rights (OCR) for potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule.

In a coordinated action, CVS Caremark Corp., the parent company of the pharmacy chain, also signed a consent order with the FTC to settle potential violations of the FTC Act. OCR, which enforces the Privacy Rule, opened its investigation of CVS pharmacy compliance with the Privacy Rule after media reports alleged that patient information maintained by the pharmacy chain was being disposed of in industrial trash containers outside selected stores that were not secure and could be accessed by the public.

At the same time, the FTC opened an investigation of CVS. OCR and the FTC conducted their investigations jointly. This is the first instance in which OCR has coordinated investigation and resolution of a case with the FTC. “OCR is committed to strong enforcement of the HIPAA Privacy Rule to protect patients’ rights to privacy of their health information. We hope that this agreement will spur other health organizations to examine and improve their privacy protections for patient information during the disposal process,” said Robinsue Frohboese, acting director of OCR. “Such safeguards will benefit consumers everywhere.”

The Privacy Rule requires health plans, health care clearinghouses and most health care providers (covered entities), including most pharmacies, to safeguard the privacy of patient information, including such information during its disposal. Among other issues, the reviews by OCR and the FTC indicated that: * CVS failed to implement adequate policies and procedures to appropriately safeguard patient information during the disposal process; and * CVS failed to adequately train employees on how to dispose of such information properly. Under the HHS resolution agreement, CVS agreed to pay a $2.25 million resolution amount and implement a robust corrective action plan that requires Privacy Rule compliant policies and procedures for safeguarding patient information during disposal, employee training and employee sanctions for noncompliance.

HHS and FTC also will require CVS to actively monitor its compliance with the resolution agreement and FTC consent order. The monitoring requirement specifies that CVS must engage a qualified independent third party to conduct assessments of CVS compliance and render reports to the federal agencies. The HHS corrective action plan will be in place for three years; the FTC requires monitoring for 20 years.

The HHS Resolution Agreement and Corrective Action Plan can be found on the OCR Web site at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/cvsresagrcap.pdf. OCR has posted new FAQs that address the HIPAA Privacy Rule requirements for disposal of protected health information.

They can be found on the OCR Web site at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/disposalfaqs.pdf.

Information about the FTC Consent Order agreement is available at http://www.ftc.gov .

Feds Set Sights on ‘Gatekeepers’ in Fraud Investigations

Joe Palazzolo
Legal Times

Federal law enforcement officials said Wednesday they are targeting lawyers, mortgage brokers, real estate brokers and other “gatekeepers” who perpetrated fraud that contributed to the current economic crisis — a clear warning shot as the federal government is pumping billions of dollars into the financial sector.

“They have the most to lose, they’re the most likely to flip, and they make the best examples,” said Neil Barofsky, the special inspector general for the Troubled Assets Relief Program, during a congressional hearing on fraud enforcement. Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., was even more blunt: “I want to see these people prosecuted,” he said. “Frankly, I want to see them go to jail.” The hearing was meant to underscore the need for more law enforcement resources amid an upsurge in mortgage and corporate fraud investigations.

Leahy and Sen. Charles Grassley, R-Iowa, have introduced a bill that would expand the scope of federal fraud laws and provide funding for more prosecutors and investigators. FBI Deputy Director John Pistole told the committee that mortgage fraud investigations nearly doubled in the last two years to more than 1,600 in 2008. The bureau, he said, has more than 530 corporate fraud investigations open, including 38 directly related to the current financial crisis.

Pistole said he could see that number potentially rising into the hundreds. But federal law enforcers could do much more with additional resources, he said, pointing to the Justice Department’s successes in the wake of the savings-and-loan crisis of the 1980s. At the time, 1,000 agents and forensic investigators and dozens of federal prosecutors were devoted to the effort, which produced more than 600 convictions and $130 million in restitution. Compared to the $160 million lost during the S&L crisis, the current situation is far more dire, with financial institutions globally reducing their assets by more than $1 trillion.  But the Justice Department’s focus on national security has diminished the fraud ranks.

Pistole said 240 agents, supplemented by investigators from other agencies, are working on fraud cases stemming from the economic crisis. Rita Glavin, acting head of the Justice Department’s Criminal Division, said the department was in discussions with Barofsky about how best to handle criminal referrals and prosecutions when his office uncovers wrongdoing. She also said the Justice Department’s fraud section had created a mortgage fraud working group, with a collection of other enforcement agencies. Sen. Sheldon Whitehouse, D-R.I., asked Glavin whether DOJ had any designs for a nationwide mortgage fraud taskforce. Then-Attorney General Michael Mukasey repeatedly rejected the idea, saying individual U.S. Attorneys’ Offices were better equipped to handle the work. Glavin said the department was studying the issue. “No decision has been made with respect to that,” she said.

E-Discovery Trends in 2009 — New developments in e-discovery will affect enterprise general counsel and compliance officers, law firms serving corporate clients, and IT departments

By Christine Taylor, January 9, 2008, 12:10 PM

A few years ago, the Taneja Group coined the term “Information Classification and Management” (ICM) to describe the technology of locating and classifying data throughout the enterprise. ICM covered sub-technology sectors such as e-discovery, compliance, data security control, and data management. However, we saw the term “e-discovery” trump the more comprehensive name as rabid attention turned from ICM to the specifics of civil litigation software tools. We are now seeing the e-discovery term itself take on a fuller usage, more akin to ICM. People do use the term when talking about civil litigation, but are also expanding it to encompass compliance, corporate governance, data classification, and even knowledge management.

In this broad sense we have looked at the trends of the e-discovery market as they impact its largest stakeholders: the enterprise general counsel and compliance officers, law firms serving corporate clients, and IT.

The crux of the matter is that e-discovery and its related areas will be extremely hot for litigation and compliance, especially those related to the financial meltdown. The market increasingly understands the necessity of e-discovery software tools and systems, and will move toward proactive e-discovery adoption. A more reactive approach will remain alive and well as many companies will still avoid implementation until driven to it by a lawsuit or federal investigation. But companies will increasingly understand that the e-discovery solution phenomenon is much more than a litigation aid. It also has major effects on federal compliance and internal governance, and potentially on data management throughout the enterprise.

For more see byteandswitch.com.

E-Discovery Requirements Are About to Hit Canadian Firms

As Canadian firms brace for new e-discovery rules, they can look to their U.S. counterparts for technology lessons.

By Anne Rawland Gabriel

Time is growing short for Canadian securities firms to prepare for the scheduled April enforcement of the new Canadian National Instrument 31-103 (NI 31-103), regulation that significantly expands record keeping requirements for electronic communications. Fortunately NI 31-103 substantively mirrors U.S. regulations already in place, which means Canadian firms have the opportunity to learn from others’ experiences.

“NI 31-103 is very similar to SEC and FINRA requirements in the U.S.,” substantiates Carolyn DiCenzo, a Gartner research VP. “It’s important to remember that the spirit of the law is communications and not just one particular type of communication, such as e-mail or instant messaging.”

For more see wallstreetandtech.com.

SEC Files Settled Foreign Corrupt Practices Act Charges Against Siemens AG for Engaging in Worldwide Bribery With Total Disgorgement and Criminal Fines of Over $1.6 Billion

The Securities and Exchange Commission filed a settled enforcement action on December 12, 2008, in the U.S. District Court for the District of Columbia charging Siemens Aktiengesellschaft (“Siemens”), a Munich, Germany-based manufacturer of industrial and consumer products, with violations of the anti-bribery, books and records, and internal controls provisions of the Foreign Corrupt Practices Act (“FCPA”). Siemens has offered to pay a total of $1.6 billion in disgorgement and fines, which is the largest amount a company has ever paid to resolve corruption-related charges. Siemens has agreed to pay $350 million in disgorgement to the SEC. In related actions, Siemens will pay a $450 million criminal fine to the U.S. Department of Justice and a fine of €395 million (approximately $569 million) to the Office of the Prosecutor General in Munich, Germany. Siemens previously paid a fine of €201 million (approximately $285 million) to the Munich Prosecutor in October 2007.

The SEC’s complaint alleges that:

Between March 12, 2001 and September 30, 2007, Siemens violated the FCPA by engaging in a widespread and systematic practice of paying bribes to foreign government officials to obtain business. Siemens created elaborate payment schemes to conceal the nature of its corrupt payments, and the company’s inadequate internal controls allowed the conduct to flourish. The misconduct involved employees at all levels, including former senior management, and revealed a corporate culture long at odds with the FCPA.

For more see SEC.gov.

SEC Files Settled Books and Records and Internal Controls Charges Against Fiat S.p.A. and CNH Global N.V. For Improper Payments to Iraq Under the U.N. Oil for Food Program — Fiat Agrees to Pay Over $10 Million in Disgorgement, Interest, and Penalties

The Securities and Exchange Commission filed Foreign Corrupt Practices Act books and records and internal controls charges against Fiat S.p.A. and CNH Global N.V. in the U.S. District Court for the District of Columbia. Fiat S.p.A., an Italian company, provides automobiles, trucks and commercial vehicles. CNH Global N.V., a majority-owned subsidiary of Fiat, provides agricultural and construction equipment. The Commission’s complaint alleges that from 2000 through 2003, certain Fiat and CNH Global subsidiaries made approximately $4.3 million in kickback payments in connection with their sales of humanitarian goods to Iraq under the United Nations Oil for Food Program (the “Program”). The kickbacks were characterized as “after sales service fees” (“ASSFs”), but no bona fide services were performed. The Program was intended to provide humanitarian relief for the Iraqi population, which faced severe hardship under international trade sanctions. The Program required the Iraqi government to purchase humanitarian goods through a U.N. escrow account. The kickbacks paid by Fiat’s and CNH Global’s subsidiaries diverted funds out of the escrow account and into Iraqi-controlled accounts at banks in countries such as Jordan.

According to the Commission’s Complaint:

During the Oil for Food Program, Fiat’s subsidiary, IVECO S.p.A., used its IVECO Egypt office to enter into four direct contracts with Iraqi ministries in which $1,803,880 in kickbacks were made on the sales of commercial vehicles and parts. After agreeing to pay the ASSFs, IVECO Egypt increased its agent’s commissions from five percent to between fifteen and twenty percent of the total U.N. contract price, which the agent funneled to Iraq as kickbacks. The agent submitted invoices for the inflated commissions, and IVECO financial documents show line items for “contract pay-back” due to the agent. IVECO and the agent secretly inflated the U.N. contracts by ten to fifteen percent. Despite the agent’s invoices being held for one year and the unusually large commissions, IVECO paid the invoices. In one instance, IVECO set up a bank guarantee in the amount of the ASSF in favor of a Dubai-based firm that operated as a front company for Iraq. IVECO’s bank guarantee was canceled and, instead, the agent established an identical bank guarantee to conceal IVECO’s role. A line item identified as “pay-back” on IVECO documents corresponded to the amount of the agent’s bank guarantee. The ASSFs were incorrectly recorded as legitimate commissions on the company’s books and records.

For more see SEC.gov.