Nothing SOx-y About SEC’s JP Morgan “Whale” Settlement

The Wall Street Journal’s Deborah Solomon claims “Sarbanes-Oxley Harpoons The Whale”. Solomon is talking about JP Morgan Chase and the recent settlement between the bank and several regulators, including the SEC, over a 2012 whale of a loss from credit derivatives trades gone very, very sideways.

Solomon repeats the SEC’s claims, outlined in the regulator’s settlement with JP Morgan announced September 19, that senior management didn’t fully inform the JP Morgan audit committee of problems it was finding with the losses on the “Whale” trades. When the JPM audit committee met with some members of bank senior management to discuss “mounting losses” in the Chief Investment Office credit derivatives portfolio, according to Solomon the SEC says:

“Despite the requirement to keep the Audit Committee apprised of the significant control issues that were under review, there was no discussion” of the reviews underway and “no discussion of the fact that an outside law firm had been retained to advise on disclosures to be made in the first quarter Form 10-Q.”

Solomon says that keeping the Audit Committee in the dark “violated the audit committee’s rules, as well as Sarbanes-Oxley, which requires companies to assess their internal controls on a quarterly basis and disclose any concerns about deficiencies or material weaknesses.”

The SEC first leads Solomon to the Sarbanes-Oxley connection in its press release:

According to the SEC’s order instituting a settled administrative proceeding against JPMorgan, the Sarbanes-Oxley Act of 2002 established important requirements for public companies and their management regarding corporate governance and disclosure. Public companies such as JPMorgan are required to create and maintain internal controls that provide investors with reasonable assurances that their financial statements are reliable, and ensure that senior management shares important information with key internal decision makers such as the board of directors. JP Morgan failed to adhere to these requirements, and consequently misstated its financial results in public filings for the first quarter of 2012

Then, in the very first paragraph of the settlement document, the SEC puts the SOx law front and center, citing the Sarbanes-Oxley Act of 2002 twice:

Public companies are responsible for devising and maintaining a system of internal accounting controls sufficient to, among other things, provide reasonable assurances that transactions are recorded as necessary to permit preparation of reliable financial statements. In addition, the Sarbanes-Oxley Act of 2002 (“Sarbanes-Oxley”) established important requirements for public companies and their management with respect to corporate governance and disclosure. For example, public companies are obligated to maintain disclosure controls and procedures that are designed to ensure that important information flows to the appropriate persons so that timely decisions can be made regarding disclosure in public filings. Commission regulations implementing Sarbanes-Oxley therefore require management to evaluate on a quarterly basis the effectiveness of the company’s disclosure controls and procedures and the company to disclose management’s conclusion regarding their effectiveness in its quarterly filings.

Solomon should stop by to talk to her colleague Michael Rapoport once and a while. In July of 2012 Rapoport wrote:

As the Sarbanes-Oxley Act turns 10 years old, the law’s biggest hammer—the threat of jail time for corporate executives who knowingly certify inaccurate financial reports—is going largely unused.

After the financial crisis, the certification rules seemed like a strong weapon against executives suspected of misleading investors. But prosecutors haven’t brought any criminal cases for false certification related to the crisis. Regulators have brought only a handful of crisis-related civil allegations in that area.

That’s still the case. If this is a Sarbanes-Oxley win for the SEC, why didn’t the agency use any of the Sarbanes-Oxley Act sections to force individual civil accountability? Why doesn’t the Department of Justice criminally prosecute under the statute and force jail time?

The SEC says JP Morgan violated the much less sexy Sections 13(a), 13(b)(2)(A), and13(b)(2)(B) of the Exchange Act and Rules13a-11, 13a-13, and 13a-15. Those are “internal controls” and “books and records” rules, not civil or criminal fraud admissions. (The same ones prosecutors use when they civilly prosecute a firm for foreign bribery rather than using the criminal statues available to indict an individual. Wonder if JPM will get this same deal for the China nepotism/corruption allegations?)  Faceless corporate entity JP Morgan and its mostly nameless senior executives do not go to jail. CEO and Chairman Jamie Dimon, former CFO and still employed Doug Braunstein, General Counsel Stephen Cutler, the Chief Audit Executive and the Chief Risk Executive pass “go”, pay $200 million to the SEC, and promise to try to “cease and desist from committing or causing any violations and any future violations”.

I think it’s already too late for that.

Attorneys David Smyth and Christopher Poe, writing on the blog “Cady Bar The Door”, agree that, maybe, the SEC’s bark is much bigger than its bite:

…despite the conspicuous nature of the announcement, JPMorgan is still admitting only to non-scienter-based charges under Sections 13(a) and 13(b)(2) of the Exchange Act.  Basically, the bank should have made more accurate public filings and had better internal controls.  Serious issues, for sure, but a long way from fraud-based charges.  It’s the latter that could open up the bank to private liability that is hard to quantify.

Alison Frankel, of Thomson Reuters’ “On The Case” blog, agrees:

JPMorgan is in the midst of fierce litigation with its shareholders, who claim the bank lied about its Chief Investment Office in public filings dating back to 2010…In the class action, which launched in June 2012, JPMorgan has all but conceded that CEO Jamie Dimon and CFO Douglas Braunstein misspoke when they brushed aside questions about London Whale Bruno Iksil’s losses in the CIO portfolio during an April 13, 2012, call with analysts. Dimon himself has since admitted that he was wrong to characterize the losses as “a tempest in a teapot.” JPMorgan has also already said in corrective filings with the SEC that its internal controls over the CIO’s financial reporting were inadequate.

Shareholder lawyers from Bernstein Litowitz Berger & Grossmann, Grant & Eisenhofer, and Kessler Topaz Meltzer & Check contend that the bank began deceiving shareholders about under-supervised, high-risk proprietary trading by CIO officials as long ago as February 2010, in its public account of the purpose and activities of the office. According to shareholders, every filing thereafter that described the CIO’s careful hedging trades and JPMorgan’s exemplary internal controls was a lie…JPMorgan’s lawyers at Sullivan & Cromwell, meanwhile, are trying to limit the class period to a mere month in 2012, from the April 13 teleconference with analysts to the bank’s corrective disclosure to the SEC on May 10.

If the SEC had extracted admissions that JPMorgan officials knowingly promulgated false statements or even that JPMorgan committed disclosure violations in SEC filings in 2010 or 2011, shareholder lawyers would be in a distinctly better position.

Why are so few financial fraud cases brought, especially against individuals? George Packer interviewed the US Attorney for the Southern District of New York, Preet Bharara, in a New Yorker profile in June of 2011 and they discussed the obstacles to civil and criminal enforcement of fraud and securities laws since the 2008 financial crisis. Instead of Bharara using clear evidence of the short staffing and even shorter funds that have plagued the Justice Department since before the financial crisis, Bharara repeats the “it’s really hard” excuse.

That excuse has been used by others since, such as former SEC Director of Enforcement Robert Khuzami and  Bharara’s boss, Attorney General Eric Holder. Bharara, Khuzami and Holder tell us over and over again that fraud cases, in particular against individuals, are complicated by the “blame game”—that is, when executives and their attorneys, bankers, and auditors point fingers at each other to excuse material misstatements and inadequate disclosures.

The Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) became law on July 21, 2010, two years after the failure of Lehman Brothers. More than five years after Lehman’s failure, and three years after Dodd-Frank was passed, only 40.2% of the 398 total required rulemakings have been finalized, while 31.7% rulemaking requirements have not yet been proposed.

Dodd-Frank rulemaking has been hampered by vocal critics who question the need for further regulations. Thank goodness, then, we still have Sarbanes-Oxley to make sure corporate executives, and their auditors, tow the line on corporate disclosure. There are civil and criminal penalties in SOx for corporate fraud for the institution and individuals.  Sarbanes-Oxley provides several ways to prosecute executives, board members, and their lawyers, auditors, and bankers on a civil and criminal basis in the event of fraud, material misstatement, or inadequate disclosure that harms investors. But the U.S  Justice department, particularly Bharara, and the SEC under Khuzami and now Canellos have intentionally chosen not to take advantage of them.

There are at least five different sections of the Sarbanes-Oxley law that could be used to punish JPM individuals, if the Department of Justice and SEC have the will. There’s enough information to make a rational case for each based on what we know from all of the regulatory sanctions, private lawsuits, Senate hearings and the bank’s own investigation. (If we find out that executives shredded documents, changed numbers themselves, or lied to regulators, there’s even more.)

Sarbanes-Oxley Section 302 requires the CEO and CFO to certify in each annual or quarterly report that based on the officer’s knowledge, “the report does not contain any untrue statement of a material fact or omit to state a material fact necessary in order to make the statements made, in light of the circumstances under which such statements were made, not misleading and that the financial statements, and other financial information included in the report, fairly present in all material respects the financial condition and results of operations of the issuer as of, and for, the periods presented in the report.

The CEO and CFO swear they are responsible for establishing and maintaining internal controls;
 have designed such internal controls to ensure that material information relating to the issuer and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared; have evaluated the effectiveness of the issuer’s internal controls as of a date within 90 days prior to the report; and have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date;
 have disclosed to the issuer’s auditors and the audit committee of the board of directors all significant deficiencies in the design or operation of internal controls which could adversely affect the issuer’s ability to record, process, summarize, and report financial data and have identified for the issuer’s auditors any material weaknesses in internal controls; and any fraud, whether or not material, that involves management or other employees who have a significant role in the issuer’s internal controls.

The SEC did not cite the actual Section 302 CEO/CFO certification requirement which is Rule 13a-14.
The companion CEO/CFO signatures under Sarbanes-Oxley Section 906 underline certifications by both executives that “the periodic report containing the financial statements fully complies with the requirements of section 13(a) or 15(d) of the Securities Exchange Act of 1934 and that information contained in the periodic report fairly presents, in all material respects, the financial condition and results of operations of the issuer.”

The penalties for violation of Section 906 are criminal. The criminal penalty is not more than $5,000,000, or imprisoned not more than 20 years if the executives “willfully” violate the law. But even unintentional violations have the serious penalty of not more than $1,000,000 or imprisonment of not more than 10 years.

The SEC said that JPMorgan has admitted when settling with the SEC that:

By late April 2012, JPMorgan senior management knew that the firm’s Investment Banking unit used far more conservative prices when valuing the same kind of derivatives held in the CIO portfolio, and that applying the Investment Bank valuations would have led to approximately $750 million in additional losses for the CIO in the first quarter of 2012.

External counterparties who traded with CIO had valued certain positions in the CIO book at $500 million less than the CIO traders did, precipitating large collateral calls against JPMorgan.

As a result of the findings of certain internal reviews of the CIO, some executives expressed reservations about signing sub-certifications supporting the CEO and CFO certifications required under the Sarbanes-Oxley Act.

So, knowing all this, why did Jamie Dimon and CFO Doug Braunstein sign the Section 302 and Section 906 certifications on May 10, 2012 for the first quarter of 2012? Intentional or unintentional, signing false certifications is punishable under Sarbanes-Oxley.

Sarbanes-Oxley Section 303 provides for civil penalties for corporate executives that exert improper influence on the conduct of audits. No officer or director of an issuer, or any other person acting under the direction thereof, can take any action to fraudulently influence, coerce, manipulate, or mislead any independent public or certified accountant engaged in the performance of an audit of the financial statements with the intention of rendering such financial statements materially misleading.

JPM’s auditor PwC has not been sued or accused of anything even though the firm missed a “whale” of a list of serious corporate governance weaknesses, material internal control weaknesses including in internal audit and in “tone at the top” the management hierarchy, valuation miscalculations and manipulations, and  accounting/disclosure manipulation that resulted in the indictments of two former traders, the resignations of traders and Ina Drew who led the Chief Investment office, more than $6 million in losses, a financial statement restatement, private litigation, numerous regulatory investigations in the US and UK and consequent fines and penalties and an investigation by the US Senate Permanent Subcommittee on Investigations into the matter.

I wrote in Forbes in March of 2013:

PricewaterhouseCoopers LLP, JPMorgan Chase’s external auditor since 1965, is referred to only once in the US Senate Permanent Subcommittee on Investigations mammoth report, “JPMorgan Chase Whale Trades: A Case History of Derivative Risk and Abuses”. The JPMorgan auditor came up only a few times at the Committee’s hearing last Friday led by Sen. Carl Levin (D-Mich.).

The Senate Subcommittee did not interview auditor PwC while preparing its report, according to a Subcommittee spokeswoman I questioned during a press briefing on Thursday. When I asked why, the question was brushed off. It wasn’t a priority, apparently.

If we believe that PwC’s 2011 fee of $105.5 million for audit and audit-related activities was not enough incentive to guarantee its complicity in a coverup, then PwC and its professionals were “duped” — lied to or kept from information that was needed to perform the audit by JPM executives. That seems worthy of penalizing a JPM executive or two.

Sarbanes-Oxley Section 304, forfeiture of certain bonuses and profits, is the clawback rule. Sarbanes-Oxley clawbacks must be preceded by a restatement and only impose clawbacks on the CEO and CFO. (Dodd-Frank clawback rules also require a restatement as a trigger, expand on Sarbaes-Oxley 304 by require companies to implement clawback policies, and allow for incentive compensation to be confiscated from a wider group of executives.)

The Wall Street Journal reported that Achilles Macris, Javier Martin-Artajo and Bruno Iksil were terminated with no severance pay. Martin-Artajo  and another trader, Julien Grout, have now been indicted for the mismarking of the trades that led to JPM’s  restatement of its 1Q 2012 results. JPM said the amount clawed back, under bank policies, from each person represents about two years of total annual compensation. The recovered sums include restricted stock and canceled stock options grants.

Ina Drew “offered” to give up “a significant amount of past compensation”, according to the WSJ who quoted Jamie Dimon at the time. Dimon said it is equivalent to the maximum clawback allowable under the bank’s policies.

Dimon and Braunstein, however, have not given back any 2012, 2011 or 2010 incentive compensation and the SEC hasn’t yet forced them to do so. A recent indictment of two of the two traders implies there was misconduct.

At a minimum, under Sarbanes-Oxley Section 304, the CEO and CFO, whether “blameless” or not, must reimburse the company for any bonus or other incentive-based or equity-based compensation received during the 12-month period following the first public issuance or filing and any profits realized from the sale of securities of the issuer during that 12-month period if the company is required to prepare an accounting restatement, due to material noncompliance as a result of misconduct.

Sarbanes-Oxley Section 1101, the ‘‘Corporate Fraud Accountability Act of 2002’’ under Sarbanes-Oxley, prohibits tampering with a record or otherwise impeding an official proceeding.

Whoever corruptly alters, destroys, mutilates, or conceals a record, document, or other object, or attempts to do so, with the intent to impair the object’s integrity or availability for use in an official proceeding; or otherwise obstructs, influences, or impedes any official proceeding, or attempts to do so, shall be fined under this title or imprisoned not more than 20 years, or both.

The OCC’s consent order said that JPM’s credit derivatives trading “constituted recklessly unsafe and unsound practices, was part of a pattern of misconduct,” There was evidence in the US Senate Permanent Subcommittee on Investigations mammoth report, “JPMorgan Chase Whale Trades: A Case History of Derivative Risk and Abuses”, and at the hearing led by Senator Carl Levin, that JPM blocked OCC examiners from receiving important information about the trading strategy and problems in internal controls.

Mother Jones magazine reported on the hearing:

JPMorgan Chase didn’t just ignore its own rules—it ignored the government’s rules, too. For several weeks last year, the bank simply stopped giving profit and loss reports to the OCC because Dimon said “it was too much information to provide.” Dimon, who is accused of withholding information about the daily losses, allegedly raised “his voice in anger” at a deputy who later turned over the info, the report says.

“This is something we should have been all over from Day One.”

The bank “failed to send regular reports in…the same months [the trade] tripled size,” Levin said. “Why…did OCC examiners that oversaw [the London office] not ask the bank for the missing reports until mid-April after the media storm?”

“This is something we should have been all over from Day One,” admitted Scott Waterhouse, the main OCC official in charge of overseeing JPMorgan Chase.

That sounds a lot like “ tampering and impeding” to me. The SEC’s co-chief of Enforcement George Canellos said the SEC’s probe “is continuing as to individuals.”

I certainly hope Canellos will try a little harder to really use Sarbanes-Oxley this time.

Probably should have posted the other Rod Stewart video but I like Maggie May better.