The U.S. Supreme Court’s decision to deny the petition for a writ of certiorari in U.S. v DeCoster assures that Responsible Corporate Officer Doctrine (“RCOD”) enforcement exposure will remain a disconcerting compliance risk that boards in several key industries must monitor.
The RCOD is a controversial strict liability theory interpreted by the government as permitting (in certain circumstances) the prosecution of corporate officers and directors for misdemeanor criminal offenses—without the need to establish their intent or personal involvement in wrongful conduct. It is based upon two U.S. Supreme Court decisions, issued thirty-two years apart, with severe fact patterns that disturb the conscience. In each case, the Supreme Court upheld the conviction of corporate officers for public welfare-based crimes without evidence that they participated in or had knowledge of the core criminal activity.
The governance focus on RCOD issues is based upon a combination of concerns: the effectiveness of enterprise risk and corporate compliance programs; the preservation of the corporate reputation; assuring appropriate officer and director liability protections; and the attractiveness of executive compensation, recruitment and retention arrangements. The Supreme Court’s decision removes the hope of any significant near-term clarity on the doctrine’s application, and exacerbates the governance concerns.
RCOD prosecutions have been concentrated in the pharmaceutical and medical device industries, pursuant to the federal Food, Drug and Cosmetic Act (“FDCA”). That statute allows the government to obtain a conviction when three standards are met: (i) that “the prohibited act took place somewhere within the company”; (ii) “the defendant’s position within the company was one that gave him or her responsibility and authority either to prevent the violation or correct it”; and (iii) that he or she did not do so. In other words, strict liability applies based on the fact that the defendant was the responsible corporate officer at the time of the alleged misconduct, not because he or she was involved in or knew about the misconduct.
It should be noted that prosecutors have, with judicial approval, successfully applied RCOD-type theories to several different types of state and federal statutes. These include, but are not limited to, criminal violations of The Sherman Act, the federal securities laws, and state/federal environmental laws. The common thread amongst these prosecutions is that the statute under which the government seeks to impose liability is public welfare-centered.
RCOD enforcement risks should also be viewed in the context of the continued emphasis of the Department of Justice (“DOJ”) on holding individuals accountable for corporate noncompliance in the healthcare fraud enforcement area. Prosecutors believe that attributing responsibility to the highest corporate levels will enhance compliance with federal healthcare laws.
U.S. v. DeCoster
The DeCoster case had widely been considered one of the most consequential RCOD cases in many years. The hope of many observers was that the Supreme Court would use this case to clarify the vagaries of the doctrine, mitigate its most controversial strict liability elements, and provide officers and directors with a greater awareness of potentially problematic conduct.
The writ of certiorari petition to the Supreme Court arose from the July 6, 2016 opinion of a divided Eighth Circuit panel, upholding the three-month prison sentences for two commercial farm executives who pled guilty to misdemeanor violations of the FDCA for introducing into interstate commerce salmonella-tainted eggs. The executives had appealed their sentences, arguing that the RCOD is unconstitutional and that the sentences were unreasonable on procedural and substantive bases.
In its analysis, the court of appeals drew a distinction between RCOD-based penalties and those that arise from vicarious liability crimes. With vicarious liability theories, “a supervisory party is held liable for the actionable conduct of a subordinate … based on the relationship between the two parties.” However, with RCOD violations under the FDCA, “a corporate officer is held accountable not for the acts or omissions of others, but rather for his own failure to prevent or remedy ‘the conditions which gave rise to the charges against him.’”
The crux of the decision was that the defendants did not need to know that their company violated the FDCA in order to be subject to criminal penalties, nor were they required to have actual knowledge of the wrongful conduct. The inference (supported more clearly by the concurring opinion) was that the defendants’ responsibility was grounded in negligence — their failure to exercise sufficient care to prevent the introduction of the spoiled eggs into commerce.
The DeCoster petition for writ of certiorari argued that imprisonment of an “innocent supervisor” for a strict liability offense violates due process. The government’s position was that the sentences were not grounded in vicarious liability but rather were the consequence of the defendants’ own acts and omissions.
The Governance Challenges
The broad-based concern with the Eighth Circuit’s opinion was that it “upped the ante” of RCOD exposure by extending criminal liability to circumstances where the defendants failed to exercise due care (i.e., to mere “unaware corporate executive[s]”).
This is not good news for the boards of pharma, medical devices and other companies subject to FDCA and similar public welfare laws. Neither is it good news for their supervisory and other management level employees, whose anxiety levels may spike when they become aware of the decision and its implications.
The Supreme Court’s unwillingness to address the DeCoster case may force corporate boards to more fully confront the implications of the RCOD–with respect to the board’s compliance oversight duties, its responsibility to preserve the corporate reputation, and to its ability to attract, train and retain competent managers across the organizational chart. Through its supervision of the corporate compliance program and the training, support and compensation incentives of management, boards may more proactively confront the related liability concerns of individual executives.
Enforcement risks and statutory schemes arising from concepts of strict liability do not readily lend themselves to easy compliance program “fixes.” However, the attentive audit and compliance committee may want to consider certain measures intended to be responsive to the risks of RCOD enforcement.
These might include: (i) Expanding the compliance program’s education programming to address applicable RCOD risks; (ii) clarifying leadership’s expectation with respect to diligent execution of supervisory responsibilities; (iii) enhancing the disciplinary penalties available under the compliance program to address violations of program requirements (e.g., stop the misconduct or mitigate its ill effects); and (iv) adjusting the compliance program as may be necessary to reflect the new Department of Justice compliance program evaluation guidelines.
Collectively, these steps would be styled as recommendations from the senior executive leadership team to the board’s audit and compliance committee, in order to emphasize the good faith/“extraordinary care” of corporate officers, other senior executives and management employees. The goal is to help rebut any suggestion that executives were negligent in their supervision of the organization and its commitment to legal and regulatory compliance.
However, there can be no assurance that these, or similar, enhancements or efforts will mitigate the risk of RCOD exposure. Furthermore, a corporation’s decision not to implement such enhancements should not be interpreted as evidence of bad faith (or anything else, for that matter). Nevertheless, the more that corporate officers and managing/supervisory employees are made aware of RCOD risks, the more likely they are to support measures intended to enhance the effectiveness of the compliance plan
Yet, the absence of a “silver bullet”-style defense to RCOD risks may prompt the board to support an enhanced defensive plan for its valued executives. Proactive measures to support executives in the face of unique-to-industry law enforcement pressures are completely consistent with the board’s fiduciary obligations to obtain and retain a qualified and loyal executive leadership team.
These measures might include some combination of (i) reasonable executive access to the board to discuss corporate risk profile and compliance measures; (ii) the availability of the general counsel’s office to discuss with executives their legal compliance and supervisory concerns; (iii) assuring executives expansive insurance/indemnification/advancement coverage as may be commercially available; and (iv) should the circumstances warrant, providing access to outside counsel who would represent individual executives, and not the company.
Checks and Balances?
The good news—if it can be called that—is that both the FDA and the Department of Justice have internal protocols intended to assure careful internal review before pursuing RCOD-related enforcement initiatives. The FDA has Park doctrine guidelines to apply before a referral can be made to the DOJ, and the US Attorney’s offices must consult the Consumer Protection Branch of the DOJ’s Civil Division before initiating an RCOD investigation. But those protocols may prove cold comfort to executives and other managers who perceive themselves to be “on the firing line” of RCOD enforcement.
The Supreme Court’s decision not to take up the DeCoster case assures a continued lack of clarity in the application of the Responsible Corporate Officer Doctrine. This presents unique cultural, compliance and executive retention challenges to the boards of many life sciences and health care companies. These challenges may be met, in part, by enhancing the efforts of senior executives to support compliance measures, and by increasing personal liability protections available to those executives.