Wednesday, June 30, 2010

USC, Institutional Control, and Analogizing the NCAA and the Securities and Exchange Commission

Lewis & Clark law professor Tung Yin has a thoughtful post on his blog, The Yin Blog, that looks into the NCAA's sanctioning of the University of Southern California and draws parallels to SEC investigations. Here's an excerpt:
As virtually all college football fans must be aware, the NCAA has dropped a 2000 lb JDAM on USC for its failure of institutional control over its sports programs. If USC does not succeed in its appeal, it is facing a 2 year ban on postseason play, the vacating of 14 victories in late 2004 and all of 2005, which includes a victory in the BCS championship game over Oklahoma, the loss of 30 scholarships over 3 years, and 4 years of probation.

The NCAA faulted USC for violations in its football, men's basketball, and women's tennis teams. Football star Reggie Bush, who won the Heisman trophy in 2004, was found to have been essentially paid -- and hence ineligible for collegiate play. Basketball player O.J. Mayo was similarly paid by outsiders. (The tennis violations had to do with impermissible long-distance calls, seemingly of much smaller scope than the Bush and Mayo violations.)

What's of interest to me is the seventh infraction in the report: "Lack of Institutional Control" . . . The crux of USC's defense is that it did know of the Bush and Mayo violations and there was no reason it should have known of them; and that the NCAA should not have relied on statements by persons of questionable credibility.

"Lack of institutional control" sounds something like "failure to supervise" in the context of SEC investigations, which is something I dealt with a bit when I was in private practice. Whether one should be required to have compliance controls in place is debatable, I suppose, but that fight has been lost, before both the NCAA and the SEC.

"Failure to supervise" typically arises when you have a rogue employee who does something bad, such as engage in violations of the securities laws. Because corporations are liable for the acts of employees within the scope of employment with (at least partial) intent to benefit the corporation, the company may find itself responsible even though it did not condone the employee's actions and in fact may have been victimized in reality. (The intent to benefit prong is interpreted pretty broadly.) The SEC might slap the corporation for inadequate supervision of the rogue employee.

The important point here is that "we didn't know the employee was doing bad stuff" is not a defense to such a charge. If anything, it aggravates the charge. About the only way you can try to defend yourself against this kind of charge is to show that you had adequate compliance controls in place, which the rogue employee somehow ingeniously circumvented.
To read the rest, click here.