Special ACFCS Contributor Op-Ed: Lessons from Theranos – Culture, board responsibility and accountability: When Will We Learn?

By Camilla Oliva
Law Student, Benjamin N. Cardozo School of Law
December 8, 2021

As I sit down to write this, Elizabeth Holmes is on the stand testifying at her criminal trial.

Holmes is charged with eleven counts of wire fraud and conspiracy to commit wire fraud in the wake of the damning 2015 Wall Street Journal exposé targeting her former high-flying biomedical company, Theranos.

Facing evidence that Theranos products did not work as advertised, and worse, that Theranos was lying to consumers, Holmes’s legacy disintegrated alongside that of her company.

But as I see the accusations and charges pile up against Holmes, I also see another pillar of the company that was irrevocably cracked.

But it is one that came with far less media fanfare and prosecutorial scrutiny – the board and its cadre of big name executives that failed to look behind the curtain to uncover the fraud and foster a culture of compliance.

While we all know what happened at Theranos – and the jury is still out on the criminality of the fraud – one can’t help but wonder if the board had used its oversight power to empower compliance officers, potentially by pressing the very C-suite executives now allegedly responsible for the firm’s fall from grace.

Theranos was a privately held corporation based in Palo Alto, Calif. which was touted as a breakthrough health technology company, with claims of having devised blood tests that required relatively miniscule amounts of blood to perform vital health tests – a welcome change from needing heavy gauge needles to draw multiple tubes of sample material.

As well, these tests were purportedly able to be performed very rapidly using small, automated devices the company had developed, according to Wikipedia and media reports.

However, these claims were later proven to be more than just inaccurate or overblown – they were lies, leading to a devastating implosion of the company.

Founded in 2003 by 19-year-old Elizabeth Holmes, Theranos raised more than $700 million from venture capitalists and private investors, resulting in a weighty $10 billion valuation at its peak in 2013 and 2014, according to media and online reports.

But the sparkling façade started to crumble in 2015, when medical research professors John Ioannidis and Eleftherios Diamandis, along with investigative journalist John Carreyrou of the Wall Street Journal, questioned the validity of Theranos’ technology, according to online reports.

With investor fervor now turned to fury, the company faced a gauntlet of legal and commercial challenges.

The plethora of probes from medical authorities, investors, the U.S. Securities and Exchange Commission (SEC), Centers for Medicare and Medicaid Services (CMS), state attorneys general, former business partners, patients, and others, according to media reports.

As for Holmes herself, not surprisingly, her net worth plummeted, from an eye-watering estimated $4.5 billion in mid-2016 to virtually nothing. With the house of cards fully collapsed, more lawsuits and censured by CMS, what remained of the company was dissolved on September of 2018.

While the media frenzy continues to criticize the ways Holmes and former Theranos president and COO Ramesh “Sunny” Balwani blatantly lied to consumers and investors alike, Theranos’ former star-studded board of directors appears to have evaded culpability, despite its gross negligence in overseeing and promoting an effective compliance program.

So who was on the board?

From its incorporation in 2003 until 2018, Holmes was the company’s chief executive officer.

She recruited Channing Robertson, a chemical-engineering professor at Stanford, to be a technical advisor and the company’s first board member during its early years, according to Wikipedia.

In July 2011, Holmes was introduced to former U.S. Secretary of State George Shultz, who joined the Theranos board of directors that month.

Over the next three years, Shultz helped to introduce almost all the outside directors on the “all-star board,” according to media reports, including:

• William Perry (former U.S. Secretary of Defense)
• Henry Kissinger (former U.S. Secretary of State)
• Sam Nunn (former U.S. Senator)
• Bill Frist (former U.S. Senator, senate majority leader and heart-transplant surgeon)
• Gary Roughead (Admiral, USN, retired)
• Jim Mattis (General, USMC)
• Richard Kovacevich (former Wells Fargo Chairman and CEO)
• Riley P. Bechtel (chairman of the board and former CEO at Bechtel Group).

Not surprisingly, detractors criticized the board for consisting “mainly of directors with diplomatic or military backgrounds,” according to online reports.

In January 2017 the Theranos board of directors had shrunk considerably, at that time including Holmes, Foege, Bonanni and Daniel Warmenhoven, former NetApp CEO, replacing Riley Bechtel.

One key Achilles Heel of the board is that it lacked top experts in the medical community to challenge the assertions of the company and its technology and only one person potentially with a deep knowledge of anti-money laundering (AML), fraud and corruption compliance programs – Kovacevich, the former head at Wells.

While non-bank corporates don’t have to worry about formal AML programs, they still have to worry about fraud, corruption, sanctions breaches and a host of medical, audit and regulatory rules.

As a parallel, many of the largest fincrime compliance failures at banks noted a weak “tone at the top” from the C-suite and the board, a foundering “culture of compliance” and staff in and out of compliance that were not given sufficient authority to take grievances straight to the board.

As a result, many of the actions included clauses hammered out by federal regulators and law enforcement agencies stating the board must be intimately involved in the compliance program remediation, they would be responsible for its success, or failure, and would be held accountable if the bank did not abide the terms of the negotiated settlement.

Whether it is Theranos avoiding oversight and providing iffy blood test results or Meta, previously Facebook, not imposing oversight on hateful speech and allegedly helping “incite offline violence” that led to the Rohingya genocide in Myanmar, no one benefits from this lack of corporate accountability.

That is, except the fraudsters themselves, who are able to keep their schemes and scams going as long possible to make as much money as possible for themselves and co-conspirators.

That begs the question: Do these and other failings demonstrate the need for government regulation of boards of directors?

While rare, in several AML and sanctions penalties at banks over the past decade, regulators issued individual bans, some permanent, and penalties against top officers, including CCOs, COOs and even CEOs.

In a country that prides itself on endless innovation in all spaces, private companies carry the torch when it comes to rapidly creating products or services that have the capacity to fundamentally change society at large.

Meanwhile, when it comes to how those companies operate, the government’s regulatory procedures require little oversight specifically over how a board is chosen and operates despite the board’s responsibility to supervise the company’s compliance program.

Instead, the government in many cases lackadaisically watches until it must react by imposing necessary post-hoc regulation after issues are discovered and boards of directors generally are absolved of criminal liability.

If a company’s board oversees compliance issues generally, is there anyone that benefits from unregulated compliance programs?

Holmes and Balwani took advantage of their board’s and the government’s inertia to swerve around FDA requirements while directly providing healthcare services to consumers, claiming vague trade secrets.

Rather than set up a protocol to protect company copyright and trademark concerns while being able to communicate with the board about compliance procedures like independent testing, the government took Theranos at its word for years.

As a laboratory, Theranos should have been subject to a myriad of regulations but leveraged trade privacy to obscure the company’s innerworkings from investors and the general public the truth about Theranos’ use of third-party devices to run samples.

As a result, investors pumped money into Theranos without ever fully knowing where it was going.

Former Theranos board members maintain that they were not aware of and that they did not participate in the fraud.

Even if the board did not actively participate, they allowed a company where they carried the responsibility of compliance to dupe an entire industry because of their acquiescence to Holmes and Balwani’s characterizations of the company.

With this kind of corporate culture, anyone – from the consumer or college-student investing in stocks – can get hurt.

With the benefit of hindsight, it is easy to look at a Stanford drop-out who idolized Steve Jobs and think, “Well, anyone who invested in Holmes or believed in her must have been crazy.”

But is Theranos and its impressive but largely useless board of directors truly a special case?

Have we, as a society, faced what Theranos and regulatory failure mean to modern entrepreneurial culture?

Theranos’ spotlight may be special, but its circumstances are far from extraordinary.

We see the consequences of corporate innovation outstripping regulation every day.

The electric automobile company, Tesla, has made Elon Musk the wealthiest individual on the planet. Meanwhile, Consumer Reports rank Tesla vehicles second-to-bottom on their list for reliability.

Some Tesla models remain among the least dependable cars available, yet their famously volatile stock continues surging.

The government continues allowing companies like Tesla to receive investments and tax breaks while building EV charging stations with tax-payer money.

At the same time, an investor lawsuit against Tesla and the board alleging that the board’s inability to restrain and oversee Musk is in violation of settlements with the Securities and Exchange Commission (SEC) demonstrates the need for government regulation of boards of directors.

The SEC may be watching Tesla closely as it provides game-changing technology, but without a board of directors held to a true good-faith compliance standard, a figure as powerful and wealthy as Musk will treat SEC fines as a convenience tax more so than an incurrence of liability.

If not Theranos, what will be the company that teaches the government to hold boards of directors accountable for corporate noncompliance?

Our capitalist economic system ensures that companies creating these changes can reap the benefits to foster the innovative environment the United States prides itself on while largely skirting compliance, accounting and counter-fraud rules – particularly in the lofty ivory towers of the board stratosphere.

However, as the country grows more and more economically unequal, the government’s priority of protecting corporate innovation and structure looks less and less compelling. The cost of not intervening sooner as Theranos and its board avoided implementing regulatory procedures is infamous.

Arguably, there could be one such company – to some on the cusp of technology, communication and social media in the real and virtual worlds – engaging in innovation without enough regulation and innovation right now: Meta, formerly Facebook.

The cost of not knowing how to regulate Meta rarely leaves the news cycle for long. If the government has not learned to be less blindly trusting when looking at a hyper-innovative company, will society ever learn to watch and wait?