Did Compliance Programs Fail the Test During the Financial Meltdown?–David Hechler

By David Hechler
Corporate Counsel
March 20, 2009

In a speech last November, Christopher Cox spoke out on the importance of compliance. In his waning months as chairman of the Securities and Exchange Commission, during which he was regularly criticized for failing to enforce the rules, Cox noted: “In a profit-and-loss-driven world, there is always a risk that companies facing an uncertain economic future may choose to cut compliance expenses as a shortsighted way to save money.” Big mistake, he admonished: “You can’t have a strong company without strong compliance.”

Cox got no argument from his audience of chief compliance officers. But the rest of us may be forgiven for wondering what the compliance officers, and the risk officers, and the ethics officers were doing at the financial services firms when their colleagues were placing those dangerous wagers. Weren’t all those internal controls supposed to protect companies from catastrophe?

They didn’t stop Countrywide Financial Corp. from pumping out subprime mortgages that its own compliance staffers called “liar loans.” They didn’t prevent Merrill Lynch & Co. Inc., from gobbling up those mortgages, and bundling them into bonds like those now infamous collateralized debt obligations. Both companies are now part of Bank of America Corp., which snapped them up when their stock prices were in free fall — a result of, among other things, those large, risky bets.

They weren’t alone, of course. All the subprime outfits landed with a thud. Many large financial institutions, which at first made a fortune from CDOs, in the end weren’t much better off than the mortgage shops. Some, like Lehman Brothers, were worse. There’s more than enough blame to go around. Some commentators pointed to the SEC changing a rule in 2004 to expand the amount of debt that banks could carry. Others cited Congress’s 1999 repeal of the Glass-Steagall Act, which threw open banks’ doors to investment banking.

At press time there was a widespread expectation that new laws and regulations were coming. But just as no law can stop the Bernard Madoffs of this world from committing fraud, no law can prevent risky behavior or bad business decisions. And there were certainly more than enough of those. So, while all eyes turn to Washington to set new rules, it seems like a good time for members of the business and legal community to ask themselves some hard questions.

They may want to start with these: Where were the compliance, ethics and risk departments? Why weren’t they able to prevent disaster? In our own search for answers, we looked for examples from the meltdown that highlight both problems and solutions. We were struck by the many ways in which compensation is structured to reward bad behavior — not just by the CEO but down the hierarchy. We found that building an ethical culture can take years to accomplish, and that success often depends on the extent to which executives empower the employees responsible.

Nowhere did this seem clearer than at Countrywide, which was the nation’s largest single family mortgage originator. But here’s a surprise: In the years before its slide, Countrywide was a company that actively invested not just in subprime mortgages but — are you ready? — ethics. And it seemed to be making progress, according to Tim Mazur, who was an ethics officer there and is now the COO of the Ethics and Compliance Officer Association in Waltham, Mass. In fact, had the company started the process sooner, it just might have survived, Mazur says.

But changing a company’s culture isn’t easy. Speaking to an audience of lawyers at a Practising Law Institute seminar last summer, Mazur said: “I don’t know if in your community there are people who win cases by being clever and finding some trick.” In the subprime industry, he said, plenty of people saw underwriting guidelines as “obstacles to overcome.” And those who beat the system were rewarded with big parties. To them, ethics training was neither a wake-up call nor an impediment — it was a joke.


Countrywide is a case study in misaligned compensation. Top execs were rewarded in ways that didn’t promote the long-term interests of the company. So were lower-level employees. And in recent years a crucial link between the quality of the work and the company’s revenues was severed.

It started at the top with CEO (and co-founder) Angelo Mozilo. The Corporate Library, which researches and reports on corporate governance, began criticizing the mortgage company in 2004, when it was a Wall Street darling with a surging stock price.

What did the Corporate Library notice? The CEO’s pay package. Mozilo took home more than $140 million in 2005 and more than $100 million in 2006 even as the share price started to tank, according to a Corporate Library report. It wasn’t only that he was among the most highly paid executives in its surveys. He also was guaranteed both a pay raise each year and a hefty stock option grant. Where his compensation was tied to performance, it wasn’t the long-term sort that governance consultants recommend; his bonus was calculated in part by the rise in the stock price from the previous year.

Why make such a big deal over pay? Nell Minow, The Corporate Library’s co-founder, says that CEO comp is “overwhelmingly” the most consistent predictor of poor performance. As her Countrywide report explained: “Any board which can make such poor decisions about a CEO’s compensation package is almost certain to be making poor decisions elsewhere in its range of responsibilities.” In fact, all the companies that received bailout funds to date were rated D or F by her group, ratings based in large part on skewed executive compensation, she adds.

Mozilo responded to the criticism when he testified before a congressional committee in March 2008, two months after Bank of America agreed to acquire Countrywide. “As our company did well, I did well,” he said. His stock sales were planned for his retirement, and he didn’t receive bonuses in 2007 and 2008, after the company reported losses, he said.

But Mozilo aside, the structure down the chain also rewarded bad behavior. Managers’ bonuses were based on revenue, and in recent years Countrywide’s big revenue producer was subprime mortgages. So they had a special incentive to favor that market. Loan officers did, too, because they were paid larger commissions for pushing these loans.
Why were they especially lucrative? Borrowers were charged higher rates for them than for prime mortgages because the loans were riskier. And Countrywide, based in Calabasas, Calif., sold these loans for a nice profit to investment banks like Merrill, which in turn bundled and sold them as CDOs. Between 2004 and 2007, Countrywide originated $150 billion in subprime mortgages –the most in the industry — helping vault it into the Fortune 100.

So managers were hot to move them. Some pressured loan officers to steer customers into subprimes, even when borrowers had good credit and would be better off with a prime. The practice may not have been illegal, but it was certainly unethical. One manager was actually fired in 2004 after loan officers complained and chief ethics officer Richard Wentz recommended that he be terminated. In an e-mail the manager circulated to his charges (which was quoted in the Los Angeles Times), he warned: “We will not make money if we don’t do Subprime PERIOD.” Though this group of loan officers stood up to the pressure, their own commissions were another incentive to do the wrong thing. According to Tim Mazur, who began his 2 1/2 year stint as an ethics officer in 2004, loan officers at the subprime shops often were paid commissions that were 40 percent higher for subprime loans.

One additional factor affected the subprime business. Loan officers once had a direct financial interest in ensuring that borrowers were matched with appropriate loans, and weren’t saddled with too large a load. As explained in the book “Chain of Blame: How Wall Street Caused the Mortgage and Credit Crisis,” by journalists Paul Muolo and Mathew Padilla, when a borrower defaulted in the old days, there were consequences. As one former loan officer told the authors: “If a home loan went bad … I had to get all that fucking money back for my boss, or it was my job.” It was the old-fashioned version of a clawback.

That kind of direct accountability no longer exists. In recent years, mortgage companies sold the loans before problems could develop. And even when they surfaced later, and an investment bank demanded that a mortgage company repay bad loans, the volume of lending was so great that it wasn’t worth tracking down and digging through the data to hold loan officers responsible.

Countrywide’s compliance officers were supposed to ensure that loans met the company’s underwriting guidelines. But they, too, were under constant pressure. As recounted in “Chain of Blame,” over time the company’s standards eroded to the point where a loan was deemed compliant as long as a borrower stated an income within the guidelines and had a decent credit rating. Not only did loan officers not verify income, sometimes they coached the borrowers on what to say, knowing that the statements were false. That’s how they came to be called liar loans.


Many companies launched ethics and compliance programs in the 1990s, after the Federal Sentencing Guidelines stiffened penalties for corporate misbehavior and advised that punishment be more severe for companies that did not have effective programs. (A change in the Federal Acquisition Regulations that took effect in March will require many companies to extend ethics training. It requires companies that have done $5 million of business with the government — not annually but lifetime — to provide ethics training to their suppliers, too.)

At the time Mazur was hired, in 2004, Countrywide’s ethics program was just gearing up, Mazur says, even though it was formally launched in 1998. Mazur isn’t a lawyer (he earned an MBA), but he and the ethics department reported to one. Wentz, the chief ethics officer, was a deputy general counsel.

The roles of ethics officers and compliance officers at Countrywide were distinct. Compliance officers had long checklists to ensure that employees were following the rules and regulations. Were loan officers adhering to underwriting standards? Had background checks been performed on the loan brokers the company also employed?

The ethics program was supposed to communicate the rules that employees were expected to abide by. Ethics officers were charged with ferreting out misconduct — including but not limited to illegal behavior — and guiding the company’s response.

Mazur’s job was to create and communicate policies. He trained the 80 executives — from Mozilo down to the managing directors — face-to-face. (Annual training for the balance of the 60,000 employees was online.) He ran the information intranet site, and he managed the hotline that employees could call with anonymous complaints. The volume and nature of these calls helped him assess and respond to risks. The annual budget was less than $1 million — not large, given the company’s size, he says. But for the most part the company had “a good attitude.”

Over time, however, the momentum seemed to flag. It was harder to be heard. “I got frustrated,” he says. He’d completed phase one: laying the basic infrastructure. Phase two would be building skills, which he calls the real training: “I kept pushing. And they got frustrated. My manager was less and less happy with me.”

Mazur was laid off in 2006. What he didn’t know then is that Countrywide executives already had much to concern them. Competition in the subprime market peaked that year, as Merrill Lynch ramped up. And signs of problems also began to surface. Liar loans were increasingly common throughout the industry, delinquent loan payments were growing, and by late 2006 the first subprime shop filed for bankruptcy.

Two-and-a-half years wasn’t long enough, Mazur says, for him to complete the job: “I absolutely believe Countrywide would exist today if it had had a best practices ethics department ten years ago.” They were able to take an incipient program and put it on solid footing. But insinuating it into the fabric of an organization takes time. “You have to build a program the same way you build a product line,” he says. “It’s like research and development.”


There are plenty of instances of compliance/ethics/risk departments flagging misbehavior at their companies — to no avail. A vivid example was highlighted in a complaint brought last year by New York attorney general Andrew Cuomo against the Swiss bank UBS AG over its disclosures about auction-rate securities. These were securities such as municipal bonds priced periodically by auctions that, unbeknownst to investors, UBS sometimes propped up through its own purchases. Yet, while financial advisers told clients they were completely liquid “cash equivalents,” for months the bank’s risk management officers sent e-mails to the trading desk warning that the bank couldn’t sustain them. When the bank finally pulled the plug in February 2008, the market collapsed and clients’ assets were frozen — until lawsuits convinced the bank to make clients whole. (UBS settled with Cuomo last summer.)

What Mazur longed for at Countrywide was a role in developing the process by which loans were made. But he never had that kind of power. Wentz, the chief ethics officer, did have the power, but, says Mazur, as a lawyer, Wentz saw his job as providing advice and counsel to the business side — not telling them what to do. (Asked to respond, Wentz, who left Countrywide when Bank of America took over, downplays his being an attorney: “The key point is that the ethics officer be empowered to speak freely” in “a collaborative process with shared responsibility.”)

Empowerment is nearly always the top priority of an ethics officer, says Mazur, but most feel they aren’t accorded the respect they need to be effective. Ironically, the compliance officers who possess the most power often work at companies that were nailed for illegal conduct. Mazur experienced the phenomenon himself when he was regional ethics and compliance officer for Blue Cross Blue Shield in Denver. In pleading guilty to a charge of Medicare fraud in 1999, the company operated under a corporate integrity agreement that gave the ethics office real clout, he says, which it retained even after the agreement expired. According to Mazur, about 5 percent of the Ethics and Compliance Officer Association’s members have been assigned monitors under a deferred prosecution agreement, “and in most cases it’s a good thing.”

The U.S. Department of Justice apparently recognizes the benefits as well. Last year it entered into 16 pretrial agreements with companies, and required every one to adopt compliance reforms, which represented a big jump compared to prior years, according to an article to be published in May in “Corporate Counsel Review,” a journal produced by the South Texas College of Law. And, in a departure from the practice at most companies, the department often requires compliance chiefs to have the ultimate seat at the table by reporting directly to the board.

When a company’s compliance function works well, outsiders may not notice. As Richard Cellini, a VP at consulting firm Integrity Interactive Inc., observes: “No one sticks their head into the chief compliance officer’s office and says, ‘Hey, we’re more compliant this month!'” But here’s one of those seldom-told success stories: Teachers Insurance and Annuity Association- College Retirement Equities Fund (TIAA-CREF), the New York-based teachers retirement system, had the skill, good fortune or both to get out of subprimes at just the right time — thanks to its risk management team.

A few years ago, the company held a modest investment in CDOs. And Erwin Martens, the head of risk management, says there was nothing wrong with that. But in 2007 the team noticed that “the volume of these instruments started to grow very quickly,” and they also had concerns about their quality. And it looked to them as though the securities were being slapped together to meet demand — and priced accordingly, which they saw as another bad sign. A good time to sell, they thought, so the company did — shortly before the securities tanked.

By design, Martens’s team is an eclectic bunch. There are former traders, former money managers, Ph.D. quants, applied credit types. Collectively, they speak eight languages. Trained in computer science and economics himself, Martens has worked for various financial institutions in North America and Europe. And he co-captained the University of North Dakota’s NCAA ice hockey champions, which taught him a lot about teams. Their approach has stood the group in good stead, he says, and it’s helped them secure the support of the board and the CEO to whom they report [see “They’re Not Just Number Crunchers.” ].

Is there a new appreciation for this work these days? A reality check comes from Vincent Kaminski, who hopes it’s true but isn’t so sure. Kaminski, who was a risk analyst at Enron Corp. and now teaches at Rice University, says that traders tell him risk management has been “elevated” since the crash. But many risk management departments are “Potemkin villages,” he says. “They were set up to fail.” The problems he perceives apply to compliance and ethics as well. Companies often marginalize them, and the departments are given responsibility but no authority. And sometimes they go begging for resources. At Enron, Kaminski’s group didn’t control its own budget so they had to find a corporate sponsor. And that permitted executives to limit their inquiries.

But wasn’t the current crisis the product of a perfect storm that no one could have foreseen? Kaminski rejects this suggestion. “Some people in the financial industry saw the problems,” he says. “But personal incentives were not aligned with institutional incentives.”

That’s the holy grail, of course: aligning all the right incentives. How does a company create such a culture? Erwin Martens thinks back to his championship hockey team. Every winning team has to develop a style that harnesses its talents, he says. First it takes the right kind of leadership. Then it takes people communicating effectively, and working together through inevitable obstacles. “It’s easy to spot when you don’t have it,” he says. “It’s hard to maintain when you do.”

Download this article here.

This entry was posted in articles. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *