Comparison of Three Federal Fraud and Abuse Laws

In the post-COVID era, health care fraud and abuse issues will be aggressively and swiftly enforced by the government. The legal framework and regulations in the health care space can be intimidating. Below is a comparison of three of the big federal fraud and abuse laws that the government actively enforces; but they are not an exclusive list.  The summary below is a primer on the three main federal fraud and abuse laws and is intended to increase your basic understanding of these laws.


False Claims Act (FCA)

PROHIBITIONS:

  • Prohibits the submission of false or fraudulent claims, false statements material to a false claim, and conspiracy to commit violation
  • Prohibits concealing or avoiding obligation to repay money to government (failure to return overpayments)
  • Claims that violate AKS or Stark can also be considered false claims
  • Common false claims include lack of medical necessity; quality of care; billing/coding issues; off-labeled marketing; retention of overpayments

EXCEPTIONS:

  • n/a

PENALTIES:

  • Treble damages and as of May 9, 2022 per claim penalties between $12,537 and $25,076
  • Regulated by the DOJ

Physician Self-Referral (Stark)

PROHIBITIONS:

  • Prohibits referrals of designated health services by a physician (or an immediate family member) if the physician has a financial relationship with the entity performing the designated health service
  • Regulates financial relationships with physicians (and physician’s immediate family members) only

EXCEPTIONS:

  • The arrangement must completely satisfy an exception or it violates the Stark law

PENALTIES:

  • No criminal enforcement; CMP enforcement for knowing violations: per violation penalties– 3x claims and/or per circumvention scheme penalties; Nonpayment of claims arising from prohibited arrangement; Recoupment of amounts received; Exclusion from federal health programs; FCA liability
  • Regulated by CMS

Anti-Kickback Statute (AKS)

PROHIBITIONS:

  • Prohibits offers of, solicitation of, or payment or receipt of remuneration intended to induce referrals for health care services covered by a government program
  • Covers provision of anything of value to a person who refers, orders/purchases or recommends

EXCEPTIONS:

  • Voluntary safe harbors exist, but arrangements are not required to fit within a safe harbors

PENALTIES:

  • Applies to either party involved in an arrangement that violates AKS; Criminal penalties $100,000 /violation, up to 10 years imprisonment); Civil penalties (CMP3x unlawful remuneration and $100,000/violation); Exclusion from federal health programs; FCA liability
  • Regulated by the OIG

Providers should also be aware of other enforcement statutes such as the Eliminating Kickbacks in Recovery (“EKRA”), the Civil Monetary Penalties Act (“CMP”), and the Travel Act, to name a few, in addition to being well versed in the relevant state health care fraud and abuse frameworks.

Copyright ©2022 Nelson Mullins Riley & Scarborough LLP

FinCEN Issues Final Rule on the Corporate Transparency Act Requiring Businesses to Report Beneficial Ownership Information

On September 30, 2022, the U.S. Financial Crimes Enforcement Network (“FinCEN”) published its final rule implementing Section 6403 of the Corporate Transparency Act (“CTA”). The final rule, which will take effect on January 1, 2024, will require “tens of millions” of companies doing business in the U.S. to report certain information about their beneficial owners. The reporting companies created or registered before January 1, 2024, will have until January 1, 2025, to file their initial beneficial ownership reports with FinCEN. Reporting companies created or registered on or after January 1, 2024, will be required to file initial beneficial ownership reports within 30 days of formation.

The CTA was passed by Congress on January 1, 2021, as part of the Anti-Money Laundering Act of 2020 in the National Defense Authorization Act for Fiscal Year 2021. After publishing a Notice of Proposed Rulemaking and receiving public comments, FinCEN adopted the proposed rule largely as proposed, with certain modifications intended to minimize unnecessary burdens on reporting companies.

What Entities are Reporting Companies? The final rule describes two types of reporting companies: domestic and foreign.

  • A domestic reporting company is any entity that is a corporation, a limited liability company, or other entity (such as limited liability partnerships, limited liability limited partnerships, business trusts, and most limited partnerships and business trusts) created by the filing of a document with a secretary of state or any similar office under the law of a state or American Indian tribe.

  • A foreign reporting company is any corporation, limited liability company, or other entity formed under the law of a foreign country and registered to do business in any state or tribal jurisdiction by the filing of a document with a secretary of state or any similar office under the law of a state or American Indian tribe.

What Entities are Exempt? The final rule exempts twenty-three separate categories of entities from the definition of the reporting company. Many of the exempted entities are already subject to federal or state regulations requiring disclosure of beneficial ownership information, such as banks, credit unions, depositary institutions, investment advisors, securities brokers and dealers, accounting firms, governmental entities, tax-exempt entities, and entities registered with the SEC under the Exchange Act of 1934. Additionally, the rules set forth an exemption for “large operating companies” that can demonstrate each of the following factors:

  • Employ more than 20 full-time employees in the U.S.

  • Have an operating presence at a physical office within the U.S.

  • Filed a federal income tax or information return in the U.S. for the previous year demonstrating more than $5 million in gross receipts or sales (excluding gross receipts or sales from sources outside the U.S.)

Finally, under the so-called “subsidiary exemption,” entities whose ownership interests are controlled or wholly owned by one or more exempt entities may also qualify for exemption. If a reporting company was formerly exempt but loses its exemption, it must file an updated report that announces the change and includes all the information required in a reporting company’s initial report.

Who are Beneficial Owners? The final rule requires reporting companies to report each individual who is a beneficial owner of such reporting company. A “beneficial owner” is any individual who, directly or indirectly, either exercises substantial control over the reporting company or owns or controls at least 25 percent of the ownership interests of the reporting company. An individual exercises “substantial control” if such individual:

  • Serves as a senior officer (except for corporate secretary or treasurer)

  • Has authority over the appointment or removal of any senior officer or a majority of the board of directors (or similar body)

  • Directs, determines, or has substantial influence over important decisions made by the reporting company

  • Has any other form of substantial control over the reporting company

Additionally, an individual may exercise substantial control over a reporting company, directly or indirectly, including as a trustee of a trust or similar arrangement, through:

  • Board representation

  • Ownership or control of a majority of the voting power or voting rights of the reporting company

  • Rights associated with any financing arrangement or interest in a company

  • Control over one or more intermediary entities that separately or collectively exercise substantial control over a reporting company

  • Arrangements or financial or business relationships, whether formal or informal, with other individuals or entities acting as nominees

  • Any other contract, arrangement, understanding, relationship, or otherwise

The final rule exempts five categories of individuals from the definition of beneficial owner: (i) minors, (ii) nominees, intermediaries, custodians, and agents, (iii) certain employees who are not senior officers, (iv) heirs with a future interest in the company, and (v) certain creditors.

Who are Company Applicants? In addition to the beneficial owner information, the final rule requires reporting companies created or registered on or after January 1, 2024, to report identifying information about each “company applicant.” A “company applicant” is:

  • Any individual who directly files the document to create a domestic reporting company or register a foreign reporting company with a secretary of state or similar office in the U.S.

  • Any individual who is primarily responsible for directing or controlling such filing if more than one individual is involved in the filing

The final rule provides further clarification as to certain individuals who, by virtue of their formation roles, fall under the definition of “company applicants.” For example:

  • If an attorney oversees the preparation and filing of incorporation documents and a paralegal files them, the reporting company would report both the attorney and paralegal as company applicants.

  • If an individual prepares and self-files documents to create the individual’s own reporting company, the reporting company would report the individual as the only company applicant.

The final rule removes the requirements that i) entities created before the effective date report company applicant information and ii) reporting companies update their company applicant information (except to correct inaccuracies), each of which were set forth in the proposed rules.

When are Initial Reports Due? When an initial report must be filed depends on the status of the reporting company as of January 1, 2024:

  • If Created or Registered on or after January 1, 2024 – It must file a report within 30 calendar days from the earlier of: i) the date on which the company receives actual notice that its creation or registration has become effective, or ii) the date a secretary of state or similar office first provides public notice, such as through a publicly accessible registry, that the company has been created or registered.

  • If Created or Registered Prior to January 1, 2024 – It must file a report not later than January 1, 2025.

What Information Must be Reported? An initial report must include the following information with respect to the reporting company:

  • The full legal name of the reporting company

  • Any trade name or “doing business as” name of the reporting company

  • The street address of the principal place of business of the reporting company (if outside the U.S., the street address of the primary location in the U.S. where it conducts business)

  • The state, tribal, or foreign jurisdiction of formation of the reporting company (a foreign reporting company must also report the state or tribal jurisdiction where it first registers)

  • The IRS Taxpayer Identification Number (“TIN”) of the reporting company (including the EIN of the reporting company, or if a foreign reporting company without a TIN, a tax identification number issued by a foreign jurisdiction and the name of such jurisdiction)

For each company applicant (of a reporting company registered or created on or after January 1, 2024) and each beneficial owner of a reporting company, the following information must be reported:

  • The full legal name of the individual

  • The date of birth of the individual

  • The current business street address (for a company applicant who forms or registers an entity in the course of such company applicant’s business) or residential street address (for all other individuals including beneficial owners)

  • A unique identifying number from, and image of, an acceptable identification document (e.g., a passport)

If a reporting company is directly or indirectly owned by one or more exempt entities and an individual is a beneficial owner of the reporting company exclusively by virtue of such individual’s ownership interest in the exempt entity, the reporting company’s report may list the name of the exempt entity in lieu of the beneficial ownership information set forth above.

When do Companies have to Report Changes? If there is any change with respect to required information previously submitted to FinCEN concerning a reporting company or its beneficial owners, including any change with respect to who is a beneficial owner or information reported for any particular beneficial owner, the reporting company is required to file an updated report within 30 calendar days of when the change occurred.

What are the Penalties for Violations? The final rule provides for a fine of up to $10,000.00 and/or imprisonment of up to two years for any person who willfully: (i) provides or attempts to provide false or fraudulent beneficial ownership information, or (ii) fails to report complete or updated beneficial ownership information to FinCEN. The penalties may also extend to individuals causing a reporting company’s failure to report or update information and senior officials of a reporting company at the time such failure occurs.

What is Coming Next from FinCEN? FinCEN is expected to publish the forms and instructions to be used for reporting beneficial ownership information well in advance of the effective date. FinCEN will further establish a secure nonpublic database for storage of the beneficial ownership information. Finally, FinCEN will issue rules on who may access the information (a limited group of governmental authorities and financial institutions), under what circumstances, and how the parties would generally be required to handle and safeguard the information.

What Should Reporting Companies be Doing Now? Existing companies should begin evaluating whether they are a “reporting company” and if so, determining who are their beneficial owners. Such reporting companies, including any other reporting companies that may be created or registered before the effective date, will have until January 1, 2025, to file an initial report. As noted, reporting companies created or registered on or after the effective date will have 30 calendar days after the date of creation or registration to file an initial report.

© 2022 Miller, Canfield, Paddock and Stone PLC

Former Uber Security Chief Found Guilty in Criminal Trial for Failure to Disclose Breach to FTC

On October 5, 2022, former Uber security chief Joe Sullivan was found guilty by a jury in U.S. federal court for his alleged failure to disclose a breach of Uber customer and driver data to the FTC in the midst of an ongoing FTC investigation into the company. Sullivan was charged with one count of obstructing an FTC investigation and one count of misprision, the act of concealing a felony from authorities.

The government alleged that in 2016, in the midst of an ongoing FTC investigation into Uber for a 2014 data breach, Sullivan learned of a new breach that affected the personal information of more than 57 million Uber customers and drivers. The hackers allegedly demanded a ransom of at least $100,000 from Uber. Instead of reporting the new breach to the FTC, Sullivan and his team allegedly paid the ransom and had the hackers sign a nondisclosure agreement. Sullivan also allegedly did not report the breach to Uber’s General Counsel.  Uber did not publicly disclose the incident or inform the FTC of the incident until 2017, when Uber’s new chief executive, Dara Khosrowshahi, joined the company.

This case is significant because it represents the first time a company executive has faced criminal prosecution related to the handling of a data breach.

For more Privacy Law news, click here to visit the National Law Review.

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.

The “Iron Curtain” has Fallen: A Radical Shift in Lawyers Representing Whistleblowers

Whistleblower Network News (WNN) recently revealed, for the first time, that major corporate law firms specializing in representing defendants before the U.S. Securities and Exchange Commission (SEC) have, in some cases, switched sides and are now representing whistleblowers who are turning in corporate fraudsters.  All but one of the firms identified by the SEC did not call public attention to their new-found client base – most likely because they did not want to upset their bread-and-butter corporate clients.  It appears that major corporate law firms now understand that the Dodd-Frank Act’s whistleblower reward provisions are incredibly effective in incentivizing corporate insiders to report fraud, even when those insiders are executives usually on the other side of a whistleblower issue.  Lawyers who traditionally represent whistleblowers understand that Dodd-Frank is well designed and is being professionally implemented by the SEC.  Corporate lawyers and their firms have apparently caught on to this new reality and are now representing whistleblowers.

That defense firms are now actively engaged in representing whistleblowers cannot be denied.  Lists of law firms that have prevailed in Dodd-Frank whistleblower cases, disclosed in response to Freedom of Information Act (FOIA) requests filed with the SEC, document that 9.3% of firms that have obtained rewards on behalf of whistleblowers were traditional defense firms.  These firms include some of the largest defense firms in the United States that represent numerous corporations subjected to SEC enforcement actions for violating securities laws as well as firms that have defended corporations against whistleblowers in retaliation cases.

If that statistic holds, it is clear hundreds of corporate defense firms or their attorneys are representing whistleblowers in confidential investigations.  Why are these cases still under review?  Dodd-Frank is still a young law, and the vast majority of cases have not yet resulted in formal reward determinations.  Cases often take five years or more to be finalized, and as of the end of Fiscal Year 2021 over 51,000 whistleblower cases had been filed with the SEC.  Furthermore, under the FOIA requests the SEC only released the names of law firms that prevailed in a whistleblower case.  The names of firms that did not prevail in a claim, or firms that represent whistleblowers in ongoing investigations, were not disclosed.

Time will tell whether defense firms’ representation of whistleblowers who accuse their employers (or other corporate wrongdoers) of fraud is a good or bad development.  But unique issues will arise whenever a firm that primarily generates its profits from representing corporations accused of wrongdoing switches sides and represents a whistleblower who has accused an executive of engaging in fraud.  Although such representations may be permitted under the attorney’s rules of ethics, this does not mean that such representations are always in the best interest of a lawyer’s clients.  There are inherent potential conflicts whenever a defense firm switches sides and decides to represent a whistleblower reporting major corporate crimes.

Regardless of where you stand on this issue, one thing is clear: the ethical, policy and legal implications of defense firms representing whistleblowers is a dramatic shift in legal practice and must be carefully evaluated.  Defense firms must understand that whenever they represent a whistleblower, they must zealously advocate on their behalf, even when the precedents set by their cases may be used against their corporate clients.  Likewise, whistleblowers need to be aware of the implications of choosing a lawyer whose primary practice is representing corporate crooks.  Conflicts of interest may not initially be visible but can unfold as a case progresses.

The Revelation

In August of 2022, Bloomberg Law and a draft non-peer-reviewed article published by University of Kansas Professor Alexander Platt raised the issue of which law firms represent whistleblowers.  Bloomberg and Platt obtained lists of law firms that prevailed in Dodd-Frank whistleblower cases.  They used the lists to identify a small number of firms, all of which could be classified as pro-whistleblower firms.  These firms’ practices are centered on fighting corporate fraud and speculated whether these firms were being given preferential treatment by the SEC. Neither publication offered proof of any wrongdoing.  But Platt and Bloomberg did not list all the law firms that prevailed in Dodd-Frank cases.  Significantly, neither even mentioned the fact that major defense law firms had already filed and won Dodd-Frank cases on behalf of whistleblowers.  Additionally, the two authors did not explore the special issues that could arise when firms dedicated to defending white-collar criminals quietly switch sides.

In response to Platt and Bloomberg, WNN filed its own Freedom of Information Act (FOIA) request to obtain access to the documents relied upon in the two articles.  The SEC released over 1000 pages of documents to WNN, including all its correspondence with Platt and all the records provided to Platt (and Bloomberg) that identified law firms that successfully represented whistleblowers.

On September 27, 2022, WNN revealed, for the first time, that the SEC had identified 64 law firms that successfully obtained a reward on behalf of a whistleblower.  Among those firms were six that primarily represent corporations and individuals accused of corporate crimes.  These defense firms included industry giants such as Winston & Strawn and Akin Gump.  Together, the defense firms have already obtained over $56 million in rewards on behalf of whistleblowers.  In response to the Platt, Bloomberg, and WNN FOIA requests, the SEC only identified firms that had already prevailed and obtained a reward on behalf of their clients. Approximately 50,000 cases are pending within the SEC’s reward program, and there is a long delay in processing whistleblower cases.  Therefore, one can assume that numerous other pending cases where these or other defense firms are actively representing whistleblowers that were not disclosed by the SEC.

It is important to note that the Dodd-Frank provisions only apply to large fraud cases.  No reward is available unless the SEC issues sanctions against the entity being investigated in excess of $1 million.  Thus, the cases previously targeted by the defense firms and currently under investigation by the SEC would implicate major frauds.

The defense firms identified by WNN as being listed in the SEC-released materials were:

Winston & Strawn, LLP:  Winston advertises itself as defending “companies and individuals in SEC enforcement and regulatory matters related to allegations involving securities fraud.”  But not mentioned on its webpage is that it also represented a securities law whistleblower who obtained a $2.2 million reward.

Akin Gump Strauss Hauer & Feld LLP: Akin Gump also describes its practice as representing “companies and individuals” under investigation by various regulatory agencies, including the SEC.  Akin’s attorneys obtained a Dodd-Frank reward of $800,000 award.

Haynes and Boone, LLP: This 600-lawyer defense firm’s website explained that it has “represented employers” in “whistle blowing.”  However, the SEC documents revealed the firm also represented a whistleblower who obtained a “20%” award against a corporate fraudster.

Levine Lee LLP:  Although this firm markets itself as successfully representing clients accused of violating anti-fraud laws, like the other defense firms, it has apparently started a whistleblower practice and obtained a reward of $10 million on behalf of a whistleblower.

Leader Berkon Colao & Silverstein LLP:  This defense firm prevailed in cases filed on behalf of two separate whistleblowers and had considerable success.  Their whistleblower clients obtained $15 million and $27 million in awards.

Sallah Astarita & Cox, LLC: Although this firm “regularly represents financial institutions” in “fraud” cases, the firm also represented a whistleblower who obtained a $1.8 million award.  Sallah Astarita was the only firm that listed its Dodd-Frank Act whistleblower case on its website as among the victories achieved by one of its partners.

The SEC’s Dodd-Frank Whistleblower Program

Professor Platt and Bloomberg Law criticized the SEC’s Dodd-Frank program as having a bias in favor of a small number of whistleblower-rights law firms that had employed former SEC lawyers.  However, the information revealed by WNN completely refuted this negative implication raised by Platt and Bloomberg.  Instead, the FOIA documents support a finding that the SEC program is a paradigm of fairness and openness.  The extensive correspondence between Platt and the SEC demonstrates that the Commission freely disclosed the names of the firms that had won cases while carefully balancing the confidentiality needs of the whistleblower clients.  These numbers illustrate a program open to law firms regardless of their reputation or whether they employ former government lawyers.  They also reveal a program open to working directly with whistleblowers and rewarding them even if they had no lawyer.  Not one document produced provided any evidence whatsoever of wrongdoing, bias, or unprofessionalism.  The numbers speak for themselves:

  • Over 50 pro se whistleblowers won cases on their own behalf.  This high percentage of unrepresented applicants who successfully navigated the SEC’s program is remarkable.  In other legal programs, pro se whistleblowers (and other unrepresented persons) lose the vast majority of their cases.  Not so under Dodd-Frank. This demonstrates a high level of commitment by the SEC to helping individual whistleblowers who could not afford or obtain lawyers.
  • Of the 64 law firms that prevailed in a Dodd-Frank reward claim, only 12 had hired former SEC lawyers to assist in the cases.  Thus, the vast majority of successful law firms (52 of the 64) had no “insider” connection to the SEC.   This fact demonstrates the Commission’s staff’s willingness to work closely with attorneys who had no “friends” in the agency and whose information was solely merit-based. Moreover, a significant percentage of the firms that did employ former SEC or Justice Department lawyers were the very defense firms that Bloomberg Law and Platt did not discuss or analyze.
  • The Commission’s staff demonstrated no bias against firms based on their practice areas.  The Commission’s enforcement staff and Whistleblower Office worked with law firms that were defense-based (6) and law firms that traditionally represent whistleblowers or employees in lawsuits against companies (many of the remaining 58).

The FOIA documents support a finding that the Commission’s staff is open to whistleblowers, regardless of whether they represent themselves or whether or not the firms raising the concerns have any “insider” connections.   Organizations such as the National Whistleblower Center, which regularly works with whistleblowers, have widely praised the program, as have the last three Chairs of the SEC, appointed by Presidents ObamaTrump, and Biden.  The Commission itself confirmed that as of September 2021, it returned over $1.3 billion to harmed investors based on whistleblower cases.

The Future Role of Defense Firms in Dodd-Frank Cases

The SEC cannot implement special rules that would be prejudicial to traditional defense firms that file whistleblower cases.   Likewise, whistleblowers have the right to hire counsel of their choice and, in most cases, can knowingly waive potential conflicts of interest.  But the mere fact that traditional defense firms can lawfully represent whistleblowers without violating any SEC or local Bar rules does not address the special problems that may exist when a defense firm represents a whistleblower.  For example, such representations can result in significant conflicts of interest that may not be apparent at the commencement of a case. This may result in the whistleblower’s attorneys not advocating for legal precedents that could harm their other corporate clients.

Traditional defense firms should implement internal procedures to guard against potential problems based on the obvious conflicts that can arise when they represent clients on both sides of whistleblower-disclosure cases.  More significantly, it is absolutely crucial that whistleblowers fully understand the potential for conflicts of interest when deciding on the best attorneys to hire.  Attorneys working for defense firms must clearly spell out these issues and ensure that when representing a whistleblower, their prospective client is fully aware of all the risks and limitations.

Among the rules, procedures, and practices that defense firms should implement or carefully consider are:

  1. At the very least, defense firms representing whistleblowers should identify this on their websites.  Corporate clients should know that the firm also represents whistleblowers and should be able to question counsel on these matters so they feel comfortable that no conflicts would arise.
  2. Whistleblower clients need full disclosure of how the defense firm’s primary practice may impact the representation.  This is particularly true whenever a case would require advocacy on behalf of a whistleblower that could expand legal interpretations benefiting whistleblowers.  It is hard to reconcile how a law firm defending some clients against whistleblowers can effectively argue before administrative agencies or courts of law legal precedents that could expand the rights of whistleblowers.  These expanded rights could and would ultimately not be to the advantage of corporate clients accused of wrongdoing.
  3. Similarly, defense firms need to reconcile how they can advocate for a whistleblower who engaged in tactics, such as removing documents or one-party tape recording, that their corporate clients may find offensive.  This is particularly true when the zealous representation of a whistleblower requires expanding the ability of whistleblowers to obtain evidence of wrongdoing, and the precedent this advocacy establishes may be used against the firm’s current or future corporate clients.
  4. The potential for a conflict of interest needs to be fully explored in every case.  One issue that firms and clients may not be fully aware of is how the “related action” provisions of the laws impact potential conflicts.  Once the SEC obtains a sanction of over $1 million in any case, all “related actions” become eligible for a reward.  Sanctions issued by other law enforcement or regulatory agencies based on “related” claims can form the basis of a reward.   When examining whether a conflict exists, law firms need to look beyond the SEC action and determine witnesses, parties, and issues that may be implicated in a “related action.” This determination is critical even if the related action is not based on any securities law violation.
  5. Defense firms can also explore ways to refer potential whistleblower clients to attorneys whose practices are based solely on representing whistleblowers.  These referrals would help ensure that the defense firm is not conflicted (either as a matter of ethics or marketing) and that the client can obtain the best counsel.

Conclusion: The Iron Curtain has Fallen

Whistleblower representation is entering a new world.  The “iron curtain” that formerly separated law firms that represent corporate crooks from those that represent whistleblowers has fallen. This new reality is not without serious risks to whistleblowers (and corporate clients).  Whistleblowers must be fully aware of the dangers of having a corporate law firm represent them.  Corporate law firms must institute procedures to guard against conflicts of interest and to ensure they can zealously represent whistleblowers.  Zealous representation is needed even when the precedents established in these cases may create trouble for their other client base.

At the end of the day, the fact that defense law firms are now representing whistleblowers affirms the success of Dodd-Frank.  It is an affirmation of the critical nature of the information whistleblowers provide to the government and the role of this insider information in stopping otherwise hard to detect corporate crimes.  The “iron curtain” has fallen, but it has fallen in the direction that helps whistleblowers.  It has fallen in the direction that affirms the quality of their disclosures. It refutes the often-repeated slander that whistleblowers are somehow simply disgruntled employees.

Whistleblowers are essential to ensuring fairness in the markets, holding wrongdoers accountable, and deterring future wrongdoing.  The SEC has publicly recognized this, and now leading corporate defense attorneys have quietly recognized it. Defense firms like Akin Gump, Winston and Strawn, and Hayes and Boone got it right when they advocated for paying whistleblowers substantial rewards.  Whistleblowers whose information holds corporate criminals accountable deserve large rewards. These rewards are in the public interest, and the SEC Dodd-Frank whistleblower program must be protected, enhanced and expanded.

Sources:

  1. Whistleblower Network News, “WNN Exclusive: SEC FOIA Documents Reveal Big Law Defense Firms are Confidentially Representing Dodd-Frank Whistleblowers,” (September 27, 2022)
  2. List of Law Firms that Obtained Rewards in Whistleblower Cases as of 2021
  3. List of Awards Obtained by the Six Defense Law Firms
  4. List of pro se Cases where Whistleblowers Obtained a Reward
  5. FAQ on the SEC’s Dodd-Frank Act program
  6. FAQ on Confidentiality of Dodd-Frank Act claims
Copyright Kohn, Kohn & Colapinto, LLP 2022. All Rights Reserved.

Whistleblower Receives $11 Million for Reporting Pharmaceutical Fraud

September 16, 2022.  The United States Department of Justice settled a case against the pharmaceutical manufacturer Bayer Corporation.  Under the terms of the settlement, Bayer paid $40 million.  A former employee in the pharmaceutical company’s marketing department filed two qui tam lawsuits alleging violations of the False Claims Act.  For reporting fraud, the whistleblower received approximately $11 million, and they pursued both cases after the Department of Justice (DOJ) declined to intervene.

According to the allegations, the pharmaceutical company was paying kickbacks to healthcare providers to “induce them to utilize the drugs Trasylol and Avelox, and also marketed these drugs for off-label uses that were not reasonable and necessary.”  This lawsuit was filed in the District of New Jersey and alleged that the because of these kickbacks, the pharmaceutical company caused submission of false claims to Medicare and Medicaid.  The lawsuit that was transferred to the District of Minnesota entailed the pharmaceutical company knowingly misrepresenting the safety and efficacy of Baycol, a statin drug, and also renewing contracts with the Defense Logistics Agency based on these misrepresentations.  To settle these allegations, Bayer paid $38,860,555 to the United States and $1,139,445 to the Medicaid Participating States.  The Principal Deputy Assistant Attorney General remarked about this settlement, “Today’s recovery highlights the critical role that whistleblowers play in the effective use of the False Claims Act to combat fraud in federal healthcare programs.”

The False Claims Act incentivizes private citizens to report fraud against the government and holds accountable companies that financially benefit from participation in government contracts and government-sponsored programs.  The Department of Justice needs whistleblowers to the be the antidote to pharmaceutical fraud.

© 2022 by Tycko & Zavareei LLP

NAVEX Report Reveals Increase in Whistleblower Retaliation and Reporting of Misconduct

NAVEX’s 2022 Risk & Compliance Hotline & Incident Management Benchmark Report reveals an increase in internal reporting about misconduct and an increase in allegations of retaliation.  The analysis of data from 3,470 organizations that received more than 1.37 million individual reports identified the following trends (see the full report for a discussion of additional trends and analysis of the data):

  • “More actual allegations of misconduct, rather than inquiries about policies or possible misconduct. Ninety percent of all reports in 2021 were allegations of misconduct, up from 86 percent last year and hitting an all-time high since our first benchmark report more than ten years ago.”

  • “Reports about retaliation, harassment and discrimination jumped – especially retaliation. In 2021, reports of retaliation nearly doubled . . . Taken altogether, these findings suggest employees are more attuned to workplace civility issues. That would fit with external trends such as more talk about systemic racism, income inequality and political divisions; as well as increasing protection for whistleblowers and employees’ awareness of  those protections.”

  • “Substantiation rates continue to edge upward. Overall substantiation rates rose from 42 percent in 2020 to 43 percent in 2021, and up from 36 percent a decade ago. The reports substantiated most often were data privacy concerns (63 percent), environmental issues (59 percent), and confidential and proprietary information (54 percent). The reports substantiated least often were about retaliation (24 percent).”

  • “The substantiation rate for reports of retaliation also went up slightly, from 23 percent in 2020 to  24 percent in 2021 – the highest substantiation rate seen since 2016. While steady, this substantiation rate is significantly below the overall median case substantiation rate of 43 percent in 2021. These cases, though difficult to prove, warrant attention.”

  • “Reports of harassment exceeded levels from the height of the #MeToo movement.”

Corporate Whistleblower Protections

Whistleblower retaliation remains all too prevalent.  A September 14, 2022 Bloomberg article titled Whistleblower retaliation remains all too prevalent discusses how “choosing to be a whistle-blower can also be a lonely, risky road” and identifies many deterrents to speaking up – “[t]hey may be afraid of litigation, ruining their reputations, losing security clearances or facing jail time.”

Fortunately, federal and state laws afford corporate whistleblowers remedies to combat retaliation, and whistleblower reward laws incentivize whistleblowers to take the considerable risks entailed in reporting fraud and other wrongdoing to the government.  For example, the

SEC Whistleblower Program offers awards to eligible whistleblowers who provide original information that leads to successful SEC enforcement actions with total monetary sanctions exceeding $1 million. A whistleblower may receive an award of between 10% and 30% of the total monetary sanctions collected in actions brought by the SEC and in related actions brought by other regulatory or law enforcement authorities. The SEC Whistleblower Program allows whistleblowers to submit tips anonymously if represented by an attorney in connection with their tip.

What is Whistleblower Retaliation?

Whistleblower retaliation laws prohibit a broad range of retaliatory actions against whistleblowers, including any act that would dissuade a worker from engaging in protected whistleblowing.  Examples of actionable whistleblower retaliation include:

  • Terminating a whistleblower;

  • Constructively discharging a whistleblower;

  • Demoting a whistleblower;

  • Suspending a whistleblower;

  • Harassing a whistleblower or subjecting the whistleblower to a hostile work environment;

  • Reassigning a whistleblower to a position with significantly different responsibilities;

  • Issuing a performance evaluation or performance improvement plan that supplies the necessary foundation for the eventual termination of the whistleblower’s employment, or a written warning or counseling session that is considered discipline by policy or practice and is routinely used as the first step in a progressive discipline policy;

  • Placing the whistleblower on administrative leave;

  • Threatening to take an adverse action against a whistleblower;

  • Subjecting a whistleblower to a retaliatory investigation or retaliatory surveillance;

  • Suing a whistleblower for the purpose of retaliating against the whistleblower;

  • Outing a whistleblower;

  • Intimidating a whistleblower;

  • Initiating a law enforcement investigation or facilitating an employee’s detention by U.S. ICE after the employee reported a serious injury; or

  • Discriminating against a whistleblower in the terms and conditions of employment because of whistleblowing.

The DOL Administrative Review Board has emphasized that statutory language prohibiting discrimination “in any way” must be broadly construed and therefore a whistleblower need not prove that a retaliatory act had a tangible impact on an employee’s terms and conditions of employment.

What Damages Can a Whistleblower Recover in a Whistleblower Retaliation Case?

Whistleblower retaliation can exact a serious toll, including lost pay and benefits, reputational harm, and emotional distress.  Indeed, whistleblower retaliation can derail a career and deprive the whistleblower of millions of dollars in lost future earnings.

Whistleblowers should be rewarded for doing the right thing, but all too often they suffer retaliation and find themselves marginalized and ostracized.  Federal and state whistleblower laws provide several remedies to compensate whistleblowers that have suffered retaliation, including:

  • back pay (lost wages and benefits);

  • emotional distress damages;

  • damages for reputational harm;

  • reinstatement or front pay in lieu thereof;

  • lost future earnings; and

  • punitive damages.

Combating Whistleblower Retaliation: How to Maximize Your Recovery

Whistleblower protection laws can provide a potent remedy, but before bringing a retaliation claim, it is crucial to assess the options under federal and state law and develop a strategy to achieve the optimal recovery.  Key issues to consider include the scope of protected whistleblowing, the burden of proof, the damages that a prevailing whistleblower can recover, the forum where the claim would be litigated, and the impact of the retaliation claim on a whistleblower rewards claim.

Scope of Protected Whistleblowing

There is no federal statute that provides general protection to corporate whistleblowers.  Instead, federal whistleblower protection laws protect specific types of disclosures, such as disclosures of securities fraud, tax fraud, procurement fraud, or consumer financial protection fraud.  The main sources of federal protection for corporate whistleblowers include the whistleblower protection provisions of the following:

  • The False Claims Act (FCA) — protecting disclosures about fraud directed toward the government, including actions taken in furtherance of a qui tam action and efforts to stop a violation of the FCA;

  • The Defense Contractor Whistleblower Protection Act (DCWPA) — protecting whistleblowing about gross mismanagement of a federal contract or grant; a gross waste of federal funds; an abuse of authority relating to a federal contract or grant or a substantial and specific danger to public health or safety, or a violation of law, rule, or regulation related to a federal contract;

  • The Sarbanes-Oxley Act (SOX) — protecting disclosures about mail fraud, wire fraud, bank fraud, securities fraud, a violation of any SEC rule, or shareholder fraud;

  • The Dodd-Frank Act (DFA) — protecting whistleblowing to the SEC about potential violations of federal securities laws;

  • The Taxpayer First Act (TFA) — protecting disclosures about tax fraud or tax underpayment;

  • The Consumer Financial Protection Act (CFPA) — protecting disclosures concerning violations of Consumer Financial Protection Bureau rules or federal laws regulating unfair, deceptive, or abusive practices in the provision of consumer financial products or services; and

  • The Anti-Money Laundering Act (AMLA) — protecting disclosures about violations of the Bank Secrecy Act.

While most of these anti-retaliation laws protect internal disclosures (e.g., reporting to a supervisor), whistleblower protection under the DFA is predicated on a showing that the whistleblower disclosed a potential violation of federal securities law to the SEC prior to suffering an adverse action.

State law may also provide a remedy, including the anti-retaliation provisions in state FCAs.  And approximately 42 states recognize a common law wrongful discharge tort action (a public policy exception to at-will employment), which generally protects refusal to engage in illegal activity and the exercise of a statutory right.

Burden of Proof

To maximize the likelihood of winning a case (or at least getting the case before a jury), it is useful to select a remedy with a favorable causation standard (the level of proof required to link the protected whistleblowing to the adverse employment action).  SOX has a favorable “contributing factor” causation standard, i.e., the whistleblower prevails by proving that their protected whistleblowing affected in any way the employer’s decision to take an adverse action.  In contrast, the FCA and DFA require the whistleblower to prove “but for” causation, i.e., the adverse action would not have happened “but for” the protected whistleblowing (albeit there is no need to prove that it was the sole factor).

Damages and Remedies in Whistleblower Retaliation Cases

Variations in the remedies available to whistleblowers under federal anti-retaliation laws may warrant bringing more than one claim.  For example, the DCWPA authorizes an award of back pay (the value of lost pay and benefits), and the FCA authorizes an award of double back pay.  If the whistleblower’s disclosures are protected under both statutes, then the whistleblower should bring both claims.

While a prevailing whistleblower can recover back pay under both the DFA and SOX (double back pay under the former and single back pay under the latter), the DFA does not authorize special damages, i.e., damages for emotional distress and reputational harm.  In contrast, SOX authorizes uncapped compensatory damages.  Therefore, a whistleblower protected under both statutes should bring the SOX claim within the much shorter SOX statute of limitations (180 days) to recover both double back pay and special damages.

State law may also provide a remedy, and if the whistleblower can pursue both a statutory remedy and a wrongful discharge tort, the latter may offer the opportunity to seek punitive damages.

Forum Selection and Administrative Exhaustion

When selecting the optimal remedy to combat retaliation, a whistleblower should consider the forum where the claim would be tried and determine whether the claim must initially be investigated by a federal agency before the whistleblower can litigate the claim.  SOX provides an unequivocal exemption from mandatory arbitration, but Dodd-Frank claims are subject to arbitration.  Accordingly, a whistleblower protected both by SOX and Dodd-Frank should file a SOX claim within the 180-day statute of limitations to preserve the option to try the case before a jury.

Several of the corporate whistleblower protection laws require that the whistleblower file the claim initially at a federal agency and permit the agency to investigate the claim before the whistleblower can litigate the claim.  This is called administrative exhaustion, and failure to comply with that requirement can waive the claim.  In contrast, the FCA and DFA do not require administrative exhaustion.

Impact of Whistleblower Retaliation Claim on Whistleblower Rewards Claim

Another important consideration is the potential impact of a retaliation case on a qui tam or whistleblower rewards case.  Filing an FCA retaliation claim while a qui tam suit is under seal poses some risk of violating the seal, which could bar the whistleblower from recovering a relator share.  Therefore, counsel should consider filing the FCA retaliation claim under seal along with the qui tam suit.

Further, whistleblowers pursuing rewards claims at federal agencies (e.g., SEC or IRS whistleblower claims) while simultaneously pursuing related retaliation claims (e.g., a SOX or TFA claim) should assess the potential impact of the retaliation claim and the potential discoverability of submissions to the SEC or IRS on the rewards claim(s).

Although the patchwork of whistleblower protection laws fails to protect disclosures about certain forms of fraud, there are important pockets of protection.  To effectively combat retaliation, whistleblowers should avail themselves of all appropriate remedies.

© 2022 Zuckerman Law

Medicare CERT Audits and How to Prepare for Them

CERT audits are an unfortunate part of doing business for healthcare providers who accept Medicare. Failing the audit can mean the provider has to pay back overcharges and be subjected to increased scrutiny in the future. 

The best way to be prepared for a CERT audit is to have a compliance strategy in place and to follow it to the letter. Retaining a healthcare lawyer to craft that strategy is essential if you want to make sure that it is all-encompassing and effective. It can also help to hire independent counsel to conduct an internal review to ensure the compliance plan is doing its job.

When providers are notified of a CERT audit, hiring a Medicare lawyer is usually a good idea. Providers can fail the audit automatically if they do not comply with the document demands.

What is a CERT Audit?

The Comprehensive Error Rate Testing (CERT) program is an audit process developed by the Centers for Medicare and Medicaid Services (CMS). It is administered by private companies, called CERT Contractors, which work with the CMS. Current information about those companies is on the CMS website.

The CERT audit compares a sampling of bills for Medicare fee-for-service (FFS) payments, which were sent by the healthcare provider to its Medicare Administrative Contractor (MAC), against medical records for the patient. The audit looks at whether there is sufficient documentation to back up the claim against Medicare, whether the procedure was medically necessary, whether it was correctly coded, and whether the care was eligible for reimbursement through the Medicare program.

Every year, the CERT program audits enough of these FFS payments – generally around 50,000 per year – to create a statistically significant snapshot of inaccuracies in the Medicare program.

The results from those audits are reported to CMS. After appropriately weighing the results, CMS publishes the estimated improper payments or payment errors from the entire Medicare program in its annual report. In 2021, the CMS estimated that, based on data from the CERT audits, 6.26 percent of Medicare funding was incorrectly paid out, totaling $25.03 billion.

The vast majority of those incorrect payments, 64.1 percent, were marked as incorrect because they had insufficient documentation to support the Medicare claim. Another 13.6 percent were flagged as medically unnecessary. 10.6 percent was labeled as incorrectly paid out due to improper coding. 4.8 percent had no supporting documentation, at all. 6.9 percent was flagged as incorrectly paid for some other reason.

The CERT Audit Process

Healthcare providers who accept Medicare will receive a notice from a CERT Contractor. The notice informs the provider that it is being CERT audited and requests medical records from a random sampling of Medicare claims made by the provider to its MAC.

It is important to note that, at this point, there is no suspicion of wrongdoing. CERT audits examine Medicare claims at random.

Healthcare providers have 75 days to provide these medical records. Failing to provide the requested records is treated as an audit failure. In 2021, nearly 5 percent of failed CERT audits happened because no documentation was provided to support a Medicare claim.

Once the CERT Contractor has the documents, its team of reviewers – which consists of doctors, nurses, and certified medical coders – compares the Medicare claim against the patient’s medical records and looks for errors. According to the CMS, there are five major error categories:

  • No documentation

  • Insufficient documentation

  • Medical necessity

  • Incorrect coding

  • Other

Errors found during the CERT audit are reported to the healthcare provider’s MAC. The MAC can then make adjustments to the payments it sent to the provider.

Potential Repercussions from Errors Found in a CERT Audit

CERT audits that uncover errors in a healthcare provider’s Medicare billings lead to recoupments of overpayments, future scrutiny, and potentially even an investigation for Medicare fraud.

When the CERT audit results are brought to the MAC’s attention, the MAC will adjust the payments that it made to the provider. If the claims led to an overpayment, the MAC will demand that money back.

But Medicare Administrative Contractors (MACs) can go further than just demanding restitution for overpayments. They can also require prepayment reviews of all of the provider’s future Medicare claims, and can even suspend the provider from the program, entirely.

Worse still, CERT audits that uncover indications of Medicare fraud may be reported to a law enforcement agency for further review. This can lead to a criminal investigation and potentially even criminal charges.

Appealing a CERT Audit’s Results

With penalties so significant, healthcare providers should seriously consider hiring a lawyer to appeal the results of a CERT audit.

Appeals are first made to the MAC, requesting a redetermination of the audit results. The request for redetermination has to be made within 120 days of receiving notice of the audit results. However, if the provider wants to stop the MAC from recouping an overpayment in the meantime, it has to lodge the request within 30 days.

Providers can appeal the results of the redetermination, as well. They can request a reconsideration by a Qualified Independent Contractor within 180 of the redetermination, or within 60 days to stop the MAC’s recoupment process.

Providers who are still dissatisfied can appeal the case to an administrative law judge, then to the Medicare Appeals Council, and finally to a federal district court for review.

How to Handle a CERT Audit

The best way to handle and to prepare for a CERT audit is to hire Medicare audit attorneys to guide you through the process. It would also help to start internal audits within the company.

For providers who have been notified that they are under an audit, getting a lawyer on board immediately is essential. An experienced healthcare attorney can conduct a thorough internal investigation of the claims being audited. This can uncover potential problems before the audit points them out, giving the healthcare provider the time it needs to prepare its next steps.

Providers who are not currently being audited can still benefit from an attorney’s guidance. Whether by drafting a compliance plan that will prepare the provider for an inevitable CERT audit or by conducting an internal investigation to see how well a current compliance plan is performing, a lawyer can make sure that the provider is ready for an audit at a moment’s notice.

Taking these preventative steps soon is important. CMS put the CERT audit program on halt for the coronavirus pandemic, but that temporary hold was rescinded on August 11, 2020. While the CMS has reduced the sample sizes that will be used for its 2021 and 2022 reports, it will likely go back to the original numbers after that. Healthcare providers should prepare for this increased regulatory oversight appropriately.

Oberheiden P.C. © 2022

A Fool in Idaho; SEC Sues Idahoans for Insider Trading Scheme

In July 1993 two brothers, David and Tom Gardner, and a friend, Erik Rydholm, founded a private investment advisory firm in Alexandria, Virginia. They named that firm Motley Fool after the court jester in “As You Like It,” a play written by William Shakespeare (it is believed in 1599). The Motley Fool, or Touchstone as he is known in the play, was the only character who could speak the truth to Duke Frederick without having his head cut off. Similarly, Motley Fool, the advisory firm, sought to give investors accurate advice, even if it flew in the face of received wisdom. For example, in advance of April Fool’s Day 1994, Motley Fool issued a series of online messages promoting a non-existent sewage-disposal company. The April Fool’s Day prank was intended to teach investors a lesson about penny stock companies. The messages gained widespread attention including an article in The Wall Street Journal.

Over time Motley Fool grew into a worldwide subscription stock recommendation service. It now releases new recommendations every Thursday, and subscribers receive them through computer interfaces provided by Motley Fool. The terms of service in a Motley Fool subscription agreement (in the words of the May 3, 2022 Complaint brought by the U.S. Securities and Exchange Commission [“SEC”] in the Federal Court for the Southern District of New York) “expressly prohibit unauthorized access to its systems.”  David Lee Stone of Nampa, Idaho (southwest of Boise), is a 36-year-old computer design and repair person with a degree in computer science.  Since June 2021, he and his wife have lived periodically in Romania, a fact cited in the Complaint, suggesting, perhaps, some involvement with Romania-based computer hackers. In any event, Stone is alleged in the Complaint to have used deceptive means beginning in November 2020 to obtain pre-release access to upcoming Motley Fool stock picks. Using that information, Stone and a co-defendant made aggressive investments, typically in options, which generated more than $12 million in gains. Stone, his codefendant, and his family and friends all benefited financially from knowing in advance the Motley Fool picks.

The SEC seeks injunctions against Stone and his co-defendant, as well as disgorgement with interest and civil penalties, for violating the antifraud provisions of federal law. The Commission also seeks disgorgement with interest from the family and friends. In addition, the U.S. Attorney for the Southern District of New York has filed criminal charges against Stone.

This case is in many ways reminiscent of the 1985 federal prosecution by the U.S. Attorney for the Southern District of New York (who happened to be Rudolph Giuliani at the time) of R. Foster Winans. Winans was, from 1982 to 1984, the co-author of “Heard on the Street,” a column in The Wall Street Journal. Winans leaked advance word of what would be in his column to a stockbroker who then invested with the benefit of that information, sharing some of the profits with Winans. Winans argued that his actions were unethical, but not criminal. He was found guilty of insider trading and wire fraud and was sentenced to 18 months in prison. He appealed his conviction all the way to the U.S. Supreme Court, which upheld the lower court rulings.

Attempting to profit on market sensitive information can be both a civil and a criminal offense. The SEC Enforcement Division and the relevant U.S. Attorney are prepared to introduce a perpetrator to those consequences.

©2022 Norris McLaughlin P.A., All Rights Reserved

If You Can’t Stand the Heat, Don’t Build the Kitchen: Construction Company Settles Allegations of Small Business Subcontracting Fraud for $2.8 Million

For knowingly hiring a company that was not a service-disabled, veteran-owned small business to fulfill a set aside contract, a construction contractor settled allegations of small business subcontracting fraud for $2.8 million.  A corporate whistleblower, Fox Unlimited Enterprises, brought this misconduct to light.  We previously reported on the record-setting small business fraud settlement with TriMark USA LLC, to which this settlement is related.  For reporting government contracts fraud, the whistleblower will receive $630,925 of the settlement.

According to the allegations, the general contractor and construction company Hensel Phelps was awarded a General Services Administration (GSA) contract to build the Armed Forces Retirement Home’s New Commons/Health Care Building in Washington, D.C.  Part of the contract entailed sharing the work with small businesses, including service-disabled, veteran-owned small businesses (SDVOSB).  The construction contractor negotiated all aspects of the contract with an unidentified subcontractor and then hired an SDVOSB, which, according to the settlement agreement, Hensel Phelps knew was “merely a passthrough” for the larger subcontractor, thus creating the appearance of an SDVOSB performing the work on the contract to meet the set-aside requirements.  The supposedly SDVOSB subcontractor was hired to provide food service equipment for the Armed Forces Retirement Home building.

“Set aside” contracts are government contracts intended to provide opportunities to SDVOSB, women-owned small businesses, and other economically disadvantaged companies to do work they might not otherwise access.  Large businesses performing work on government contracts are often required to subcontract part of their work to these types of small businesses.  “Taking advantage of contracts intended for companies owned and operated by service-disabled veterans demonstrates a shocking disregard for fair competition and integrity in government contracting,” said the United States Attorney for the Eastern District of Washington, as well as a shocking disregard for proper stewardship of taxpayer funds.

Whistleblowers can help fight fraud and protect taxpayers by reporting government contracts fraud.  A whistleblower can report government contracts fraud under the False Claims Act and become a relator in a qui tam lawsuit, from which they may be entitled to a share of the funds the government recovers from fraudsters.

© 2022 by Tycko & Zavareei LLP

Preparing to Testify in Response to an SEC Subpoena

When investigating companies, brokerage firms, investment advisors, and other entities and individuals, the U.S. Securities and Exchange Commission (SEC) relies heavily on its subpoena power. Once the SEC launches a formal investigation, it can issue administrative subpoenas to the company executives, brokers, and others. These subpoenas may be a subpoena duces tecum which compels the person to whom it is addressed to produce documents in his possession or control, or a subpoena ad testificandum which compels the person to whom it is addressed to appear at a specific time and place and testify under oath or affirmation. Crucially, while these subpoenas do not require judicial approval, they are subject to judicial enforcement.

With this in mind, receiving an SEC subpoena is not a matter to be taken lightly. Individuals who have been subpoenaed to testify must thoroughly prepare their testimony, and they need to make sure they know what to expect when the day arrives.

Testifying before the SEC is fraught with potential risks. It is imperative that subpoena recipients devote the necessary time to their preparations, and that they work with their counsel to proactively identify and address all potential areas of concern.

Understanding Why You Have Received an SEC Subpoena

When preparing to testify before the SEC, a key first step is to understand why you have been subpoenaed. Broadly speaking, the SEC focuses its enforcement efforts on two areas: (i) protecting U.S. investors, and (ii) preserving the integrity of U.S. capital markets. As a result, most SEC investigations target allegations of fraud, misrepresentation, conspiracy, and other offenses in one (or both) of these areas.

The SEC’s subpoena should provide at least some insight into the focus and scope of the SEC investigation. However, gathering the information you need to make informed decisions may require examination of other sources as well. For example, it will be helpful if you can identify anyone else who has received a subpoena or Wells Notice related to the investigation, and it may be prudent to conduct an internal compliance audit focused on uncovering any issues that could come to light.

Questions You Should Be Prepared to Answer During Your SEC Testimony

When preparing SEC testimony, it is important to keep in mind that you could easily be fielding questions for six hours or longer. While this can seem overwhelming, SEC subpoena recipients can generally expect to be asked questions in seven main categories. These main categories are:

  • Preliminary Matters
  • Background and Personal Information
  • Your Role Within Your Company or Firm
  • The Scope of Your Duties
  • Investors
  • Due Diligence
  • Clarifying and Closing the Record

1. Questions Regarding Preliminary Matters

SEC subpoena recipients can initially expect a series of questions that are designed to provide the SEC with insight into the steps they took to prepare their testimony. While these questions are largely procedural, some can present traps for the unwary. At the beginning of the session, you should be prepared to succinctly and confidently answer questions such as:

  • Did you get the opportunity to review the Formal Order associated with this matter?
  • Do you have any questions regarding the Formal Order?
  • Did you complete the Background Questionnaire by yourself?
  • Are the contents within the Background Questionnaire truthful and accurate?
  • Is there any information you wish to add to the Background Questionnaire?
  • Do you understand the rules and procedures of the SEC testimony process?
  • Do you have any questions on the rules and procedures of the SEC testimony process?

2. Questions Regarding Background and Personal Information

After dispatching these preliminary matters, the focus will shift to the SEC subpoena recipient’s background and personal information. Keep in mind that the SEC likely has much (if not all) of this information already—so if you omit information or provide misleading answers, this will not go unnoticed. During this phase of your testimony, you can expect to be asked questions such as:

  • What is your educational background?
  • Do you hold any professional or financial licenses?
  • Have you ever worked for a financial firm or investment advisory firm?
  • When did you first meet the other individual(s) involved in this matter?
  • Who introduced you?
  • What was the purpose of your first meeting (e.g., social meeting or business planning)?
  • Do your families know each other?
  • Where are you employed now?

3. Questions Regarding Your Role Within Your Company or Firm

If the SEC is investigating your company or firm (perhaps in addition to investigating you personally), you can expect several questions regarding your role within the organization. Depending on your position, the SEC’s investigators may ask you questions regarding the company or firm itself. Some examples of the questions you should be prepared to answer (as applicable) include:

  • When did you start working at the company?
  • What is your position at the company?
  • Can you describe the company’s corporate structure?
  • What are your title and position at the company?
  • Have your title and position changed over time?
  • What are the duties at the company?
  • Have your duties changed over time?
  • How is the company funded?
  • What is your salary at the company?
  • Who makes the majority of the decisions for the company?
  • Does the company sell securities?
  • Does the company pay dividends?
  • Does the company have voting rights?

4. Questions Regarding the Scope of Your Duties

After gaining an understanding of your role within your company or firm, the questioning will likely shift toward examining the scope of your duties in greater detail. In most cases, this is where the questions asked will begin to focus more on the substance of the SEC’s investigation. During this phase of your testimony, potential questions may include:

  • Can you describe your access to investor funds, financial statements and records, and investor details?
  • Are you aware of or do you have access to the sources of the company´s income?
  • What are the sources of the company´s revenue and projected revenue?
  • Can you describe or do you have access to the sources of the company´s expenses?
  • Who is responsible for preparing the company´s financial statements?
  • Do you have any role in preparing or compiling the company´s financial statements?
  • Who is responsible for preparing the company´s projected financial statements, including projected capital contributions, projected expenses, and projected revenues?
  • Do you have any role in preparing or compiling the company´s projected financial statements?
  • Does the company have its financial statements audited on an annual basis?
  • Did you ever act as a point of contact or intermediary between the company and third parties, such as investors or banks?
  • Do you ever serve as a representative of the company?
  • Are you involved in any of the company’s promotional efforts to the public?
  • Do you know or do you have access to details of the company’s anticipated monetization plans?
  • Are you aware of any complaints against the company?

5. Questions Regarding Investors

Once the scope of your duties has been established, the SEC’s investigators may next focus on your company’s or firm’s communications and relationships with investors. Here too, the investigators’ questions are likely to be tailored to the specific allegations at issue—and you could get yourself into trouble if you aren’t careful. To the extent of your knowledge, you should be prepared to accurately answer questions such as:

  • Does the company have investors?
  • Who are the investors?
  • What types of customers and/or investors do the company target or appeal to?
  • Do you communicate with investors?
  • How did the company attract capital contributions for its formation, project funding, and subsequent business plans?
  • Does the company adopt targeted marketing strategies, or does the company engage in general advertising?
  • What is the average contribution of the company’s investors?
  • Did you create, or do you have access to, a cap table?
  • Did you assist in the preparation of a cap table?
  • Did the company issue stock certificates or provide any other proof of equity ownership to investors?
  • Did the company register any of its investments?
  • Did the company issue a private placement memorandum or file a Form D?
  • Do you know if any investors already knew the company´s directors and officers before investing?
  • Does the company solicit investors or advertise to the general public (e.g., retail investors)?
  • Are you aware of what the company does with investor funds?
  • Can you describe your role in preparing any promotional or marketing materials?
  • Has the company distributed any investor documents or marketing/solicitation materials to the public?
  • Does the company have any plan to show, or did it show, promotional documents to investors?
  • Does the company hold regular investor calls?

6. Questions Regarding Due Diligence

Due diligence is often a key topic of discussion. SEC investigators are well aware that many company executives, brokers, and others are not sufficiently familiar with their companies’ and firms’ due diligence obligations, and charges arising out of due diligence violations are common. With this in mind, you should be prepared to carefully navigate inquiries such as:

  • Does the company have any identity verification procedures in place?
  • What kinds of identity verification procedures does the company use for its investors?
  • Can you describe the company´s know-your-customer (“KYC”) policies?
  • Do you assist with verifying investors or capital contributions?
  • Does the company maintain a compliance program?

7. Questions to Clarify and Close the Record

Finally, at the end of the session, the SEC’s investigators will ask if you want to clarify or supplement any of the answers you have provided. It is important not to let your guard down at this stage. While your testimony is nearly over, you need to remain cognizant of the risk of providing unnecessary information (or omitting information) and exposing yourself to further scrutiny or prosecution. With this in mind, it is best to consult with your counsel before answering questions such as:

  • Is there anything you wish to clarify from today´s testimony?
  • Is there anything you wish to add to your testimony before we close and go off the record?

Practicing your answers to these questions (among others) in a mock interview with your legal counsel or SEC defense attorney will help ensure that you are prepared for the SEC as possible.

Oberheiden P.C. © 2022