Category Archives: Student Fellows Post

Potholes in Compliance: Hidden Risks Under Rule 506(d)’s Bad Actor Disqualification

by Joshua Pirutinsky

I. Introduction

Sometimes the unexpected happens. But preparing for the unexpected is the essence of the compliance function. The failure to effectively prepare for risks unrelated to your core business can be disastrous.  A seemingly innocuous compliance breach could disqualify your firm from participating in a private offering of securities under Rule 506(d), known as the “Bad Actor” Disqualification.   Being a Bad Actor can have detrimental, if not fatal, consequences for your firm – hence the critical importance of making known certain unknowns. Continue reading

The Rule of Law and the Responsible Corporate Officer Doctrine after Quality Egg

by Jason Driscoll
This post is the second part of a two-part post by the author.

Introduction

In my previous post (DeCoster v. United States: Testing the Limits of the Responsible Corporate Officer Doctrine), I discussed how the Food and Drug Administration (“FDA”) and the Department of Justice (“DOJ”) have revived the Responsible Corporate Officer (“RCO”) doctrine in an attempt to increase compliance with the Federal Food, Drug, and Cosmetic Act (“FDCA”). In light of the incarcerative sentences in the Quality Egg case, I addressed the DOJ’s new strategy of seeking enhanced sanctions in RCO cases. In United States v. Quality Egg, LLC,[1] the government brought FDCA Section 333(a)(1) misdemeanor food adulteration cases against two corporate officers—Jack and Peter DeCoster—ultimately securing three-month prison sentences premised largely on the RCO doctrine.[2] On appeal, the DeCosters argued that the incarcerative sentences violated due process absent evidence of mens rea or actus reus.[3] The Eighth Circuit affirmed the sentences, however, holding that a three-month strict liability prison sentence was “relatively light” doing “no grave damage” to an offender’s reputation.[4] A petition for a writ of certiorari followed, inviting the Supreme Court to review the doctrine for the first time since 1975, but was denied. Continue reading

Techniques for Reinforcing a Culture of Compliance

by Natalie Noble

The importance of establishing a robust “culture of compliance” within corporations is a common refrain among government regulators.[1] But developing a structured process, much less a firm definition, around such a squishy concept can be a daunting task for compliance officers. At its core, an effective culture of compliance should shape employees’ gut instincts by reinforcing values that weigh against breaking the law. To accomplish this, companies should supplement their traditional ethics trainings and “tone at the top” by integrating compliance factors into their incentives programs and forestalling ethical fading. As an additional line of defense, companies should actively encourage employees to slow down and think methodically about their decisions before they take final action. Continue reading

The Growing Risk of Director Liability for Cyberattacks

by Peter Varlan

Despite the increase in cyberattacks and data breaches against large corporations, directors have avoided personal liability. In three recent data breaches—Wyndham, Target, and Home Depot—shareholders have unsuccessfully brought derivative claims against directors. These Caremark[1] claims against directors have failed because oversight duties for cybersecurity are not yet specific enough to establish that directors deliberately breached a known duty of care.

The current protection that directors have enjoyed from cybersecurity-related Caremark suits may soon come to an end. New and pending regulations from the New York Department of Financial Services and the Federal Reserve System provide more specific cybersecurity guidance for corporations. Failing to comply with these more detailed regulations prior to a cyberattack may increase the possibility that directors will be held liable for violating their Caremark oversight duties. Accordingly, directors should familiarize themselves with these new regulations that are applicable to the corporations they serve, and develop best practices to both protect corporate data and inoculate themselves from personal liability. Continue reading

DeCoster v. United States: Testing the Limits of the Responsible Corporate Officer Doctrine

by Jason Driscoll
This post is the first part of a multi-part post by the author.

Over the last decade, the Food and Drug Administration and the Department of Justice have revived the use of the Responsible Corporate Officer (“RCO”) doctrine in an attempt to increase compliance with the Food, Drug, and Cosmetic Act (“FDCA”). Two recent cases—United States v. Purdue Frederick Co.[1] and United States v. Quality Egg, LLC[2]—illustrate the regulators’ new approach: impose strict criminal liability on individual corporate officers and seek enhanced sanctions in the name of effective deterrence. However, while the Supreme Court has upheld criminal fines premised on the RCO doctrine,[3] the Court has not yet opined on the legality of more serious penalties such as long-term debarment or imprisonment. The Court now has that opportunity. In DeCoster v. United States,[4] the Quality Egg defendants (Jack and Peter DeCoster) have filed cert. petitions asking the Court to review the lawfulness of their prison sentences and the RCO doctrine altogether. For anyone concerned about the expanding scope of corporate officer liability, this case could mark a turning point. Continue reading