Category: Records Management

Off-Channel Communications Enforcement Comes to Private Funds

Over the past 2.5 years the Securities and Exchange Commission has charged 60 investment advisory firms and broker-dealers with violations of the record-keeping requirements and collected penalties approaching $2 billion. Those were all broker-dealers, dual-registered investment advisers, or affiliated investment advisers. Broker-dealers have strict communications retention mandates. Investment adviser requirements are not as strict. Private fund managers are thought to be a bit more uncertain. Everyone agrees that substantive business communications need to be captured and retained.

The first fund manager to fall into the Off-Channel Communications net is Senvest Management in New York. The firm had to pay a $6.5 million fine because employees were texting business-related messages.

Senvest has policies and procedures that required business communication to be retained, has the platforms to do so, and prohibits off-channel business communication. Senvest employees did not comply with the policies and sent thousands of business-related messages through non-firm systems. Even worse, some of these off-channel communications were on platforms that automatically deleted messages after a few months.

The take away is that private funds need to step up the monitoring of Off-Channel Communications. Senvest employees sent and received “thousands of business-related messages” using off-channel communications. Some of those included “communications concerning recommendations made or proposed to be made and advice given or proposed to be given about securities.” Those seem to be core records to be retained.

The other problem is that Senvest’s compliance manual said that the firm would “retain all electronic communications that it sends and receives.” The compliance manual also provided that employees were “strictly prohibited from using non-Senvest electronic communication services for any business purpose.”

Those compliance manual provisions might be more strict than required by the Investment Advisers Act.

Senvest was also penalized because it did not check employee devices to determine if they were complying with the firm’s policies and procedures. I think we need to take that message. Sounds to me that the SEC is laying down a requirement that compliance needs to run periodic checks of personal devices.

More Reading:

Email Smoking Guns

Martin Lomasney created a famous saying on the importance of discretion:

“Never write if you can speak; never speak if you can nod; never nod if you can wink.”

At the time of Lomasney, it was not email or Twitter, but telegrams that were the principal method of electronic communication.

In the case of President Trump and his son, it’s email and Twitter that are causing them problems. Donald Trump Jr. gave us all an unexpected lesson on the subject by releasing what appear to be incriminating emails on Twitter. Those emails are about his meeting with a Russian operative who was offering him dirt on Hillary Clinton.

The Trump campaign has been denying collusion with Russia during the campaign. These emails clearly show that the campaign was at least tried to collude with Russia.

 “if it’s what you say I love it”

According to Junior, there was no substance to the meeting and no actual collusion. But now the burden is back on the Trump campaign to show that there was no substance, after this documented willingness to do so. Junior’s emails are the first concrete evidence that the Trump campaign was aware of Russian government effort to help elect Donald Trump. On July 24, Junior  appeared on CNN to decry the Clinton campaign’s claims that the Russians were helping Trump as “disgusting” and “phony.”

I’m not saying there was or was not a crime.

There clearly was a lack of discretion and a failure to follow Mr. Lomasney’s sage advice.

The proper response should have been “Let me check with the legal team and I’ll call you back.”

Sources:

The Obnoxious LIBOR Emails

compliance and email

It seems clear that the LIBOR figures were subject to manipulation. Many banks are under investigation. The Royal Bank of Scotland agreed to pay $610 million in fines to UK and U.S. regulators for its role in the Libor rate-rigging scandal. As part of that settlement, the U.K.’s Financial Services Authority released emails and other communications between traders, employees who submitted Libor rate information, and in some cases, traders and other employees outside the three banks. They tell a sad tale of manipulation and fraud.

Trader C: “The big day [has] arrived… My NYK are screaming at me about an unchanged 3m libor. As always, any help wd be greatly appreciated. What do you think you’ll go for 3m?”
Barclays Submitter: “I am going 90 altho 91 is what I should be posting”.
Trader C: “[…] when I retire and write a book about this business your name will be written in golden letters […]”.
Submitter: “I would prefer this [to] not be in any book!”

Rarely do you find the email that exonerates you. It’s always the email with something stupid that makes you and your company look bad. Sometimes, the communication is out of context. Sometimes, it’s just the stupidity of the sender who thinks the message is as ephemeral as a nod in the hallway.

Martin Lomasney created a famous saying on the importance of discretion: “Never write if you can speak; never speak if you can nod; never nod if you can wink.”

From one trader to another broker:

“if you keep 6s [i.e. the six-month Japanese Libor rate] unchanged today… I will f***ing do one humongous deal with you … Like a 50, 000 buck deal, whatever. I need you to keep it as low as possible … if you do that … I’ll pay you, you know, 50,000 dollars, 100,000 dollars … whatever you want … I’m a man of my word.”

He may have been a man of his word. But he was not a man of honor or ethics. He sought blatant market manipulation for his own gain. Foolishly, we wrote it down, leaving his mark of dishonor for all to see.

Sources:

Revisiting the Fabulous Fab

Last summer, Fabrice Tourre didn’t turn around fast enough to see the bus coming at him. Goldman Sachs had given him a big push and put him in the front and center of their big bet on a crash in the residential mortgage securities market.

Tourre ended up as the Fabulous Fab after giving himself that nickname in a series of colorful emails. In one he wrote, “The whole building is about to collapse anytime now,” according to the complaint. “Only potential survivor, the fabulous Fab.”

I still use Tourre as part of my records management policy and education.

The Fabulous Fab Rule: Don’t write emails so provocative that they wind up reproduced on the front page of the Wall Street Journal.

What has happened to Tourre and his colleagues at Goldman Sachs?

Goldman settled the matter for $550 million, with $250 million going to investors and $300 million going to the SEC.

Louise Story and Gretchen Morgenson of the New York Times took another look at the Goldman mortgage desk and the prosecutions against it: S.E.C. Case Stands Out Because It Stands Alone.

According to the article, the SEC looked at Jonathan M. Egol who worked closely with the Fabulous Fab. “But Mr. Egol, now a managing director at the bank, was not named in the case, in part because he was more discreet in his e-mails than Mr. Tourre was, so there was less evidence against him, according to a person with knowledge of the S.E.C.’s case.” That just seems to reinforce the Fabulous Fab Rule.

Also, the story points out that Torre’s trading desk was using a shared email account or listserv to share the messages with the larger group.

The story about the Fabulous Fab Rule gets worse. The New York Times obtained additional information from a lost laptop.

[The information was] provided to The New York Times by Nancy Cohen, an artist and filmmaker in New York also known as Nancy Koan, who says she found the materials in a laptop she had been given by a friend in 2006.  The friend told her he had happened upon the laptop discarded in a garbage area in a downtown apartment building. E-mail messages for Mr. Tourre continued streaming into the device, but Ms. Cohen said she had ignored them until she heard Mr. Tourre’s name in news reports about the S.E.C. case.  She then provided the material to The Times.

That just makes the nightmare worse. An employee is sending out provocative emails, they are going to mass distribution list, and an unsecured laptop is getting the messages.

Sources:

The Fabulous Fab Rule

Don’t write emails so provocative that they wind up reproduced on the front page of the Wall Street Journal.

With many fund managers having to register under the Investment Advisers Act, they will now be subject to more extensive record-keeping requirements. That means more emails will be saved for a longer period of time.

Those questionable emails will preserved for litigants and federal regulators to see, long after you hit the delete button in Outlook.

E-mails from Goldman Sachs Group Inc. director Fabrice Tourre are the center of the case saying Goldman misled investors. In one he wrote, “The whole building is about to collapse anytime now,” according to the complaint. “Only potential survivor, the fabulous Fab.”

(I need to give credit to Kevin LaCroix of The D&O Diary for the new name for this rule: The Essential Lessons of the “Faithless Servant”.)

Here is another great email quote from the Fabulous Fab:

“When I think that I had some input into the creation of this product (which by the way is a product ofpure intellectual masturbation, the type of thing which you invent telling yourself: “Well, what if we created a “thing”, which has no purpose, which is absolutely conceptual and highly theoretical and which nobody knows how to price ?”) it sickens the heart to see it shot down in mid-flight. .. It’s a little like Frankenstein turning against his own inventor;)”

The other detrius that ended up in front of the Senate Subcommittee on Investigations were the email love letters from Fab to his girlfriend. Another reminder to keep personal email off the company’s network and company time.

Sources:

Are Facebook and MySpace Messages Subject to Discovery?

In the recent case of Crispin v. Audigier, a California judge ruled that Facebook and MySpace messages that aren’t publicly available are protected information under the Stored Communications Act, and therefore can’t be subpoenaed for use in civil litigation.

Buckley Crispin sued clothing maker Christian Audigier for copyright infringement, alleging that Audigier used his artistic material outside the scope of a license agreement. Audigier issued a subpoena to Facebook, MySpace, and two other third parties seeking communications by Crispin about Audigier.

Crispin’s lawyers argued that such communications fell under the Stored Communications Act, which prevents providers of communication services from divulging private communications to certain entities and individuals. A magistrate judge rejected the argument and found that Facebook and MySpace were not Electronic Communications Services and therefore not subject to the protections of the Stored Communications Act. Because the magistrate judge thought the websites’ messaging services are used solely for public display, he found that they did not meet this definition.

Judge Morrow of the US District Court for the Central District of California disagreed and laid out some thoughts about the use of the sites and how they relate to civil litigation. (Law enforcement can always use a warrant to get the information, assuming it is related to a crime.)

The Judge noted that the Stored Communications Act distinguishes between a remote computing service and an electronic communications service.

“electronic communication service” means any service which provides to users thereof the ability to send or receive wire or electronic communications (18 U.S.C. § 2510(15)) With certain enumerated exceptions, the Stored Communications Act prohibits an electronic communication service provider from “knowingly divulg[ing] to any person or entity the contents of a communication while in electronic storage by that service.” (18 U.S.C. §§ 2702(a)(1), (b))

“remote computing service” means the provision to the public of computer storage or processing services by means of an electronic communications system (18 U.S.C. § 2711(2)) The Stored Communications Act prohibits an remote computing service provider from “knowingly divulg[ing] to any person or entity the contents of any communication which is carried or maintained on that service.” (18 U.S.C. §§ 2702(a)(2)).

In the end, the decision about whether a particular message is subject to disclosure is dependent on security settings. Different messages in Facebook and MySpace (and other web 2.0 sites) will be subject to different standards.

The judge found that webmail and private messages are inherently private and quashed the subpoena for those messages. With respect to the subpoenas seeking Facebook wall postings and MySpace comments, the decision will be dependent on the person’s privacy settings and the extent of access allowed. If the general public had access to plaintiff’s Facebook wall and MySpace comments then presumably they are subject to discovery in civil litigation.

The Stored Communications Act was passed as part of the Electronic Communications Privacy Act in 1986. This was obviously well before the development of the current internet applications and technology. Courts, including the one in this Crispin case, have found that the application of this nearly 25-year-old statute presents challenges in application to the current use of the internet.

As Facebook changes the privacy settings in its platform, those changes will affect the discoverability of messages in civil litigation.

Sources:

Zubulake Revisited: Six years Later

A new treatise has been written on field of electronic stored information and sanctions for spoliation. In the Amended Opinion and Order for The Pension Committee of the University of Montreal Pension Plan et al., v. Banc of America Securities, LLC, et al. Judge Shira A. Scheindlin of the Southern District of New York, addressed the issues of parties’ preservation obligations and spoliation in great detail.

The order identified several actions (or failures to act) which would result in a finding of gross negligence in upholding discovery obligations:

“After a discovery duty is well established, the failure to adhere to contemporary standards can be consi-dered gross negligence. Thus, after the final relevant Zubulake opinion in July, 2004, the following failures support a finding of gross negligence, when the duty to preserve has attached:

  • to issue a written litigation hold;
  • to identify all of the key players and to ensure that their electronic and paper records are preserved;
  • to cease the deletion of email or to preserve the records of former employees that are in a party’s possession, custody, or control; and
  • to preserve backup tapes when they are the sole source of relevant information or when they relate to key players, if the relevant information maintained by those players is not obtainable from readily accessible sources.”

The order establishes that sanctions for evidence spoliation require proof that: (i) the party had control over the evidence and an obligation to preserve it at the time it was lost or destroyed; (ii) acted with a culpable state of mind; and (iii) the lost or destroyed evidence was not only relevant to the innocent party’s claims or defenses, but also that party suffered real prejudice as a result.

Sources:

Adriana Linares of LawTech Partners supplied the image: http://www.flickr.com/photos/lawtechpartners/438634521/. Used with permission.

In-House Counsel Sanctioned for Failing to Monitor the Preservation of Electronic Evidence

lotto killa sheriff's car

In the Swofford v. Eslinger case, the court sanctioned in-house counsel (but not outside counsel) for failure to preserve evidence. The attorney sanctioned was general counsel for a government entity, the Seminal County Sheriff’s Department. What was unique about this case was that the sanctions were brought against in-house counsel for spoliation of evidence even though he was not the attorney of record or a named party.

What Happened?

In April 2006, Robert Swofford, a recent multi-million dollar Florida state lottery winner, was shot in his backyard by two sheriff’s deputies in pursuit of burglary suspects. Mr. Swofford sued the sheriff and the two deputies for use of excessive force and unlawful entry onto his property.

Mr. Swofford’s attorney sent letters requesting that the sheriff’s office preserve all evidence within its possession related to the shooting, listing specific types of evidence, including firearms and electronic evidence. Separately, the sheriff’s office has an obligation to retain the evidence in question while the outcome of a law enforcement investigation is pending.

What Did They Do Wrong?

Nothing.

They had an obligation to do something, but did nothing instead. They never issued any directives or “litigation hold memos” to suspend all orders, practices, or policies that could lead to the destruction of evidence relevant to this case.

“As admitted at the Hearing by David Lane, SCSO’s General Counsel since March 2006, the only action taken by anyone at the SCSO in response to the preservation letters was that Linda McDaniel, a paralegal in the General Counsel’s office, reviewed the letters and forwarded a copy of the letters to approximately six senior SCSO employees, including Sheriff Eslinger.”

None of the individuals did anything to see that the sheriff’s office employees did anything to comply with their legal obligations to preserve evidence. Even in the face of a motion for spoliation sanctions, filed in November 2008, the Office of General Counsel still had not, as of the hearing in June 2009, done anything to ensure that employees were properly complying with the preservation letters.

Emails were deleted. Laptops were recycled. Nearly all the evidence was lost.

Lotto Killa

One piece of evidence that was not destroyed was an instant message conversation between Remus, one of the deputies involved in the shooting,  and another officer.  In the  conversation, the other officer referred to Remus as the “Lotto killa.” Remus replied:  “I need to go to the sign shop and have them put that name on the side of the car.”

Apparently, the instant messages were on a different server than email. A server with a different procedure for deleting old messages.

At the time of that instant message conversation Mr. Swofford lay near death in the local hospital. He managed to survive.

Maybe this kind of sick humor was in those destroyed emails.

The Standard

“It is not sufficient to notify employees of a litigation hold and expect that the [employee] will then retain and produce all relevant information. Counsel must take affirmative steps to monitor compliance so that all sources of discoverable information are identified and searched [and in this case, preserved.]” Zubulake, 229 F.R.D. at 432.

Sanctions and Effect

In a blistering opinion, the judge specifically reprimanded the General Counsel for his “abject failure to comply with legal standards” by failing to issue a “litigation hold memo” and failing to ensure that employees subsequently complied with their preservation obligations.

The ruling provided for payment of Mr. Swofford’s legal costs related to the spoilation. The judge also used the nuclear sanction of creating a presumption that the evidence would have contained information detrimental to the sheriff’s office. The jury will be instructed:

  • “to infer that emails deleted from April 20, 2006, to April 2007 contained information detrimental to all Defendants in this case.”
  • “that the radios and their missing accessories would yield evidence adverse to Defendants’ case had they been produced.”
  • “that Remus’s laptop computer contained information detrimental to the SCSO’s and Remus’s defense of this case.”

Take-Away

The case is remarkable because of its sanction of the general counsel who was not involved in the litigation.That is a wake up call.

The facts of the case are particularly egregious. The general counsel did nothing to preserve the evidence. Reading the opinion, you see nothing but bad faith by the sheriff department.

The duty to preserve may be triggered upon filing of the suit and retention of counsel or otherwise be a duty that runs to both in-house and outside counsel. In-house counsel cannot ignore their preservation responsibilities.  Merely forward a preservation request is insufficient. In-house counsel must take affirmative steps to monitor compliance so that all relevant, discoverable information is identified, retained and made available.

References:

The Four Areas of Risk and Knowledge

4 box black swan

When thinking about risk, I break things into four quadrants. There are things we know and there are things we don’t know as individuals. I then slice slice that further again with the things we know and the things we don’t know as part of the larger organization or conscious state.

Our sweet spot is the the things we know that we know. (The green area on my chart.) Those are our operations. Those are the things we have in the realm of compliance. We may not be fully compliant and dealing with the risk. But it is known.

At the opposite corner are the things that we don’t know that we don’t know. This is the black swan territory. This is an area of danger for an organization. This is a knowledge void and a compliance void. These are risks that we don’t know about. We don’t know the magnitude of the risk and we don’t know it even exists. Our models miss this factor. Our organizations are not paying attention to these risks.

4 box black swan

The other two areas are also interesting.

The things we know that we don’t know is an area that we know we can improve. (The orange quadrant on my chart) This is the area of known ignorance or accepted unknowns. You can manage these risks, because we know them. They have been identified, although not quantified. They may be on the list of things to address. Or we may just be willing to run naked in this area and are not worried about the risk.

The last area of the things that we don’t know we know is an area of opportunity. (The purple quadrant on my chart) This is risk that they are managing, even if they don’t know that risk exists. Often this will be a risk associated with another risk, either through causation or correlation. If an organization realizes they have this knowledge, they maybe able to create a new opportunity for themselves by discovering it. You do need realize that the causation or correlation may sever at some point, pushing this risk down into the territory of the black swan.

There is also an element of danger in the opportunity area when it comes to records management. These may be the pieces of information getting unearthed during litigation that gets an organization in trouble.

It’s important to realize and accept that there are things we don’t know. The key to bettering the organization is to continually try to reduce the amount of stuff that we don’t know.

I want to credit Liam Fahey, a professor at Babson College and co founder of the Leadership Forum, for the origins of this matrix. He gave a presentation using this analysis to a group of law firm knowledge management leaders in October of 2008.

California Adopts e-Discovery Rules

California

Never mind the budget crisis or handing out IOUs, California has passed its own Electronic Discovery Act. California joins the 30 other states that have decided to include provisions in their rules aimed directly at the discovery of Electronically Stored Information.

The Act amends the California Code of Civil Procedure by expressly permitting discovery of electronically stored information. The goal is to improve discovery measures during litigation and to avoid undue involvement by the court in resolving e-discovery disputes. The Act defines Electronically Stored Information as “information that is stored in an electronic medium” and defines “electronic” as “relating to technology having electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities.”

California’s new e-discovery rules closely parallel the federal version. The Act primarily applies the existing rules in the California Civil Discovery Act to ESI and establishes procedures to request and respond to e-discovery.

California’s Electronic Discovery Act is similar to the Federal Rules. The California act also has  Federal Rules safe harbor for the failure to produce Electronically Stored Information.  “Absent exceptional circumstances, the court shall not impose sanctions on a party or any attorney of a party for failure to provide electronically stored information that has been lost, damaged, altered, or overwritten as a result of the routine, good faith operation of an electronic information system.” Cal. Code of Civil Procedure 1985.8 (l)

California Governor Arnold Schwarzenegger signed the Act on June 29 and it goes into effect immediately.

References:

Code of Civil Procedure