COST OF CORPORATE CRIME: $1.5 TRILLION ANNUALLY

ELIMINATING REPEAT OFFENDERS: PRICELESS

The collapse of Enron alone is estimated to have cost the public billions of dollars. Yet Enron was the tip of the iceberg in last year's rapid succession of corporate earnings "re-statements" and admissions that books had been cooked to boost the bottom line. The cost of these discoveries -- $170 billion in direct losses from the top eight controversies, according to Business Week -- was (and continues to be) borne directly by employees, investors and retirees, as well as by the whole of the failing economy.

SB 335 (ROMERO) -- THE CORPORATE THREE STRIKES ACT
"[Fines are just] an operating cost for these companies: They pay the fine, which becomes just a cost of doing business."
-- Missouri Secretary of State, Matt Blunt, Business Week, December 16, 2002

The recent spate of corporate scandals is but the latest chapter in a long and costly history of corporate crime.

SB 335 will deny corporate repeat offenders the right to do business in California. The Corporate Three Strikes Act arms California with the nation's strongest tool to deter egregious violations of law, including consumer, environmental, anti-trust, labor and financial safeguards.

·                     Corporations are required to report all criminal convictions to the Secretary of State, who will maintain this information on a publicly accessible website for ten years.

FINES ARE NOT ENOUGH
Current state and federal sanctions do not adequately deter corporations from breaking the law.

This week, the SEC announced a $1.4 billion settlement with the nation's top ten investment & securities firms. Yet the settlement amount, massive on the surface, was negligible to these multi-billion dollar conglomerates. As Harvard law professor, Lucian Bebchuk, noted in the New York Times when the settlement was reached, Citigroup made $4 billion from underwriting fees alone in 2000 and 2001 -- an amount 10 times the $400 million it owes under the settlement. "Drop in the bucket" punishments give corporations no incentive to change bad behavior.

CORPORATE CRIME SHOULDN'T PAY
Rarely are fines even as substantive as those assessed against the investment firms. But no matter the price, a justice system which relies on fines as the ultimate punishment for corporations often leaves breaking the law as a profitable option. An infamous example is the case of the Ford Pinto. Ford deemed the replacement of the Pinto's faulty gas tank prohibitively costly because a recall would have cost $137 million. The company decided it was cheaper to pay the medical and court costs associated with an average 180 deaths a year than to replace the defect that caused them.

Though some corporations repeatedly violate the law, even when caught they pay relatively insignificant amounts in fines or settlements. Even worse, businesses can frequently "write off" fines, legal fees, and other expenses attributable to criminal actions as "business expenses." The majority of the amounts paid by Citibank and the top investment firms in 2002 are expected to be tax-deductible. In this way companies force the public -- first as consumers and then as taxpayers -- to pay twice for corporate misconduct. This practice does nothing to protect the public from future corporate crime and undermines a healthy economy.

CURRENT LAW
Statutes in all 50 states give the Attorney General the power to ask a court to revoke a corporate charter. California law provides for corporate dissolution on several grounds, including if the corporation "has seriously offended against any provision of the statutes regulating corporations" or when it "has fraudulently abused or usurped corporate privileges or powers."

Though this power is rarely invoked, it has been exercised. In 1976, the California Attorney General brought a charter revocation action against a private water company for delivering contaminated water to its customers. The action forced the corporation to sell itself to the public water district. More recently, in 1998, New York's Attorney General used their charter revocation statute to help put out of business the Council for Tobacco Research, an industry front group accused of intentionally undermining research about tobacco and health.

The Corporate Three Strikes Act declares the intention of the people of California to require the Attorney General to exercise this power in the case of corporate repeat offenders.

 

The Foundation for Taxpayer and Consumer Rights

“Fact Sheet”

http://www.consumerwatchdog.org/corporate/fs/fs003284.php3

Study: Online Crime Costs Rising

By David McGuire, Washington Post May 25 2004 10:43AM

Online criminals are attacking corporate and government networks more frequently, costing businesses an estimated $666 million in 2003, according to a survey of computer security executives released today.

The survey was conducted by CSO [Chief Security Officer] magazine in cooperation with the U.S. Secret Service and the CERT cybersecurity center at Carnegie Mellon University in Pittsburgh.

It showed that more than 40 percent of 500 executives polled said hackers have become the greatest cybersecurity threat to business and government networks, compared to 28 percent who feared internal threats such as disgruntled or recently fired employees. More than 40 percent of the respondents said the number of computer crime incidents increased from 2002 to 2003, compared to 6 percent who said it dropped.

The rise in the number of executives who fears hackers marks a shift in corporate attitudes toward security, said CSO publisher Robert Bragdon. "Historically businesses have always focused on the internal threats being the biggest dangers to their organization," he said.

Despite the shift to watching for external threats, 36 percent of the respondents said that they monitor employees' Web use and other activities to prevent internal sabotage and leaks.

Computer systems falling prey to ever more sophisticated attacks are increasingly essential to the daily operations of businesses and government agencies, said Harris Miller, president of the Information Technology Association of America.

ITAA has long warned that many companies have not devoted enough time and money to cybersecurity. Miller said he hopes studies like this will convince executives of the dangers of shortchanging their electronic defenses.

"A lot of CEOs and a lot of CFOs say 'what is the return on investment for all these investments in cybersecurity?' Studies like this show that CEOs and CFOs unwilling to make those investments are paying a dangerous game of Russian roulette," Miller said.

Nevertheless, nearly 100 percent of executives surveyed said they used firewall software in their corporate networks, and more than 80 percent used encryption and similar technology to protect their electronic transactions.

The survey's results come out a week after the Business Roundtable -- a group whose membership represents some of the nation's largest companies -- blasted the software industry for developing products that are vulnerable to hackers and other security threats, leaving the corporations to pay the costs after suffering attacks.

"Most of the significant cyber-incidents that have harmed American business and consumers over the past several years have had at their root cause defective and readily exploitable software code," the group said in a statement on how cybersecurity policy should be developed.

A 37-member taskforce comprising business and software industry executives as well as cybersecurity experts, reported to the Department of Homeland Security in April that most corporations fail to take cybersecurity seriously at the top levels of management.

The report did not recommend that the government make cybersecurity a requirement for the private sector, but said that auditing firms should include cybersecurity readiness as part of the criterion for determining whether companies have adequate internal and financial safety controls.

The Bush administration's national cyberspace strategy recommends that companies take stronger steps to insure their electronic security but does not require it.

The CSO survey was conducted between April 15 and April 26. The authors sent e-mail solicitations to the magazine's subscribers and members of the Electronic Crimes Task Forces, run by the Secret Service.

 

Washington Post,

 

Taken From “Security Focus” - http://www.securityfocus.com/news/8767