Business Technology: Compliance, Kafka, And Criminal Charges - InformationWeek
Business & Finance
03:29 PM
Bob Evans
Bob Evans

Business Technology: Compliance, Kafka, And Criminal Charges

I want to suggest a nightmare scenario that ties in with this week's special issue on compliance. And it's not some Halloween fantasy--it's right out of a blockbuster federal court case going on right now in New York. To help set the stage, here's a quotation from near the end of this column--please bear it in mind as you read: "While employees' conversations with such in-house lawyers have long been considered privileged or off the record, companies wishing to avoid onerous charges and fines are now quick to waive attorney-client privilege and force lawyers to cooperate with prosecutors."

Let's assume you're a solid employee--you do your job above and beyond what's expected, and you're not only aware that your employer has certain policies but you even read them and follow them, even the ones that deal with the stuff that until recently seemed almost otherworldly, like document retention. You have a good idea of what needs to be kept, what should be kept, what might be kept, what ought not to be kept, what must not be kept, and how long those various imperatives are in effect. You're doing what you think is right because you're following the company's policies.

And then, in a classic moment that Kafka might have dreamed up had he been an IM user, you learn that your company recently changed or suspended parts of its document-retention policy but, well, forgot or neglected to inform you of those changes. (Or did it?) And that what you did in the interim could very likely be against the law. Verboten. Criminal. The stuff that leads to jail time.

Other Voices
Five years ago, [Gov.] Gray Davis ran out of water. Two years ago, he ran out of electricity. This year, he ran out of money. Now he's running out of time. It's been a poorly run administration.

-- California resident Larry Ellison, who's also CEO of Oracle

Not possible? Pulp-fiction stuff? Well, check out this paragraph from a terrific article on The Wall Street Journal's Web site about the federal government's case against Frank Quattrone, the former superstar tech-industry investment banker at Credit Suisse First Boston: "Mr. Keker [Quattrone's lawyer] also displayed a Dec. 5, 2000, e-mail from Mr. Char to Mr. Quattrone with a copy to the technology group's lawyer, Mr. Dollard, complaining that the firm's legal and compliance unit 'told everyone except the tech group' that the firm's document-retention policy had been suspended and that files should be preserved." The URL for the article, by Kara Scannell and Randall Smith, is,,SB106512115913920000,00.html (link requires registration).

Meanwhile, the prosecution also showed jurors an E-mail message from that very same day--Dec. 5, 2000--as a major factor in its attempt to prove its criminal charges of obstruction of justice and witness tampering against Quattrone. As the article says about that message, "In it, Mr. Quattrone endorsed an accompanying e-mail from his subordinate, Richard Char, which urged members of Mr. Quattrone's technology-banking group to follow the firm's document-retention policy and discard deal-related items not required to be maintained under the policy."

But wait--was that policy still in effect when Mr. Quattrone sent this message, or had it been "suspended"? And if it had indeed been suspended, had Quattrone's technology banking group not been informed, as his lawyer was attempting to show? Can someone be held accountable for following a corporate policy that had been not just suspended but in fact reversed? Or is there no truth to the assertion that everyone but Quattrone's group was informed of the suspension/reversal until it was too late?

The answers to those questions could very well determine whether Frank Quattrone--a recent Wall Street celebrity who'd generated colossal earnings for his employer and a huge fortune for himself--spends a chunk of the rest of his life behind bars. And ultimately, the answers to those questions will come in large part from digital archives that just might show who knew what and when they knew it. Yes, we have a new glam line of tech products and apps: retention, archiving, storage, access, and, topping the bill: compliance.

In the meantime, though, Quattrone's nightmare gets hairier still: two of the lead witnesses for the government against Quattrone are Credit Suisse First Boston attorneys. The first of those, director of U.S. litigation Kevin McCarthy, testified late last week that he and colleagues "scrambled to send out two separate e-mails to halt possible document destruction" after learning that Quattrone had forwarded an E-mail message to his team telling them to "clean up those files," according to the story.

And, in a closely related development that should make us all wish for truly boring lives, McCarthy's boss and the government's top witness, David Brodsky, was also expected to testify late last week against Quattrone. His testimony, like that of McCarthy, represents a startling break in the long-held tradition under which an attorney could not reveal what he'd been told by a client. But all that may be about to change. "While employees' conversations with such in-house lawyers have long been considered privileged or off the record, companies wishing to avoid onerous charges and fines are now quick to waive attorney-client privilege and force lawyers to cooperate with prosecutors," according to the article.

Here is stark proof of the flesh-and-blood reality--and extreme relevance--of the compliance issues surging throughout the business-technology world today. For the vast majority of us, our toils in understanding, planning for, communicating, carrying out, and enforcing such compliance policies will never be the stuff of front-page news (please!). But I would bet that Frank Quattrone and his Credit Suisse First Boston colleagues, in early December of 2000, thought the exact same thing.

Bob Evans,
Editor in Chief

To discuss this column with other readers, please visit Bob Evans's forum on the Listening Post.

To find out more about Bob Evans, please visit his page on the Listening Post.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll