This site respects your privacy. GAP will not record your IP address or browser information. A detailed privacy statement can be found here.
Protecting Whistleblowers since 1977

Congress's Official View of James Cole's Inept AIG Monitoring

Bea Edwards, May 19, 2010

The Government Accountability Project has obtained the May 2009 report issued by the Congressional Research Service (CRS) about the performance of James Cole, the Independent Consultant placed at AIG in 2006 by the Securities and Exchange Commission (SEC) as part of a Deferred Prosecution Agreement (DPA). The DPA represented the resolution of federal and state allegations of improper accounting and bid rigging at AIG, among other infractions.

It should be emphasized that the findings of the SEC related to the accounting practices at AIG – which led to the DPA – were devastating. For one thing, the SEC found that in 2000 and later years, AIG “materially misrepresented the company’s earnings” and deceived investors about the value of the corporation’s stock. Based on the manipulation of on-paper transactions, AIG constructed a picture of profitability during these years that the SEC described as a “fiction.”

These and other transactions identified in the SEC complaint suggested a complete breakdown in internal controls over accounting at AIG. Management was able to manipulate earnings by creating sham transactions, concealed by false records, apparently without detection for a period of years. The SEC complaint charges that AIG “knowingly circumvented or knowingly failed to implement a system of internal accounting controls” (SEC Complaint, p. 28).

The nature and scope of Cole’s early reports on internal controls at AIG cover virtually all of the company’s compliance and reporting obligations. According to the CRS report:

“It is almost as though the Independent Consultant assumed that AIG had no internal compliance or accounting systems whatsoever.”

It is important to recall that Cole, for the purposes of this DPA, began his reporting in 2006, after management at AIG (in particular at the AIG-FP group responsible for credit default swaps) was trying to limit the company’s exposure to losses as a result of the increasing vulnerability of the US housing market. AIG’s failure to implement a system of internal controls prevailed during the period that AIG-FP exposed the entire firm to the catastrophic losses that would not become publicly visible until 2008. Although Cole was on site in board meetings and in the Compliance Office as the company began reckoning with the financial damage done by the AIG-FP group, these actions completely escaped his notice and are mentioned in his reports only after they have been covered in the press in September 2008.

The first group of recommendations (August 2007) produced by Cole deal specifically with the responsibilities of the Chief Corporate Compliance Officer and the Office of Compliance. This office was run first by Kathleen Chagnon and, after Chagnon was terminated, by Suzanne Folsom. Cole lists the types of risks to which AIG was exposed (market risk, credit risk, strategic risk, reputational risks, and operational risk). The CRS report observes:

“One could argue that AIG’s collapse in 2008 reflected a failure to manage any of these risks successfully. The Independent Consultant’s report, however, does not include specific recommendations for managing these financial risks; rather, it deals with the processes by which risk evaluations at the individual business unit level are passed up the chain to the corporate risk management staff and how the central staff works with the local unit to design appropriate risk controls.”

The report, it seems, deals with form rather than substance.

With respect to internal controls, the Cole reports seem unrelated to the actual deficits at AIG. In a 2004 filing, AIG reported a material weakness in the integrity of the control environment. In effect, senior managers could override controls and complete transactions without oversight. Cole’s recommendation for addressing this issue was to direct AIG to prepare “reliable, accurate published financial statements” (August 31, 2007 Recommendations of the Independent Consultant, p. 7).

In 2004, AIG also identified a material weakness in accounting for risk transfer. Cole’s recommendations do not address this issue directly either. Instead, it instructs AIG to:

“[E]nsure that accounting decisions follow GAAP (Generally Accepted Accounting Principles) and company policy, are properly documented, that accounting for significant non-standard transactions is approved by the Office of Accounting Policy, and that staff is properly trained, receives appropriate feedback, and is sufficiently monitored” (August 31, 2007, Recommendations of the Independent Consultant, pp. 20 – 28).

Cole’s own report (4/10 Interim report) on the IC’s activities portrays a much more active and effective performance:

To conduct this examination and review process, as well as to assist him [Cole] in overseeing the creation of implementation plans and overseeing AIG’s implementation of those plans, the Independent Consultant enlisted Bryan Cave attorneys with the expertise in the appropriate subject matter areas and engaged consultants from Eisner LLP, Huron Consulting Group Inc., and Tiller Consulting Group, Inc. Each substantive area was then assigned to one of the following teams to facilitate the examination, reporting, implementation, and monitoring processes required under the Consent: Compliance, Records Management, Corporate Governance, and Remediation (collectively “the IC Teams”). Broadly speaking, the examination and review of each IC Team consisted of three steps. First, the IC Teams obtained an understanding of the current status of AIG operations applicable to their assigned subject matter areas. Second, the IC Teams compared the current status of AIG’s operations to industry… Finally, the IC Teams developed best practice recommendations. As noted in the Recommendations of the Independent Consultant to American International Group, Inc. dated August 31, 2007 (the “August 2007 Report”), some of the recommendations encompassed policies, procedures, and controls that AIG had stated were already in place. These recommendations were nevertheless included in the IC’s August 2007 Report and in subsequent IC reports to ensure the monitoring of their continued application at AIG.

As the CRS report points out, however, the best practice recommendations of the IC teams appear virtually unrelated to any real assessment of the status of AIG’s compliance, legal and regulatory practices.

In effect, it appears that the influence of the Independent Consultant and his Independent Consultant Teams was minimal on the corporate practices at AIG during the time that the corporation was attempting to address (and conceal) the most serious lapses ever experienced in risk assessment and internal controls. And the consequence of this performance: Cole’s name surfaces as the likely nominee for the post of Deputy Attorney General at the Justice Department.


Beatrice Edwards is International Program Director of the Government Accountability Project, the nation's leading whistleblower advocacy organization.