In recent months, issues related to internal control systems and reporting have taken on an increased profile and significance. For example, as previously noted by the authors here and here, the SEC has sought to prioritize compliance with internal controls by initiating a growing number of investigations into companies based on allegations of inadequate internal controls.
For the first time in the nearly five years since Dodd-Frank went into effect, the SEC last week took action against a company over concerns that the company was preventing its employees from potentially blowing the whistle on illegal activity. The action is significant because the SEC was targeting seemingly innocuous language in a confidentiality agreement and there were no allegations that the company, KBR, Inc., was otherwise breaking the law.
Securities fraud actions are often filed on the heels of an announcement of an internal or SEC investigation. A recent Ninth Circuit decision, Loos v. Immersion Corp., may make it easier for company executives to sleep at night following such an announcement. The Ninth Circuit has joined a growing number of circuits holding that the announcement of an internal investigation, standing alone, is insufficient to show loss causation at the pleading stage. READ MORE
On June 27, 2014, the U.S. Court of Appeals for the D.C. Circuit issued an important, unanimous decision upholding the assertion of attorney-client privilege for an internal investigation. The decision is especially significant because it (a) forcefully reversed a growing trend in the D.C. federal district courts that had narrowly applied the attorney-client privilege to internal investigations and (b) confirmed that communications made during the course of an internal investigation – e.g., interviews and interview notes and reports – are privileged whenever a primary purpose of the communication was to obtain legal advice.
The case involves a False Claims Act claim against Kellogg, Brown & Root (“KBR”), a former Halliburton subsidiary, regarding alleged fraud and other unlawful conduct violating the company’s code of business conduct. The plaintiff sought various materials relating to KBR’s investigation of the alleged conduct. Non-lawyers, acting at the direction of in-house lawyers, conducted the interviews.
Cloud computing may be the next shoe to drop. On the heels of Mary Jo White’s recent appointment as Chairman of the SEC and predictions that it may refocus enforcement on accounting fraud came word last week that the Commission is investigating IBM’s cloud-computing accounting. In an SEC filing, IBM defended its revenue accounting for cloud-based services, stating “[w]e are confident that the information we have provided has been consistently accurate.”
This may just be the tip of the iceberg for an industry estimated by some analysts to generate global revenues of $131 billion this year, 60% of which originate in the United States.
Cloud computing has no single definition but one basic expression would be the practice of storing and accessing information on servers accessed through the Internet. There are many cloud-computing business models, including Infrastructure as a Service (“IaaS”), in which customers access computing power, such as servers, through physical equipment owned by the provider; Platform as a Service (“PaaS”), in which customers use a provider’s computing environment—including operating systems, programming languages, and databases—to create applications remotely; and Software as a Service (“SaaS”), services that allows users to operate software remotely. Google Documents and the e-Discovery platform Relativity are just two cloud-based services that readers may be familiar with. READ MORE
