DOJ’s Not-So-Hard Line on Corporate Crime

Last year, Deputy Attorney General Lisa Monaco gave a speech promising a crackdown on corporate criminals, especially repeat offenders. That gave rise to hopes that the Justice Department, after having gone soft on corporate prosecutions during the Trump years, would return to a more aggressive stance.

After months of consultation with various parties, Monaco has just given another speech to signal what is coming next. The new approach, explained in more detail in a memo to federal prosecutors, has some laudable features, but it does not go far enough in bringing down the hammer on rogue companies and their executives.

For example, Monaco’s 2021 statement included a vow to take into account a company’s past behavior when deciding on a prosecution strategy. As someone who spends his time documenting corporate non-compliance, I was eager to see DOJ take a harder line on companies that break the law over and over again.

That commitment remains in the new policy, but there are hedges. Monaco writes: “Not all instances of prior misconduct, however, are equally relevant or probative. To that end, prosecutors should consider the form of prior resolution and the associated sanctions or penalties, as well as the elapsed time between the instant misconduct, the prior resolution, and the conduct underlying the prior resolution.”

Monaco specifies that criminal offenses that occurred more than ten years ago or civil offenses more than five years old can be given less weight. But then she acknowledges that “depending on the facts of the particular case, even if it falls outside these time periods, repeated misconduct may be indicative of a corporation that operates without an appropriate compliance culture or institutional safeguards.”

This “on the one hand, on the other hand” language sends a mixed message. It would have been preferable to tell prosecutors to give serious consideration to previous bad acts and leave it at that.

Then there’s the issue of individual accountability. Now, as last year, Monaco encouraged prosecutors to bring cases against culpable corporate executives and to expedite the handling of those cases. That sounds fine, but the main way Monaco wants to accomplish this is by giving corporations incentives to cooperate more thoroughly with investigations.

Getting companies to turn in wrongdoers is a good idea, but Monaco’s approach could come at too high a cost. She states that, “absent the presence of aggravating factors, the Department will not seek a guilty plea where a corporation has voluntarily self-disclosed, fully cooperated, and timely and appropriately remediated the criminal conduct.” Her memo also states that the imposition of an independent compliance monitor need not occur when a cooperating company “demonstrates that it has implemented and tested an effective compliance program.”

Keep in mind that the kind of cases involved here are mainly ones in which an unscrupulous executive was taking actions that benefited the company and that should have been prevented by internal controls. Such corporations need to be held fully accountable and put under close supervision.

They also should not be allowed to go on receiving special deals such as non-prosecution and deferred prosecution agreements—sometimes more than once. Rather than calling for an end to these practices, Monaco weakly states that multiple deals are “generally disfavored” and goes on to dilute that position even more by suggesting that everything should be done to incentivize voluntary disclosure.

On the plus side, Monaco’s policy would pressure corporations to claw back compensation paid to executives who engage in misconduct. In too many cases, these corrupt individuals have been allowed to keep lavish pay and benefit packages—and often the company would pay their legal expenses.

Overall, Monaco puts too much emphasis on the carrot and not enough on the stick. Corrupt corporations have been treated leniently for too long. Now is the time for a tougher approach.

The Muddled Attack on ESG

Ever on the lookout for threats to the American way of life, the Right has begun pointing its finger at a surprising set of adversaries: BlackRock, Vanguard Group, State Street Corporation and other leading asset managers.

According to a chorus that includes former Vice President Mike Pence and Florida Governor Ron DeSantis, the three firms are part of a “woke Left” that is seeking to impose a radical environmental, social and governance agenda on big business. The allegations are part of an effort to make ESG into a bogeyman for investors similar to the way critical race theory, or CRT, has been used to scare parents of school-age children.

To some extent, the attack on ESG is simply another way to attack Democrats. One of its proponents, Vivek Ramaswamy, published an op-ed in the Wall Street Journal, the favorite soapbox of the movement, headlined “Biden’s ESG Tax on Your Retirement Fund.” The target of the piece was a proposal by the Labor Department to allow pension funds to consider climate-change-related financial risks in making investment decisions.

Ramaswamy has a vested interest in the anti-ESG effort. He wrote a book titled Woke Inc. that is regarded as the bible of the campaign, and he created an investment management firm called Strive to cash in on the backlash to ethical investing. Strive has a fund called DRLL that enthusiastically invests in fossil fuel companies and urges firms of all kinds to resist ESG pressures.

The problem for the rightwingers is that their issue is far from new. There has been a debate going on for decades over the proper role of large corporations when it comes to environmental and social issues. Ramaswamy and his ilk are parroting the arguments made half a century ago by economist Milton Friedman, one of the leading proponents of free market fundamentalism. His 1970 article entitled “The Social Responsibility of Business is to Increase its Profits” is the most famous expression of the idea that corporations should concern themselves with nothing other than making money for their shareholders.

That notion has remained popular in some circles, but most of big business has come to realize that it is simply not practical. Some companies such as Patagonia have made environmental and social engagement part of their brand. Some such as Exxon Mobil resisted change for many years but eventually began to make concessions. And some such as Koch Industries are engaged, but with a rightwing slant.

Modern-day ESG is largely a response by large companies to various external pressures, especially those coming from environmental groups and other corporate accountability activists. These days they also need to deal with the fact that many consumers are unwilling to do business with firms seen as contributing to the destruction of the planet.

Far from being radical, ESG often serves as a form of greenwashing, allowing companies to give the impression they are taking bold steps when their actions are actually quite limited. Much of the purported progress toward ESG goals is based on company self-reporting with limited verification.

The anti-ESG crowd is particularly upset at the role asset managers are playing in encouraging companies to set goals for net-zero greenhouse gas emissions. Yet many companies are planning to meet those goals through the purchase of dubious carbon offsets rather than major changes in their own operations.

When ESG initiatives lead to real changes in corporate practices, that is usually a reflection of changes in market dynamics. Companies such as General Motors are not putting more emphasis on electric vehicles as part of some secret leftist agenda, but rather because that is what its customers are demanding.

Oddly, the rightwing critics seem to pay little attention to the fact that several major ESG investment managers, including Goldman Sachs, are reported to be under investigation by the SEC, which is also seeking to adopt tighter rules on which firms can use the ESG label. Inquiries into whether ESG investment advisers engage in deceptive practices are also underway in Germany, where the offices of Deutsche Bank’s ESG arm were raided by investigators earlier this year.

Instead, the Right’s anti-ESG crusaders are promoting the moves by red-state attorneys general to do their own investigations, focusing on the influence of giants such as BlackRock. Those investigations, however, start out with exaggerated assumptions about the power of ESG, while the SEC seems to be concerned that those impacts are actually less significant than the advisors are leading investors to believe.

In an editorial celebrating the anti-ESG backlash, the Wall Street Journal warned that the changes being promoted by BlackRock could lead to new regulations. This betrays a fundamental misunderstanding of ESG. One of its primary aims is to use voluntary corporate initiatives to make the case that government mandates are unnecessary.

Although they go about it in very different ways, ESG proponents and rightwing critics are both seeking to limit the role of government in overseeing corporate behavior. That is where both groups fall short.

Whether large corporations are claiming to save the world or are simply maximizing profits, they cannot be left to their own devices. The same goes for the big investment managers.

Take the example of State Street Corporation, one of the big firms the Right is trying to make into a major ESG villain. Last year, State Street paid a $115 million criminal penalty to resolve federal charges that it engaged in a scheme to defraud a number of the bank’s clients by secretly overcharging for expenses related to the bank’s custody of client assets.

The problem with State Street and many other large companies is not that they are too focused on promoting virtue but rather that they may be lacking in virtue themselves.

Note: My colleagues and I are seeking a research analyst to work on Violation Tracker. Details are here.

Malignant Marketing

Large corporations are fond of saying that they are all about giving customers what they want. But what happens when the product, though legal, is harmful or addictive? Should companies be allowed to satisfy consumer demand, no matter what the consequences?

Some high-profile settlements announced in recent weeks show that, as far as state attorneys general are concerned, there should be much stricter controls on the marketing of dangerous products and that corporations should be heavily penalized for abuses.

The most recent case involves JUUL Labs, which just agreed to pay $438 million to resolve multistate litigation accusing it of improperly marketing vaping products to minors. The announcement of the settlement, reach with a bipartisan group of 34 states and territories, alleged that JUUL “relentlessly marketed to underage users with launch parties, advertisements using young and trendy-looking models, social media posts and free samples. It marketed a technology-focused, sleek design that could be easily concealed and sold its product in flavors known to be attractive to underage users. JUUL also manipulated the chemical composition of its product to make the vapor less harsh on the throats of the young and inexperienced users. To preserve its young customer base, JUUL relied on age verification techniques that it knew were ineffective.”

Earlier this summer, groups of state AGs announced several massive settlements with companies involved in the production and marketing of opioids. Teva Pharmaceuticals agreed to pay up to $4.25 billion to state and localities to settle allegations that it promoted two powerful fentanyl products designed for cancer patients to others while downplaying the risks of addiction. According to the AGs’ press release, Teva’s actions included “encouraging the myth that signs of addiction are actually ‘pseudoaddiction’ treated by prescribing more opioids.”

Several days later, Allergan agreed to pay up to $2.4 billion to settle a similar multistate case alleging the company had “deceptively marketed opioids by downplaying the risk of addiction, overstating their benefits, and encouraging doctors to treat patients showing signs of addiction by prescribing them more opioids.” Allergan was also accused of failing to maintain effective controls to prevent the diversion of opioids into improper channels.

And a couple of weeks after that, Endo International agreed to pay $450 million in yet another multistate lawsuit stemming from accusations of deceptive marketing. In Endo’s case, this involved allegations that it “falsely peddled its opioids as abuse-deterrent with deadly consequences.” Under the weight of this and other litigation, Endo has filed for bankruptcy.

The theme running through all these cases is the tendency of corporations, obsessed with the desire to increase sales, to engage in shockingly unethical behavior. Both the slick techniques of JUUL to lure young vapers and the seemingly scientific claims of the opioid producers to reassure pain patients demonstrate an apparent willingness to use deceit and manipulation to push dangerous products on vulnerable populations. The monetary penalties, however large, and promises to end the abuses hardly seem a sufficient penalty for the harm caused by this behavior.

Blowing the Whistle on Twitter

There has never been much doubt that the tech giants do not take government regulation seriously, but it is helpful to get confirmation of that from inside the corporations. This is the import of a whistleblower complaint from the former security head of Twitter that has just become public.

Peiter Zatko submitted a document to the SEC, the Justice Department and the Federal Trade Commission accusing top company executives of violating the terms of a 2011 settlement with the FTC concerning the failure to safeguard the personal information of users. The agency had alleged that “serious lapses in the company’s data security allowed hackers to obtain unauthorized administrative control of Twitter, including both access to non-public user information and tweets that consumers had designated as private, and the ability to send out phony tweets from any account.”

Zatko’s complaint, which will play into the company’s ongoing legal battle with Elon Musk over his aborted takeover bid, alleges that Twitter did not try very hard to comply with the FTC settlement and that it prioritized user growth over reducing the number of bogus accounts.

These accusations are far from surprising. In fact, three months ago Twitter agreed to pay $150 million to resolve a case brought by the FTC and the Justice Department alleging that it was in breach of the 2011 settlement for having told users it was collecting their telephone numbers and email addresses for account-security purposes while failing to disclose that it also intended to use that information to help companies send targeted advertisements to consumers.

Since Zatko was fired by Twitter in January, he is in no position to describe company behavior since the most recent settlement. It is difficult to believe that the $150 million fine will be sufficient to get Twitter to become serious about data protection.

Twitter is not the only tech company with a checkered history in this area. In 2012 Facebook and the FTC settled allegations that the company deceived consumers by telling them they could keep their information private and then repeatedly allowed it to be shared and made public. Facebook agreed to change its practices.

As with Twitter, it eventually became clear that Facebook was not completely living up to its obligations. The FTC brought a new action, and in 2019 the company had to pay a penalty of $5 billion for continuing to deceive users about their ability to control the privacy of their data. The settlement also put more responsibility on the company’s board to make sure that privacy protections are enforced, and it enhanced external oversight by an independent third-party monitor.

Zatko’s allegations may prompt the FTC to seek new penalties against Twitter that go beyond the relatively mild sanctions in the settlement from earlier this year.

The bigger question is whether regulators and lawmakers are willing to find new ways to rein in a group of mega-corporations. The effort in Congress to enact new tech industry antitrust measures seems to have fizzled out for now. Such initiatives need to be revived. We cannot let an industry that plays such a substantial role in modern life think it is above the law.

The Pill Mills of the Fortune 500

The downfall of Purdue Pharma illustrated the role played by drugmakers in the opioid crisis. Large settlements paid by the likes of McKesson and AmerisourceBergen highlighted the culpability of the major drug wholesalers. Now more attention is being paid to the other players in the corrupt supply chain: pharmacies.

The assumption used to be that the main retail culprits were small pharmacies in places such as West Virginia that readily filled far more oxycontin prescriptions than would be expected to arise from legitimate use in their communities. Those businesses, like the unscrupulous clinics that wrote the prescriptions, are often called pill mills.

A decision just handed down by a federal court in San Francisco indicates that our understanding of that phrase needs to be revised. Following a bench trial, U.S. District Judge Charles Breyer ruled that the giant pharmacy chain Walgreens improperly dispensed hundreds of thousands of suspicious prescriptions for narcotic painkillers in the Bay Area over more than a decade.

“In exchange for the privilege of distributing and dispensing prescription opioids,” Judge Breyer wrote, “Walgreens has regulatory obligations to take reasonable steps to prevent the drugs from being diverted and harming the public. The evidence at trial established that Walgreens breached these obligations.”

Those regulatory obligations come from the Controlled Substances Act (CSA), a federal law which regulates the distribution of drugs ranging from Xanax to fentanyl. As shown in Violation Tracker, the U.S. Justice Department and the Drug Enforcement Administration have brought about two dozen successful CSA actions against large pharmacy chains, including those operated by the big supermarket companies.

In 2013 Walgreens had to pay $80 million to resolve a DEA case involving what the agency called “an unprecedented number of record-keeping and dispensing violations.” CVS, another pharmacy goliath, has paid out over $130 million in a dozen CSA cases.

These amounts are likely to be dwarfed by the damages against Walgreens in the San Francisco case, which have yet to be determined. Walgreens and CVS, along with Walmart, are also embroiled in an opioid test case brought by two counties in Ohio. The plaintiffs are seeking a payout of several billion dollars to help pay for addiction services.

If those Ohio counties are successful, it would give a green light to several thousand other cases that have been filed around the country and are being treated as a multidistrict action. On top of that, Walgreens, CVS and Walmart are facing a slew of opioid cases brought by the Cherokee Nation and other tribes.

It is unlikely that Walgreens or CVS will suffer the same fate as Purdue Pharma, which had to file for bankruptcy and agree to turn itself into a public benefit company while its owners, the Sackler Family, had to promise to pay out billions. CVS, which generated nearly $8 billion in profits last year, is particularly well positioned to handle the massive settlements to come.

The real question is whether it and Walgreens will own up to their misconduct and get serious about complying with their obligations to prevent opioid abuse.

Another Crooked Bank

When one large corporation is found to be breaking the law in a particular way, there is a good chance that its competitors are doing the same thing. The latest evidence of this comes in an announcement by the Consumer Financial Protection Bureau concerning U.S. Bank.

The CFPB fined the bank $37.5 million for illegally accessing credit reports and opening checking and savings accounts, credit cards, and lines of credit without customers’ permission. U.S. Bank employees were said to have done this in response to management pressure to sell more financial products and thus generate more fee revenue.

If this sounds familiar, it is exactly what came to light in 2016 regarding Wells Fargo, which was initially fined $100 million by the CFPB for the fraudulent practice and subsequently faced a wave of other legal entanglements, including a case brought by the U.S. Justice Department in which Wells had to pay $3 billion to resolve civil and criminal charges.

The U.S. Bank case has not yet generated the tsunami of outrage that accompanied the revelations about the phony accounts at Wells. Perhaps that is because it is the middle of the summer. Yet chances are that the CFPB’s enforcement action will not be the only punishment the bank will face.

U.S. Bank’s practices were no less egregious than those of Wells. According to the CFPB, the management of the bank, which currently has more than half a trillion dollars in assets, was aware for more than a decade that its employees were creating fictitious accounts.

And like Wells, U.S. Bancorp has a long history of questionable behavior. Violation Tracker documents more than $1.2 billion in penalties from 40 cases dating back to 2000. Half of the total comes from offenses involving serious deficiencies in anti-money-laundering practices, including a 2018 case in which the bank had to pay $453 million to settle criminal charges brought by the U.S. Justice Department plus another $75 million to the Office of the Comptroller of the Currency to resolve civil allegations.

In 2014 U.S. Bank had to pay $200 million to settle allegations that it violated the False Claims Act by knowingly originating and underwriting mortgage loans insured by the Federal Housing Administration that did not meet applicable requirements. The bank also had a previous run-in with the CFPB, which penalized it $53 million in 2014 for unfairly charging customers for credit identity protection and credit monitoring services they did not receive.

It is likely that U.S. Bank’s penalty total will rise substantially through additional cases prompted by the CFPB’s latest allegations, which include accusations the bank violated not only the Consumer Financial Protection Act but also the Fair Credit Reporting Act, the Truth in Lending Act, and the Truth in Savings Act.

Apart from monetary penalties, U.S. Bank may face an additional form of punishment applied to Wells: in 2018 the Federal Reserve restricted the growth of the firm until it cleaned up its practices and improved its governance. Since fines have proven to be a weak deterrent against corrupt practices at major financial institutions, more aggressive measures provide the only hope of bringing the big banks under control.

Parent Company Makeovers?

The addition of historical parent data to Violation Tracker, including a list of the most penalized corporations based on that data, may have led some p.r. executives to hope that their employer would look better on the new tally. Many of them will end up disappointed.

In last week’s Dirt Diggers, I compared the 100 most penalized current parents to the 100 most penalized historical parents and found limited differences. This week I expand the focus to the top 1,000.  

Among that larger group, nearly half have penalty totals based on historical parent-subsidy linkages that are lower than their totals based on current ownership relationships.

Yet the median difference for those with lower historical totals is just $14 million. Only 34 of the 1,000 companies ended up with zero penalties using the historical basis; another 33 ended up with totals below $1 million. The biggest beneficiary of the different approach is Viatris, almost all of whose $1 billion in penalties based on current linkages were incurred by Mylan and Upjohn before they merged in 2020 to form the new company.

Other parents that look good when switching from current to historical linkages include: Equitable Holdings, whose big penalties occurred when it was owned by AXA, and Daimler Truck, just about all of whose penalties date from the period when it was still part of Daimler AG, now known as Mercedes-Benz Group.

Among the 1,000 most penalized current parents there are more than 400 whose historical total is exactly the same, reflecting the fact that they neither acquired nor spun off penalized subsidiaries. Those in this group with the largest penalty amounts are Deutsche Bank, Purdue Pharma, GlaxoSmithKline, Toyota, Allianz, PG&E, and Barclays. The median penalty total for all the zero-difference parents in the top 1000 list is $59 million.

Sixty-seven of the top 1,000 parents look worse when switching from the current to the historical basis. That is because they divested a heavily penalized subsidiary. Those with the biggest penalty differences include: Abbott Laboratories, which spun off AbbVie with its $1.5 billion in penalties; AXA, which spun off Equitable and its $651 million in penalties; and Daiichi Sankyo, which sold Ranbaxy USA, which had accumulated more than $500 million in penalties.

Another 11 companies—such as BP, which sold its heavily penalized operations in Texas City, Texas to Marathon Petroleum, and General Electric, which has been downsizing in numerous sectors—have historical penalty totals at least $100 million lower than their current totals. Yet all of those still end up with historical totals of more than $300 million, and in four cases—BP, Johnson & Johnson, GE and Boehringer Ingelheim—the amount is above $1 billion.

The upshot of all this is that switching the focus from current to historical parent linkages does not show a dramatic difference in the misconduct track record of most large companies. While the new data may not help much for company makeovers, I hope it will prove useful for those taking a critical look at corporate behavior.

Note: the historical parent data now in Violation Tracker is accessible only to those who purchase a subscription. Searching and displaying the other data remain free of charge.

Violation Tracker’s New Track

Since Violation Tracker was introduced in 2015, my colleagues and I at the Corporate Research Project have put a lot of effort into identifying the ultimate parent companies of the firms named in the many thousands of individual enforcement records we collect. This has allowed us to show which of those parents have the highest penalty totals linked to their current line-up of divisions and subsidiaries. That dubious distinction has been achieved by the likes of Bank of America, BP and Volkswagen.

Some of the corporations on this list have complained it is unfair to link them to penalties incurred by subsidiaries before they were acquired. We have taken the position that when a company is purchased, the acquirer is in effect buying that entity’s track record. We have thus felt comfortable attributing those past bad acts to the current owners.

Nonetheless, we recognize that Violation Tracker users may want to distinguish between penalties received while the entity has been linked to the current owner and those that occurred before. We thus undertook the task of reconstructing the ownership history of the entities named in the 106,000 entries in Violation Tracker that are linked to one of the more than 3,000 parents for which we aggregate data.

That project is now complete, and the historical data has been incorporated in a newly redesigned Violation Tracker—both in the individual entries and in a list showing the 100 parents with the largest penalty totals based on ownership linkages at the time each penalty was announced.

Before I reveal more about that list, I must report that the cost of this project and the ongoing expenses associated with a very labor-intensive resource compelled us to begin requiring users to purchase a subscription in order to access certain features of the site. Those features include the parent history data and the ability to download search results. Searching and displaying search results (without the historical data) remain free of charge. More details of the subscription system can be found here.

The expanded entries visible to subscribers show the parent at the time of the penalty and the current parent. If the two are different, there is a field summarizing the ownership changes that occurred. For example, an entry on a penalty paid in 2002 by the trucking company Overnite Transportation now notes that its parent at the time was Union Pacific. A new history recap field states: “In 2003 Union Pacific spun off Overnite. In 2005 the company was acquired by United Parcel Service, which sold it to TFI International [the current parent] in 2021.” In addition to accessing such information in individual entries, subscribers can search by historical parent name in the Advanced Search section.

Returning to the list of most penalized parents based on historical ownership linkages, the first finding is that it contains many of the same corporations as the list based on current linkages. In fact, the same name is at the top of both lists: Bank of America. The only difference is that BofA’s historical penalty total–$79 billion—is lower than its total on the current list: $83 billion. That mainly reflects the subtraction of the penalties incurred by Merrill Lynch and Countrywide before they were acquired by BofA amid the financial crisis of 2008.

JPMorgan Chase, number two on the current list, drops to third place on the historical list because of the elimination of penalties related to its big 2008 acquisitions: Washington Mutual and Bear, Stearns. BP rises from third to second. Otherwise, the corporations in the top ten and their rankings are identical in the two lists. The others in that group are: Volkswagen, Citigroup, Wells Fargo, Deutsche Bank, UBS, Goldman Sachs, and Johnson & Johnson. Their penalty totals range from $14 billion to $25 billion on both lists.

Expanding the focus to the full list of the top 100 yields similar results. Eighty-four of the 100 most penalized current parents are also on the list of the 100 most penalized historical parents. Of the remaining 16, four fall slightly above 100 in the historical ranking. The other dozen are parents which, like Bank of America and JPMorgan Chase, bought or merged with other companies with substantial penalty histories.

For example, when Occidental Petroleum bought Anadarko Petroleum in 2019, it took on a business that had earlier been involved in a $5 billion settlement with the Justice Department. Apart from Anadarko, Occidental has accumulated $218 million in penalties.

Among the 16 companies on the historical top 100, but not the current list, is Abbott Laboratories. It gets eliminated from the current list because of its 2013 spinoff of AbbVie, which included businesses with more than $1.5 billion in previous penalties. Without AbbVie, Abbott still has penalties of $785 million.

Any parent company with ownership changes involving businesses with substantial penalty records is going to rank differently on the current and historical lists. Yet these differences do not change the fact that most large corporations have abysmal compliance records no matter how we add up their penalties.

The Regulation Bashers

Uber Technologies, a company which already had a less than sterling reputation, now has to contend with more blemishes on its record, thanks to a massive leak of internal documents to the International Consortium of Investigative Journalists.

Using what has been dubbed the Uber Files, ICIJ and partner media outlets such as The Guardian and The Washington Post have published a flurry of articles describing how the company, during a period when cofounder Travis Kalanick was still CEO, used a variety of aggressive techniques to fight regulators as it sought to conquer the tax industry around the world. At the same time, the company ingratiated itself with numerous world leaders to help in its expansion. Some Uber executives liked to refer to themselves as “pirates.”

While many of the details are fascinating, the main revelations in the Uber Files are far from surprising. The company was already known for ruthless tactics. In the United States alone, Uber has racked up more than $300 million in fines and penalties. About half of that total comes from a single settlement with a group of states which alleged that it tried to cover up a data breach affecting over 50 million customers.

Uber paid $20 million to resolve Federal Trade Commission allegations that it misled prospective drivers with exaggerated claims about earnings potential and about the availability of vehicle financing. It paid $10 million to Los Angeles and San Francisco counties (another $15 million was suspended) in settlement of allegations it misled customers about the background checks it carried out on its drivers. It was fined numerous times by state regulators for operating without proper authority or for failing to comply with reporting requirements.

It is clear that Uber, especially during the Kalanick era, has regarded regulation with contempt. One cannot help but suspect that the company’s name is meant to portray it not only as being above its competitors but also above the oversight of governments.

While Uber has been quite brazen in its hostility toward regulation, that opposition is hardly unusual. The Uber Files are appearing not long after the rightwingers of the U.S. Supreme Court handed down a ruling that not only blocked the Biden Administration’s effort to limit greenhouse gas emissions but may also lead to the dismantling of many other forms of government oversight of business.

There is now growing concern that the Court could revive rulings such as the 1905 Lochner decision which struck down a New York law that prohibited employers from imposing excessive working hours. Lochner held sway for several decades until giving way to the labor protections adopted during the New Deal era.

It is not hyperbole to suggest that the Court wants to bring back an economy that resembles the laissez-faire system of the 19th Century. That is, after all, an implication of the originalism the rightwing Justices claim to espouse. If Roe has to be overturned because the Constitution says nothing about abortion, then don’t laws about fair labor standards or product safety also have to fall because the founders did not address those issues either?

It may be that the bigger threat comes not from business executives pretending to be pirates but from extremists in black robes laying waste to essential government safeguards.

Corrupt Watchdogs

At first glance it seemed to be a satirical piece from The Onion. The Securities and Exchange Commission issued a press release announcing that Big Four accounting firm Ernst & Young was being fined $100 million for failing to prevent its audit professionals from cheating on ethics exams required to obtain and maintain their CPA licenses.

Not only did EY exercise poor oversight over its employees—it also tried to withhold evidence of the misconduct from agency investigators. This prompted the SEC to impose the largest fine ever against an audit firm.

The SEC’s release quoted Enforcement Division Director Gurbir Grewal as saying “it’s simply outrageous that the very professionals responsible for catching cheating by clients cheated on ethics exams, of all things,” adding: “And it’s equally shocking that Ernst & Young hindered our investigation of this misconduct.”

Yes, it’s shocking, shocking in a Casablanca sort of way to learn that EY management is apparently as corrupt as its auditors. The SEC failed to mention that EY has a long track record of misconduct. Even before this latest case, it has racked up more than $350 million in fines and settlements since 2000, as documented in Violation Tracker.

In 2013, for instance, EY paid $123 million to resolve allegations that it promoted a tax shelter scheme to clients that was so dodgy that the IRS asked the Justice Department to bring criminal charges against the firm. In 2009 EY paid $109 million to the Michigan Attorney General to settle allegations that it failed to expose accounting fraud in its audits of HealthSouth Corporation.

The SEC itself fined EY eight previous times in the past two decades, including a case last year in which the firm paid $10 million to settle allegations it violated auditor independence rules.

EY is not the only member of the Big Four with a checkered record—they are all tainted. As shown in Violation Tracker, PricewaterhouseCoopers has accumulated $114 million in penalties, Deloitte has $260 million and KPMG a whopping $560 million.

A big portion of the KPMG total came from a 2005 case in which it paid $456 million to resolve criminal charges that it designed and marketed fraudulent tax shelters. It has paid penalties to the SEC nine times since 2000—including a $50 million fine involving the same kind of cheating found at EY.

Given the ineffective deterrent effects of monetary penalties and criminal charges resolved through non-prosecution and deferred prosecution agreements, one might ask whether there is any way to eliminate corruption among the big auditing firms.

The 2002 Sarbanes-Oxley Act created a federal entity called the Public Company Accounting Oversight Board, which is supposed to keep auditing firms on the straight and narrow. It has brought more than 100 cases against the Big Four and smaller firms, yet auditing scandals continue to happen.

There is a need to find ways to end the stranglehold the Big Four have on providing auditing services for large corporations. This could include reforms such as stricter requirements for companies to rotate the firms they use. New reforms adopted in the UK will require large corporations to use smaller firms for at least a portion of their auditing.

A bolder approach could involve the creation of non-profit auditing agencies with more rigorous independence rules to prevent them from being influenced by unscrupulous clients. These and other reforms are urgently needed to end a system in which auditors who are supposed to ferret out corruption instead end up facilitating it.

Note: Just before the EY case was announced, Violation Tracker posted its latest quarterly update with about 10,000 new federal, state and local regulatory enforcement actions and class action lawsuits. This brought the total number of entries to 522,000 and total penalties to $804 billion. The EY case will be added soon.