FCPA Compliance and Ethics Blog

April 7, 2015

Rolling Stone’s Rape Story Retraction: Lessons for the Compliance Practitioner

Rolling Stone Magazine LogoThere are only a very few magazine articles that have radically affected me when I read them. Nick Hornby’s account of a group of soccer hooligans, where he chronicled when they traveled to and briefly took over the Italian city of Turin in 1982; Jack McCallum who profiled Jerry Sandusky after he retired from Penn State University and began his fulltime work at the Second Mile organization in 1999; and Sabrina Rubin Erdely’s piece in Rolling Stone last fall about an alleged gang rape and its aftermath on the University of Virginia (UVA) campus. But as much as the first two articles moved me, it was Erdely’s article that sickened me. As a father of a teenaged daughter about to head off to college, I certainly did not want her in any such place.

This weekend, Rolling Stone magazine retracted its story about the rape at UVA and released a full copy of the internal investigation of the story by the Columbia School of Journalism Dean Steve Coll that detailed Rolling Stone magazines reporting missteps and its failures to engage in the most basic of journalistic techniques before it published the story. The New York Times (NYT) had two articles on the story. An article by Jonathan Mahler, entitled “In Report on Rolling Stone, a Case Study in Failed Journalism, cited that journalism scandals fall into three broad categories. The first is “is pure fabrication, for which high-profile culprits include Jayson Blair (The New York Times), Stephen Glass (The New Republic) and, going back a little further, Janet Cooke (The Washington Post).” Next “is the act of plagiarism (culprits too numerous to list).” But the UVA piece fell into a third category, “lack of skepticism.”

In the second NYT article, entitled “Rolling Stone Article on Rape Failed All Basics, Report says, reporter Ravi Somaiya wrote, “The Columbia report catalogued a series of errors at Rolling Stone, finding that the magazine could have avoided trouble with the article if certain basic ‘reporting pathways’ had been followed.” What was the central flaw in the way Rolling Stone handled the story? First, and foremost, it did not interview any of the three persons the victim named that she told about the rape. Rolling Stone printed the victim’s tale without bothering to check with them. While it is not clear, apparently Rolling Stone did not even try to substantiate the underlying charge of rape by the victim in any manner other than interviewing her seven times.

Mahler noted, “On the most basic level, the writer of the Rolling Stone article, Sabrina Rubin Erdely, was seduced by an untrustworthy source. More specifically, as the report details, she was swept up by the preconceptions that she brought to the article. As much casting director as journalist, she was looking for a single character with an emblematic story that would speak to — in her words — the “pervasive culture of sexual harassment/rape culture” on college campuses.”

Coll in an interview on NPR said that there was a failure at Rolling Stone magazine up and down the line. There was a failure by the reporter’s editor and the Managing Editor for not insisting on the basic questioning of the holes in Erdley’s stories and failures to follow basic reporting protocols. Also the Fact Checking group at the magazine did not insist strongly enough that its concerns be addressed or those concerns were rejected by the magazine’s management.

What I see is a failure of process. This failure led to repercussions immediately for the fraternity involved, which was falsely accused of having its members gang raping a co-ed and to the tarnishing of UVA. But the long-term repercussions for Rolling Stone magazine and the reporter involved, and even the reporting and conversation around sexual assaults on college campuses. In his article Mahler cited Nicholas Lemann, professor at Columbia and the journalism school’s former dean, who “distributes a document called “The Journalistic Method” in his classes”. This process is similar to “investigating a scientific phenomenon. “It’s all about very rigorous hypothesis testing: What is my hypothesis and how would I disprove it? That’s what the journalist didn’t do in this case.””

For the compliance practitioner there are several clear lessons to be drawn from this horrific scandal. Most people have somewhere heard the journalistic technique of a second source to confirm information. It was enshrined in a scene from the movie version of All The President’s Men. In any process there must be validation of said process. You can easily remember this as ‘a second set of eyes’ on any process, compliance or other. It acts like a second source in that it validates the original information.

In the more formal world of internal controls, it is called ‘segregation of duties’. This technique acts to require a double check of any action by requiring a second set of eyes to take a look at an issue. In business the separation by sharing of information with more than one individual in one single task is an internal control intended to prevent fraud and errors. In the IT world this is called redundancy. It is generally recognized there are several techniques that can help to enforce the segregation of duties. They include:

  • Audit trails recreate the actual transaction flow from the point of origination to its existence on an updated file.
  • Reconciliation of accounts and an independent verification process is ultimately the responsibility of users, which can be used to increase the level of confidence that an application ran successfully.
  • Exceptions are handled at supervisory level, backed up by evidence noting that exceptions are handled properly and in timely fashion.
  • Continuous controls monitoring should be maintained, which record all processed system commands or application transactions.
  • Supervisory review should be performed through observation and inquiry.
  • Independent reviews, which follow a prescribed procedure to detect errors and irregularities.

In addition to these segregation of duty lessons for the compliance practitioner, the Rolling Stone scandal provides one additional clear, concrete lesson. As Paul McNulty would say in No. 3 of his McNulty’s Maxims What did you do about it? Unfortunately for Rolling Stone the answer to that query appears to be not much. Not only were none of those directly involved in the article even so much as disciplined, Rolling Stone sees no need to change anything in its reporting or editorial process based on the lessons laid out in the Coll Report.

In an article in the online publication Slate, entitled Despite Damning Report, Rolling Stone Will Continue “To Do What We’ve Always Done.” Are They Serious?”, reporter Hanna Rosin wrote, “Rolling Stone’s editors are “unanimous in the belief that the story’s failure does not require them to change their editorial systems.” Are they serious? Did they read the report?” She also reported that Rolling Stone, “ended by saying they don’t need new ways of doing things; they “just have to do what we’ve always done and just make sure we don’t make this mistake again.” And Coco McPherson, head of fact-checking, said, “I one hundred percent do not think that the policies that we have in place failed. I think decisions were made around those because of the subject matter.””

All I can hope is that companies subject to the Foreign Corrupt Practices Act (FCPA) do a better job of learning from the Rolling Stone fiasco than Rolling Stone appears to have done.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2015

Blog at WordPress.com.