Who’s in Charge Here? The CPSC and Individual Liability for Corporate Actions
In April, the U.S. Consumer Product Safety Commission (CPSC) and the Department of Justice (DOJ) broke new ground by indicting two former officials of a company accused of failing to timely report a potential product safety hazard to the CPSC. Those indictments marked the first time the CPSC has sought to hold executives criminally liable based on an alleged reporting violation. But while the CPSC had never previously filed criminal charges against individual corporate officers, it has previously sought to hold individuals civilly liable for corporate actions.
For example, in 2013, in an action against a rare earth magnet company, CPSC counsel included the company’s CEO as a Respondent, both individually and in his official capacity. With that action still fresh in the regulated community’s mind, the recent indictments call a question: Is the CPSC trending toward a policy of seeking to hold corporate officers liable for companies’ actions?
If so, the CPSC is not alone. Other agencies, too, are seeking to hold corporate officers liable for companies’ actions. In 2015, Sally Yates, then the deputy attorney general, issued what became known as the Yates Memo, titled “Individual Accountability for Corporate Wrongdoing.” The Yates Memo identified individual accountability as “[o]ne of the most effective ways to combat corporate misconduct” and directed DOJ attorneys in all divisions to take “six key steps to strengthen our pursuit of individual corporate wrongdoing,” including requiring companies to identify potentially involved individuals before allowing them to cooperate; focusing on individuals at the start of an investigation; and having a plan to address any individual liability.
While Yates’ successor, former Deputy Attorney General Rod Rosenstein, later revised these key steps, moderating the “all or nothing” position on cooperation credit and giving DOJ attorneys more latitude, the idea of that DOJ should keep its eye on individuals remained.
Rosenstein’s policy still requires companies to identify all misconduct by senior officials and, to get maximum cooperation credit, to point out all individuals “substantially involved in or responsible for” corporate misconduct.
The longstanding Park Doctrine is a backdrop to these DOJ policy statements. Named for the 1975 U.S. Supreme Court case U.S. v. Park, the doctrine provides that a “responsible corporate officer” (RCO) can be held criminally liable for a corporation’s wrongdoing, even if that officer had no actual knowledge of the illegal act or its illegality. While the Park Doctrine has not been applied to violations of statutes like the Consumer Product Safety Act (CPSA), its reasoning could, as a policy matter, be applied in the context of alleged product-safety violations. Indeed, the CPSC’s 2013 pursuit of a CEO’s personal assets to fund a magnet recall was premised on an RCO theory and cited Park.
By contrast, the recent criminal indictments were based on allegations of the defendants’ direct, personal knowledge and willful misconduct. However, the CPSC may tie these threads together and pursue an RCO-based prosecution or penalty suit in the future. As the CPSC must act through DOJ in criminal cases and, generally, in civil penalty suits, DOJ’s policies – including the Yates and Rosenstein policies on individual liability – can directly influence CPSC litigation.
Because consumers increasingly care about corporate social responsibility – and vote with both their wallets and their ballots to communicate their values to companies and to elected officials –pressure on law enforcement agencies to hold individuals responsible for corporate misconduct is not likely to ease in the coming years. Corporate officers and employees in safety-related positions should be particularly mindful in how they approach reporting decisions and structure product safety and compliance programs. Decision-makers should ensure they are fostering corporate cultures in which they promptly communicate potentially safety-related information both within their companies and, as needed, to regulators.
Contacts
- Related Practices