In today’s environment of Flash Boys and its adrenaline-pumped tales of high-frequency trading, success is measured in nanoseconds. It is easy to forget that trading systems not too long ago had to be created on keypunch cards fed by hand into main-frame computers. As recently as the early 1990s, says Andrew “Buddy” Donohue ’75, deputy general counsel of Goldman Sachs Asset Management, compliance officers could look only at records after trades were completed, effectively making compliance aback-end function. With the advent of computerized trading, however, compliance has moved to the fore as a key consultation before trading systems are developed. That movement has coincided with a dramatic growth in activity as federal government and regulatory bodies issue reams of new regulations. The result is a surge of compliance demand not only in finance but also in information security, environmental standards, and equal employment, among many other regulated functions of American and global business. “There has been a tsunami of regulatory activity,” says Randal Milch ’85, executive vice president of public policy and general counsel for Verizon. “Hiring lots of people is the only logical reaction.”
Long before the boom of new regulation began, NYU Law assembled a uniquely deep bench of scholars and practitioners of compliance and enforcement who are unleashing new work of their own that will influence the next generation of lawyers: new courses, new publications, new scholarly forums, and new research opportunities. First and foremost, they are preparing students for careers in an area that is both booming in terms of jobs and coming into its own as a distinct and rigorous legal specialty. “Over the last 10 years, compliance has become a profession within the legal profession,” says Bruce Yannett ’85, a white-collar litigator at Debevoise & Plimpton. “It is now a career path.”
A LOGICAL REACTION
Several laws enacted or significantly amended in the wake of the big corporate scandals of the early 2000s (Enron, Tyco, etc.) and the credit market collapse of 2008 have put corporate conduct squarely on the radar of federal prosecutors. A possible violation of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 or the Foreign Corrupt Practices Act of 1977 (FCPA)—to name two—can mean an expensive investigation followed by litigation, big settlements, and fines, or even jail time for managers. It used to be that most corporate criminal actions involved small, privately held companies and produced average fines of around $50,000.
Now, however, US attorneys are making headline-grabbing cases against large public companies. The amounts involved can be enormous.
Since 2011, Wal-Mart, for instance, has been under investigation by the Department of Justice and the Securities and Exchange Commission for possible violations of the FCPA. The company says it has been cooperating with both US and Mexican investigators looking into allegations that it paid off officials south of the border. Earlier this year, Wal-Mart announced that it was anticipating spending up to $240 million in its fiscal year 2015 on the investigations. Similarly, cosmetics retailer Avon has spent more than $300 million since 2008 on investigations by US authorities into charges that it bribed Chinese officials.
Meanwhile, recent settlements in corporate criminal and civil enforcement actions have been even greater. Last November, pharmaceutical giant Johnson & Johnson paid $2.2 billion to resolve criminal and civil liability actions by the US government for marketing several prescription drugs for uses not approved by the FDA. And in August, news outlets reported that Bank of America agreed to the largest-ever civil settlement between a corporation and the US government: more than $16 billion to resolve allegations that the bank’s Countrywide Financial and Merrill Lynch units knowingly sold faulty mortgage-backed securities.
Corporate enforcement matters like these involve not only big money but also a high degree of complexity. Typically, multiple state, federal, and private parties are involved, and dealing with all of them can require large legal teams well versed in different varieties of criminal and regulatory law. The trend toward ever larger and more complex cases shows no sign of abating. That means more work—and more jobs—for lawyers.
[SIDEBAR: The New Legal Trinity] 
CORPORATE LAW IN THE PUBLIC INTEREST
NYU Law is a particularly intense center of activity for compliance law and enforcement and related areas. At the heart of this activity are Jennifer Arlen ’86, Norma Z. Paige Professor of Law, and Geoffrey Miller, Stuyvesant P. Comfort Professor of Law. The two have joined forces before. Several years ago, with scholars from the Cornell and University of Texas law schools, they founded the Society for Empirical Legal Studies, which aimed to give legal theory a more scientific basis through data and analysis. Now they have teamed up as faculty codirectors of the Program on Corporate Compliance and Enforcement , launched in spring 2014.
The program has a few purposes. The first is to provide intensive training to students who are planning to make careers in compliance or enforcement. The second is to promote research and policy reform. In April, for instance, the program co-sponsored with the American Law Institute an invitation-only conference called “Deterring Corporate Crime: Effective Principles for Corporate Enforcement.” It attracted star enforcement officials, defense lawyers, and academics, such as Preet Bharara, US attorney for the Southern District of New York, and Benjamin Lawsky, New York State’s superintendent of financial services, who both gave keynote speeches; former SEC director of enforcement Robert Khuzami; and white-collar investigator Jules Kroll.
Arlen, who is frequently quoted by the press on corporate crime, has published extensively on the subject. A particular focus of her work is the question of how criminal responsibility should be allocated between the corporation and the individuals who committed the crime. Arlen argues that corporate officers who break the law do so ultimately for their own benefit, not the corporation’s. She teaches a four-credit Business Crime course and a seminar entitled Corporate Crime and Financial Misdealing.
Her intense intellectual passion for corporate criminal enforcement policy comes from a belief that compliance is the place where the sometimes conflicting demands of business and the public meet head-on and where the law attempts to reconcile them. “This is corporate law in the public interest, and that’s what I love about it,” she says. “It can have social utility whether you are prosecuting crimes or defending a corporation.” She is also happy to point out that “none of my students are having trouble finding jobs.”
Miller looks at compliance from a slightly different perspective: the management of corporate risk. Miller teaches Compliance and Risk Management for Attorneys and another course called Professional Responsibility and the Regulation of Lawyers. He is also the author of the casebook The Law of Governance, Risk Management, and Compliance (2014), the first explicitly linking the three subjects.
Miller says corporate compliance officers used to be kept far away from important decision-making. Now most report to corporate boards and are charged with making sure corporations are aware of and in compliance with a huge body of changing laws—laws that now have real teeth.
He sees compliance as an important risk-management function that should figure into almost any significant corporate decision. Would, for example, the benefits of a merger outweigh the costs of absorbing the target company’s potential compliance problems? Key information for making that call has to come from a senior compliance officer who has the respect of other top executives. Says Miller: “You need to be able to sit at the table and have your voice heard.”
The Law School faculty members with expertise in compliance and corporate enforcement range from Beller Family Professor of Business Law Kevin Davis, who teaches a course on the FCPA and money laundering, to Segal Family Professor of Regulatory Law and Policy Rachel Barkow, who joined the US Sentencing Commission last summer and is faculty director of the Center on the Administration of Criminal Law. In 2011, NYU Press published the center’s Prosecutors in the Boardroom: Using Criminal Law to Regulate Corporate Conduct, a collection of papers by scholars who attended the center’s first major annual conference, “Regulation by Prosecutors.”
Harry First, Charles L. Denison Professor of Law and a former chief of the New York State attorney general’s Antitrust Bureau, wrote one of the first business crime casebooks, Business Crime: Cases and Materials, originally published in 1990. Marcel Kahan, George T. Lowy Professor of Law, and Stephen Choi, Murray and Kathleen Bring Professor of Law as well as director of the Pollack Center for Law and Business, are among the most prominent scholars in corporate law and, especially, securities fraud. Indeed, they are the two most recognized scholars in the 20-year history of the annual Corporate Practice Commentator list of the Top 10 Corporate and Securities Articles. William Allen, Nusbaum Professor of Law and Business, joined the faculty in 1997 from the Delaware Court of Chancery, where he had been judge or chief judge for a dozen years. That court has primary jurisdiction for matters of corporate law and governance for the many large US companies incorporated in Delaware. In 1996, Allen wrote a decision (In re Caremark International Inc. Derivative Litigation) that virtually created the modern compliance industry, holding that boards of directors could be found liable for the misdeeds of employees if the corporation did not have in place a “reasonable system” for monitoring compliance.
Terms like “reasonable” are open to interpretation, of course. And training lawyers to make those calls is a particular goal of Helen Scott, professor of law and co-director of NYU Law’s Mitchell Jacobson Leadership Program in Law and Business, and Karen Brenner, executive director of law and business initiatives at NYU and an affiliated professor of law. They teach Law and Business of Corporate Governance to mixed classrooms of NYU Law and Stern students who learn together how to navigate both the legal and business sides of corporate governance. “What we’re really trying to do is have students cultivate judgment,” says Brenner. “It’s about their ability to make judgments where the law doesn’t prescribe a simple answer, or a simple answer is not sufficient to do what we perhaps think is right or best in the circumstance.”
NOT JUST ANOTHER LEGAL JOB
NYU Law grads in senior compliance jobs emphasize how much more the chief compliance officer is involved now in running the business day to day than in past decades. “This kind of job is attractive for people who want a blend of legal and operational,” says Lauren Steinfeld ’92, senior adviser for privacy and compliance at the University of Pennsylvania.
Tim Lindon ’80, for instance, is chief compliance officer and vice president for brand integrity at tobacco maker Philip Morris International (PMI). Based in Geneva, he manages a staff of 40 and reports to the audit committee of the company’s board.
Lindon says his job requires him to be a combination of legal counselor, risk manager, and organizational psychologist. The latter part, he says, comes from working constantly to stay on top of every aspect of his company’s business and to find what he calls its “stress points”—areas or situations in which individuals are most likely to succumb to temptation or poor judgment. (In general, he says, those tend to be jobs far away from corporate headquarters or those that have been occupied by one person for a long time.)
One recent responsibility was vetting companies PMI had targeted for acquisition in Indonesia and the Philippines. Business practices, laws, and customs are much different in those countries than in the United States. Lindon had to make sure that nothing the target companies had done in their previous usual course of business could turn out to be a violation of, for instance, the FCPA. That meant learning the target companies from the ground up—not only their operations but also their history and culture, which was not entirely what he had expected when moving from PMI’s general counsel office to being its chief compliance officer. “I thought this was another legal job, and that’s what surprised me,” he says.
At a January Milbank Tweed forum on compliance, “Suddenly Sexy: How Compliance Went from Ho-Hum to Hot,” panelists such as Goldman Sachs’s Buddy Donohue and Pamela Root ’80, managing director of Citigroup Global Markets, echoed that sentiment, emphasizing that compliance practitioners need to know not only the law but also the day-to-day operations of their business. The role is more hands-on than that of the traditional general counsel, stressed Root. Effective compliance officers need to know what employees are doing before it becomes a regulatory problem and to help them get back in line as necessary. That means a lot of face time with and understanding of a business’s people, not just its org chart.
Above all, the compliance officers seemed to say, this requires not just a different kind of practical training, but a difference in attitude as well. “Don’t go into compliance if you don’t want to get your hands dirty,” said Root. “You’ve got to be in the trenches.”
—Peter Carbonara is a NYC-area freelance writer whose work has appeared in Fortune, Businessweek, and The American Lawyer.
2014 Home