A Sweet Securities and Exchange Commission Settlement Deal for VeriFone

The Securities and Exchange Commission (SEC) settled charges against VeriFone Holdings Inc. (VeriFone) and a former finance department employee, Paul Periolat, regarding allegations that VeriFone, a provider of electronic pay services, filed false accounting records which boosted the company’s gross margins and income reported to shareholders for three consecutive quarters in 2007. The falsification resulted in an overstatement of earnings by more than $37 million.

VeriFone settled with the SEC without admitting or denying the allegations. VeriFone consented to a permanent injunction against violations of the reporting, internal controls, and other provisions of the federal securities laws. Periolat, now an ex-employee, consented to a permanent injunction against further violations of certain antifraud, reporting, internal controls, and other provisions of the federal securities laws, and Periolat has to pay a $25,000 civil penalty fine. There were no other charges or any monetary penalty assessed against VeriFone.

This is perhaps one of the sweetest settlements for a public company who has breached its fiduciary duty of care to shareholders and presumptively violated Sarbanes-Oxley (SOX) Section 302. The facts concerning VeriFone’s wrongdoing are not unusual but the speed and the terms under which the SEC settled the investigation are unusual. The SEC sued VeriFone on Tuesday, September 1st and the case was settled on the same day.

The SEC alleged that VeriFone made unsupportable alterations to its records to compensate for an unexpected decline in gross margins, overstating VeriFone’s operating income by a total of 129 percent. The SEC further alleged that when internal VeriFone reports showed that gross margins would be markedly lower than previously released guidance to analysts, senior management "was convinced that previously released guidance to analysts were correct and directed finance employees to figure out and fix the problem” so VeriFone could report results in line with forecasts and thereby avoid “an 'unmitigated disaster." The SEC specifically alleged that VeriFone’s former supply chain controller, Periolat, made large manual adjustments to inventory balances on VeriFone’s books each quarter, dramatically increasing both gross margins and operating income. The accounting irregularities came to light during a routine annual audit in November 2007. A few weeks later, VeriFone announced it would restate earnings for the first three quarters of fiscal 2007. VeriFone’s stock fell by 46 percent to $26.03 the day of the announcement, wiping out $1.8 billion from VeriFone’s market capitalization. It is this type of corporate misconduct which encouraged Congress back in 2002 in the wake of historical corporate scandals to adopt comprehensive legislation to increase the accuracy, level of disclosure, and ultimately the accountability for corporate financial mis-reporting.

In 2002, with the seemingly endless financial and management scandals that were then coming to light, including the collapse of Enron and, even more dramatic, the collapse of WorldCom, Congress adopted SOX to remedy the damage that had been caused to investor confidence in the markets. SOX has set the requisite standard for public companies regarding financial transparency and accuracy. The responsibility is on companies’ chief executive officers (CEOs) and chief financial officers (CFOs) to ensure that their financial reporting is transparent and accountable. As such, VeriFone is under a federal statutory duty to implement long-term strategies to establish and evaluate internal control over its financial reporting. It is not enough for CEOs and CFOs to merely sign off on the financials. CEOs and CFOs must certify as to the financial accuracy and effective internal controls currently in place and must to attest to the transparency and accountability of company’s financials. This duty to implement and maintain effective internal controls has long existed under a corporation’s common law fiduciary duty of care. In re Caremark is the seminal case regarding a corporation’s fiduciary duty to implement and maintain effective internal controls. Professor William Gregory’s law review article in the Akron Law Review entitled, The Fiduciary Duty of Care: A Perversion of Words, is an excellent discussion of the confusion that often exist between the duty of loyalty and the duty of care.

SOX Section 302 entitled “Corporate Responsibility for Financial Reports” requires CEOs and CFOs of public companies to certify the information in the company's annual and quarterly reports to the SEC, as well as the company's internal controls are effective. Marc J. Fagel, director of the SEC’s San Francisco regional office stated that through poor oversight and controls, VeriFone senior management allowed an employee to make millions of dollars of unsubstantiated accounting adjustments that enabled the company to meet its guidance to Wall Street. VeriFone maintains that Periolat acted without scrutiny or authorization from more senior management. This means that VeriFone’s internal controls failed and three quarterly reports filed with the SEC in 2007 were inaccurate which violated SOX Section 302 and was a breach of VeriFone’s fiduciary duty of care to its shareholders.

Marc J. Fagel further stated that public companies need to ensure that their financial statements give an accurate assessment of their financial results, and are not improperly adjusted to meet analyst expectations. It is this “tough” language of necessary compliance with federal regulations and, yet “soft” settlement for breach of those regulations which is so perplexing. Perhaps the answer turns on intent. The SEC complaint did not accuse VeriFone of intending to misstate its financial results or to mislead anyone. However, VeriFone’s internal controls were not effective. It is this lack of effective internal controls which should have triggered SOX liability and a breach of VeriFone’s duty of care to its shareholders. These are not issues of intent. These are issues of negligence. VeriFone’s CEO Douglass Bergeron recently stated that “over the past 18 months, the company has substantially improved its governance and internal controls in order to prevent a recurrence of this type of event." Perhaps such sweet reassurances will bring comfort to regulators and shareholders.