Brandon L. Garrett is the L. Neil Williams, Jr. Professor of Law at Duke Law School. This post is based on a recent article, forthcoming in the Minnesota Law Review, by Professor Garrett; John Armour, the Hogan Lovells Professor of Law and Finance at the University of Oxford; Jeffrey N. Gordon, Richard Paul Richman Professor of Law at Columbia Law School; and Geeyoung Min, Assistant Professor at Michigan State University College of Law.
Do corporate boards care about compliance? Surely, they should, because of the potentially catastrophic consequences of ignoring it. Take the example of the recent compliance failures at Wells Fargo, the large bank, which pioneered a strategy of “cross-selling” financial products to its customers. This turned out to be profitable, and the bank sought to maximize its roll-out by setting branch staff powerful financial incentives to maximize sales of financial products to its customers. Unfortunately, these incentives triggered widespread fraud on the part of the bank’s employees, with customers discovering products had been charged to their names without their consent. After the Wells Fargo scandal broke, regulators identified numerous weaknesses in the firm’s compliance programs that had permitted the misconduct to go unchecked. The bank paid about $2 billion in fines and fired over 5,000 employees; the CEO resigned after Congressional hearings. In response, the Board commissioned an outside investigation into how this compliance failure happened on its watch. Yet, federal regulators were deeply unsatisfied with the Board’s response. In early 2018, the Federal Reserve took the unusual step of restricting the growth of the bank as four Board members departed; the Fed also sent a letter to the former lead independent director, describing his “many pervasive and serious compliance and conduct failures.”