A Modest Catalogue of Avoidable Catastrophes
There is a certain comfort, for the compliance professional, in knowing that however badly things are going at their own organisation, someone, somewhere, has done considerably worse. History is generous in this respect. The annals of corporate sales are littered with cautionary tales of such spectacular dimension that they almost — almost — inspire admiration for the sheer commitment involved.
What follows is not an exhaustive list. It couldn’t be. The subject matter is simply too abundant.
Wells Fargo: Selling Things People Didn’t Know They’d Bought
Few compliance failures in modern banking history combine quite so many ingredients — perverse incentives, aggressive sales targets, managerial pressure, and approximately two million unauthorised accounts — as Wells Fargo’s retail banking scandal, which unravelled publicly in 2016 after years of quiet internal concern.
The core mechanism was almost elegant in its awfulness. Front-line staff, under intense pressure to meet sales quotas that many described as essentially unachievable by honest means, began opening accounts, transferring funds, and issuing credit cards for customers who had not requested any of these things. Customers occasionally noticed unexpected fees. Some noticed unexpected credit enquiries. A number noticed accounts they had never opened. The bank, for its part, managed to notice relatively little for quite some time.
The eventual settlement with US regulators ran to approximately $185 million in the first instance, which sounds substantial until one considers that Wells Fargo was generating roughly $22 billion in annual profit at the time. More damaging was the reputational fallout, the subsequent congressional hearings, and the asset cap imposed by the Federal Reserve — an intervention so unusual that it served as a rather pointed commentary on the seriousness with which regulators viewed the matter.
The root cause, most analysts agree, was a sales culture so aggressively incentivised that ethics became, in practice, optional. The phrase “eight is great” — referring to the target of eight products per customer — entered compliance textbooks as a shorthand for what happens when sales targets are set without any corresponding consideration of how, realistically, those targets might be met.
Volkswagen: When the Product Itself Is the Compliance Failure
Most sales compliance failures involve how a product is sold. Volkswagen’s emissions scandal, revealed in 2015, had the distinction of concerning what the product actually was — specifically, the rather significant gap between what it was claimed to do and what it actually did when not being tested.
The “defeat device” — software designed to recognise when a vehicle was undergoing emissions testing and adjust its performance accordingly — was installed across millions of diesel vehicles worldwide. During testing, the cars performed admirably. On actual roads, driven by actual people breathing actual air, they emitted nitrogen oxides at levels up to forty times the regulatory limit. This is what the industry might describe as a variance.
The sales dimension is worth dwelling on. Volkswagen had built an entire commercial strategy around the concept of “clean diesel” — marketing vehicles to environmentally conscious consumers on the basis of emissions credentials that were, in the most polite possible terms, aspirational. Customers paid premiums. Governments offered tax incentives. The competitive advantage was real. It was also, as it turned out, entirely manufactured.
The financial consequences were appropriately severe: over $30 billion in fines, settlements, and vehicle buyback costs across various jurisdictions. The reputational consequences were perhaps more enduring. It is difficult, once regulators have established that your environmental credentials were generated by software rather than engineering, to reclaim the moral high ground with any conviction.
Payment Protection Insurance: A British Institution
No survey of sales compliance failures would be complete without reference to Payment Protection Insurance, or PPI — a product so systematically mis-sold across the United Kingdom that it generated what is, by most measures, the largest consumer redress exercise in British financial services history.
PPI was, in principle, a sensible enough product: insurance designed to cover loan repayments if the borrower fell ill, lost their job, or otherwise found themselves unable to pay. In practice, it was sold to people who were self-employed (and therefore ineligible to claim), people who were already retired, people who had existing medical conditions that excluded them from coverage, and — in a move of particular efficiency — people who were not told they had purchased it at all.
The total bill for PPI redress ultimately exceeded £50 billion, spread across virtually every major UK retail bank and a considerable number of smaller ones. The complaints deadline, set by the Financial Conduct Authority for August 2019, generated such a volume of last-minute claims that the processing systems of several banks experienced what their communications teams carefully described as “high volumes.”
What makes PPI particularly instructive as a compliance failure is its duration. The mis-selling was not a brief aberration. It continued, at scale, across the industry, for the better part of two decades. This was not a rogue individual, or a single poorly designed product, or an isolated failure of oversight. It was a systemic, industry-wide, sustained collapse of the basic principle that products should be sold to people for whom they are suitable. The compliance lessons are, one might observe, not especially subtle.
Enron: Where the Entire Business Was the Mis-Sell
Enron occupies a somewhat special category in the compliance failure canon, in that the organisation’s sales and trading activities were built upon accounting constructions so elaborate, and so remote from economic reality, that describing them as “optimistic” would be generous to the point of absurdity.
The company sold itself to investors, analysts, and the broader market as a dynamic, innovative energy trading business generating impressive and consistent returns. This narrative was sustained through a series of off-balance-sheet vehicles, mark-to-market accounting applied with creative enthusiasm, and an internal culture in which questioning the numbers was professionally inadvisable.
When the structure collapsed in 2001, it did so with some thoroughness. Shareholders lost approximately $74 billion. Thousands of employees lost their jobs and, in many cases, their pension savings. Arthur Andersen, the auditing firm whose sign-off had lent Enron’s figures a veneer of credibility, ceased to exist as a going concern. Several executives received custodial sentences of notable length.
The compliance lessons from Enron are discussed in virtually every business school programme worldwide, which makes it somewhat puzzling that the essential elements — pressure to meet targets by any means available, cultural disincentives to raising concerns, and governance structures that provided oversight in form rather than substance — continued to appear in subsequent corporate failures with reliable regularity.
Purdue Pharma: Sales Incentives With Lethal Consequences
If most compliance failures result in financial harm, Purdue Pharma’s promotion of OxyContin stands as a reminder that the consequences of aggressive, misleading sales practices can extend considerably further.
Purdue’s sales force was incentivised to promote OxyContin as a less addictive alternative to existing opioid painkillers — a characterisation that was, to use the technical term, wrong. Physicians were targeted with marketing that downplayed addiction risks, sales representatives were rewarded for increasing prescription volumes, and the company resisted evidence of widespread misuse and diversion with what subsequent litigation described as deliberate disregard.
The human cost of the opioid crisis — in which OxyContin played a significant role — runs to hundreds of thousands of overdose deaths across the United States. The Sackler family, which owned Purdue, agreed to a settlement that eventually reached approximately $6 billion, though the precise legal and financial resolution has been subject to extensive litigation. The company itself filed for bankruptcy.
There are compliance failures that cost money, and there are compliance failures that cost lives. Purdue Pharma managed, with some distinction, to do both.
Closing Reflection
The striking thing about all of these cases is not that they happened — human beings, under sufficient commercial pressure, will occasionally behave in ways that they might, with hindsight, reconsider. The striking thing is how many of them were entirely visible, internally, long before they became externally catastrophic. In almost every case, someone knew. In several cases, many people knew. The systems, incentives, and cultures in place simply made it easier to carry on than to stop.
Compliance professionals sometimes struggle to articulate their value to organisations that view their function as an overhead rather than a safeguard. The cases above provide, one might suggest, a fairly compelling argument — delivered, as all the best lessons are, entirely at someone else’s expense.
The good news, for anyone in the compliance profession, is that job security has rarely looked more robust. The bad news, for everyone else, is obvious.
A Modest Catalogue of Avoidable Catastrophes
There is a certain comfort, for the compliance professional, in knowing that however badly things are going at their own organisation, someone, somewhere, has done considerably worse. History is generous in this respect. The annals of corporate sales are littered with cautionary tales of such spectacular dimension that they almost — almost — inspire admiration for the sheer commitment involved.
What follows is not an exhaustive list. It couldn’t be. The subject matter is simply too abundant.
Wells Fargo: Selling Things People Didn’t Know They’d Bought
Few compliance failures in modern banking history combine quite so many ingredients — perverse incentives, aggressive sales targets, managerial pressure, and approximately two million unauthorised accounts — as Wells Fargo’s retail banking scandal, which unravelled publicly in 2016 after years of quiet internal concern.
The core mechanism was almost elegant in its awfulness. Front-line staff, under intense pressure to meet sales quotas that many described as essentially unachievable by honest means, began opening accounts, transferring funds, and issuing credit cards for customers who had not requested any of these things. Customers occasionally noticed unexpected fees. Some noticed unexpected credit enquiries. A number noticed accounts they had never opened. The bank, for its part, managed to notice relatively little for quite some time.
The eventual settlement with US regulators ran to approximately $185 million in the first instance, which sounds substantial until one considers that Wells Fargo was generating roughly $22 billion in annual profit at the time. More damaging was the reputational fallout, the subsequent congressional hearings, and the asset cap imposed by the Federal Reserve — an intervention so unusual that it served as a rather pointed commentary on the seriousness with which regulators viewed the matter.
The root cause, most analysts agree, was a sales culture so aggressively incentivised that ethics became, in practice, optional. The phrase “eight is great” — referring to the target of eight products per customer — entered compliance textbooks as a shorthand for what happens when sales targets are set without any corresponding consideration of how, realistically, those targets might be met.
Volkswagen: When the Product Itself Is the Compliance Failure
Most sales compliance failures involve how a product is sold. Volkswagen’s emissions scandal, revealed in 2015, had the distinction of concerning what the product actually was — specifically, the rather significant gap between what it was claimed to do and what it actually did when not being tested.
The “defeat device” — software designed to recognise when a vehicle was undergoing emissions testing and adjust its performance accordingly — was installed across millions of diesel vehicles worldwide. During testing, the cars performed admirably. On actual roads, driven by actual people breathing actual air, they emitted nitrogen oxides at levels up to forty times the regulatory limit. This is what the industry might describe as a variance.
The sales dimension is worth dwelling on. Volkswagen had built an entire commercial strategy around the concept of “clean diesel” — marketing vehicles to environmentally conscious consumers on the basis of emissions credentials that were, in the most polite possible terms, aspirational. Customers paid premiums. Governments offered tax incentives. The competitive advantage was real. It was also, as it turned out, entirely manufactured.
The financial consequences were appropriately severe: over $30 billion in fines, settlements, and vehicle buyback costs across various jurisdictions. The reputational consequences were perhaps more enduring. It is difficult, once regulators have established that your environmental credentials were generated by software rather than engineering, to reclaim the moral high ground with any conviction.
Payment Protection Insurance: A British Institution
No survey of sales compliance failures would be complete without reference to Payment Protection Insurance, or PPI — a product so systematically mis-sold across the United Kingdom that it generated what is, by most measures, the largest consumer redress exercise in British financial services history.
PPI was, in principle, a sensible enough product: insurance designed to cover loan repayments if the borrower fell ill, lost their job, or otherwise found themselves unable to pay. In practice, it was sold to people who were self-employed (and therefore ineligible to claim), people who were already retired, people who had existing medical conditions that excluded them from coverage, and — in a move of particular efficiency — people who were not told they had purchased it at all.
The total bill for PPI redress ultimately exceeded £50 billion, spread across virtually every major UK retail bank and a considerable number of smaller ones. The complaints deadline, set by the Financial Conduct Authority for August 2019, generated such a volume of last-minute claims that the processing systems of several banks experienced what their communications teams carefully described as “high volumes.”
What makes PPI particularly instructive as a compliance failure is its duration. The mis-selling was not a brief aberration. It continued, at scale, across the industry, for the better part of two decades. This was not a rogue individual, or a single poorly designed product, or an isolated failure of oversight. It was a systemic, industry-wide, sustained collapse of the basic principle that products should be sold to people for whom they are suitable. The compliance lessons are, one might observe, not especially subtle.
Enron: Where the Entire Business Was the Mis-Sell
Enron occupies a somewhat special category in the compliance failure canon, in that the organisation’s sales and trading activities were built upon accounting constructions so elaborate, and so remote from economic reality, that describing them as “optimistic” would be generous to the point of absurdity.
The company sold itself to investors, analysts, and the broader market as a dynamic, innovative energy trading business generating impressive and consistent returns. This narrative was sustained through a series of off-balance-sheet vehicles, mark-to-market accounting applied with creative enthusiasm, and an internal culture in which questioning the numbers was professionally inadvisable.
When the structure collapsed in 2001, it did so with some thoroughness. Shareholders lost approximately $74 billion. Thousands of employees lost their jobs and, in many cases, their pension savings. Arthur Andersen, the auditing firm whose sign-off had lent Enron’s figures a veneer of credibility, ceased to exist as a going concern. Several executives received custodial sentences of notable length.
The compliance lessons from Enron are discussed in virtually every business school programme worldwide, which makes it somewhat puzzling that the essential elements — pressure to meet targets by any means available, cultural disincentives to raising concerns, and governance structures that provided oversight in form rather than substance — continued to appear in subsequent corporate failures with reliable regularity.
Purdue Pharma: Sales Incentives With Lethal Consequences
If most compliance failures result in financial harm, Purdue Pharma’s promotion of OxyContin stands as a reminder that the consequences of aggressive, misleading sales practices can extend considerably further.
Purdue’s sales force was incentivised to promote OxyContin as a less addictive alternative to existing opioid painkillers — a characterisation that was, to use the technical term, wrong. Physicians were targeted with marketing that downplayed addiction risks, sales representatives were rewarded for increasing prescription volumes, and the company resisted evidence of widespread misuse and diversion with what subsequent litigation described as deliberate disregard.
The human cost of the opioid crisis — in which OxyContin played a significant role — runs to hundreds of thousands of overdose deaths across the United States. The Sackler family, which owned Purdue, agreed to a settlement that eventually reached approximately $6 billion, though the precise legal and financial resolution has been subject to extensive litigation. The company itself filed for bankruptcy.
There are compliance failures that cost money, and there are compliance failures that cost lives. Purdue Pharma managed, with some distinction, to do both.
Closing Reflection
The striking thing about all of these cases is not that they happened — human beings, under sufficient commercial pressure, will occasionally behave in ways that they might, with hindsight, reconsider. The striking thing is how many of them were entirely visible, internally, long before they became externally catastrophic. In almost every case, someone knew. In several cases, many people knew. The systems, incentives, and cultures in place simply made it easier to carry on than to stop.
Compliance professionals sometimes struggle to articulate their value to organisations that view their function as an overhead rather than a safeguard. The cases above provide, one might suggest, a fairly compelling argument — delivered, as all the best lessons are, entirely at someone else’s expense.
The good news, for anyone in the compliance profession, is that job security has rarely looked more robust. The bad news, for everyone else, is obvious.
