288 comments

[ 2.5 ms ] story [ 846 ms ] thread
The only thing I wonder about here is how it's possible that the infosec/GRC team didn't notice this.
I mean, what do you do if you notice this?
Back when I worked for BT an anonymous letter from "a friend" to the internal security team was one option.
By following the basics of ISO27K1, for example:

Good infosec teams keep inventory of all the software used in the org. If they see that the org already pays a vendor for software doing X, a question should be raised, why we need another one for doing the same thing.

Also, each new vendor or software provider needs go get a "security clearance", after the infosec teams checks their state of security.

These kinds of practices would probably discover the shady intents.

Or the Accounts / CFO /Audit departments.

This sort of fraud is quite common in white collar crime

As a financial auditor I've no idea how we would pick this up. It wouldn't hit the books of the company at all. We would research board members and check their other directorships but that only covers executives and their formal relations. It would be more likely to be picked up by the auditors of the company offering the bribe (what's this payment for?).
I was thinking the internal controls that audited contracts, not external auditors.
How do you notice this? If the man is the ultimate arbiter of what does or does not get purchased, you don’t know why right?
A sensible company has internal audits and checks and balances.
Not sure how the law works in said jurisdiction but shouldn't the companies that bribed him also see some punishments? I see some rather prominent names in the list of vendors who chose to "pay to play".
My question as well. Similarly when corporations bribe politicians.
Obviously not the same jurisdiction, but this is how it works under UK law. Interestingly it also applies to representatives of that business working abroad which makes certain types of business very difficult to conduct (for example, moving freight in countries where bribery is routine: pay the bribe and you've broken UK law, don't pay the bribe and your product sits in the port waiting for spurious customs paperwork for months).
It is illegal for anyone working for an American company to bribe anyone in any country anywhere.

Work for a big enough company and you will be told that at least once a year in “training.”

Observe big American companies doing business all over the world and you will conclude the law is... selectively applied.

I’m not sure, but I would guess this is advantageous to the US government in that US companies are allowed to compete globally but there is a wink-wink nudge-nudge acknowledgement they could be prosecuted at any time if they don’t play nice with Washington on other issues.

It really depends on the bribery you are talking about, there's definitely some exceptions enshrined when you pay to grease the wheels for normal actions.

http://s3.documentcloud.org/documents/515229/a-resource-guid...

The FCPA’s bribery prohibition contains a narrow exception for “facilitating or expediting payments” made in furtherance of routine governmental action.159 The facilitating payments exception applies only when a payment is made to further “routine governmental action” that involves non-discretionary acts.160 Examples of “routine governmental action” include processing visas, providing police protection or mail service, and supplying utilities like phone service, power, and water. Routine government action does not include a decision to award new business or to continue business with a particular party.161 Nor does it include acts that are within an official’s discretion or that would constitute misuse of an official’s office

Its best to punish only one side of a bribe arrangement -- usually, the one granting access in exchange for cash. The reason is that the more parties that have a strong incentive to keep the bribe arrangement a secret, the more likely it will remain a secret. This is especially true with poorer countries' police forces. If you punish the guy trying to get out of a traffic ticket, you just cement the corrupt cop's power. What you want to do is turn the bribe-taker's position into a very lonely one.
This is, quite literally, how every It department is supplied. Some exec gets a BJ and a free trip and you get a terrible product you’re supposed to fit into your infra.
Maybe in the dotcom market, but when it really maters, NO. And that's why for example Mainframes will exist for a long time if not forever.
This is effectively how 100% of medical deals got made.
Well i was talking about "traditional IT" hence the Mainframe thing (Finance etc.).
Why do you think they chose the mainframe vendor (presumably IBM if it is still around) in the first place?
Reliability, predictability, compatibility...cost is not really important, and bribery is not a good idea in the Banking Industry.

>IBM

Or Fujitsu

IBM has very strict rules about anyone (below a certain but unspecified level!) offering or accepting anything at all. IBM employees you might meet are not allowed to so much as buy or accept lunch at a conference.

The general rule for US corruption is that it is concentrated at the top. Grift at lower levels amounts to stealing from your superiors; you should be getting hand-downs, not going freelance.

But US corruption has moved toward making it all legal at the top level; thus, "cost overruns" and "waste", all indictment-proof, because they are right there in the contract. So on any random tunnel, nuke, or weapons system, 10-25% is for the result and the rest goes discreetly into pockets. Top pockets. Ultimately, the latter motivates the project's organizational sponsors, and the project itself is just cover.

VC firms designate a few winners and lots of loser startups. The losers are then milked, "placing" executives who then spend on designated services. In the '90s these usually included Oracle licenses at $500k and up, a certain "e-commerce platform" (name forgotten), and recruiting agencies. It seems like there are a lot more outfits to siphon money than before.

(They fund losers because they are contractually obliged to place a certain amount of money in a fixed timeframe. When not enough winners show up, thd rest has to be placed on losers. Also, graft.)

> VC firms designate a few winner and lots of loser startups. The losers are then milked, "placing" executives who then spend on designated services.

This explains so much.

The new things must be cloud, auth, and HR platforms.

One reason solar and wind projects generally finish on time and budget, and why solar and wind costs keep dropping, may be that there are so many idealists involved. It might take decades to drive prices back up, even after the idealists are disposed of. In the meantime, those industries are not very lucrative for grifters, anyway until you get to SolarCity scale.
> IBM has very strict rules about anyone (below a certain but unspecified level!) offering or accepting anything at all. IBM employees you might meet are not allowed to so much as buy or accept lunch at a conference.

...in the US. In Poland IBM was caught bribing a government official a couple years ago.

Ah, but was it by anyone you might meet? Or someone above that certain level?
It was a local "sales director" (which in many companies is a title given to pretty much everyone doing enterprise sales).
Not everybody follows the rules. Not everybody who breaks them gets caught.
In 10 years I've never seen this happen in finance. Quite the opposite in fact: gifts bigger than a cup of coffee must be reported.
Nobody know's what is not declared. The Pentagon had a problem with defense contractors getting around the rules by instead holding elaborate dinner parties. They since cracked down on it. The rules still allow some scope for these kind of gifts. [0]

In the private sector it is not unheard of for a salesperson to drop 5 figures on champagne. If salesman from firm A is willing to give an exec or buyer a night to remember once or twice a year, with booze costing one or two weeks salary before tax, and the salesperson from firm B simply sends a "happy holidays" card once a year, it can easily sway that exec even if they believe they are unbiased.

[0] https://dodsoco.ogc.osd.mil/Portals/102/gifts.pdf

"This extremely cheap knockoff of a 17th century highly valuable ceramic pot is only valued at $45, which happens to come in $5 under the allotment for bribery in your company policy"
(comment deleted)
Netskope has an awfully big list of customers (https://www.netskope.com/customers) despite having a product that is absolute crap for the end users. I cannot imagine why any executive worth their salt would decide to purchase it without some form of incentive.
What's that quote about not mistaking incompetence for malice?

Also, there is always about 10 times more legacy shit than decent new software in any org. That's the ultimate goal for many companies: not even good (let along best) quality but essential because we built something a decade ago to go with it and no one wants to undo all that convoluted undocumented bs. It's sad and I think tech people like me don't "get" it. But it's actually a much better business model than making good software and competing on price/quality.

I worked for plenty of good and shitty software companies. I've never seen bribery. I have seen shitty companies win because they're bigger or older or what was used last time or more polished at speaking to execs who know nothing. One place I worked at made most of its sales because we were a subsidiary of a stock exchange. So people assumed we were safe and competent (we weren't). "No one gets fired for choosing IBM" AND "No one gets a bonus for choosing something better but less well known, quite the opposite, they have to justify it"

Those customers ought to be looking at the process leading to purchase and wondering who got a bung in that process.
Serious bribes either don't look like gifts or don't even go directly to the person who is being bribed. There are "industry conferences" organized in expensive resorts. In a recent case in Poland a CEO of a company bought his apartment for approximately a half of the market price.

For the really big bribes there are shell companies, which the vendor hires as subcontractor to get "consulting services".

>In a recent case in Poland a CEO of a company bought their apartment for approximately a half of the market price.

The "CEO" in question is in practice political commissar of the ruling party.

(comment deleted)
Yes but they still cannot be too open about corruption.
Probably because finance people know to not accept such obvious bribery.
Zed Shaw talked about "steak & strippers" during his ACL talk https://vimeo.com/2723800

I guess this executive decided to go a bit beyond the normal practices.

No it's not. What he did was vastly different. He basically got revenue sharing with the vendor - he opened a company and got a certain percentage of profit the vendor made from netflix sent to his company.

In some he personally got shares.

I'd laugh, but this is how we ended up with BMC service desk shoved down our throats at a very large insurance company I used to work for. Not sure if there was a trip though.
IT giants bribe officials on a regular basic by offering them seats on the board, for instance, or as speaking fees at company events.
That's exactly what happened at Telstra (Australia's largest Telco).

Big exec launches a project costing something like 2 million dollars and two years to make an already working piece of in-house IT infrastructure reliant on a third-party product that charges per API call.

The project finishes up, then he quits and joins the board of the company that provides said third-party product. Next exec comes along, realises that they're spending a million dollars a year on unnecessary API calls, spends another two years and two million dollars to rebuild a new version of the old system.

The naughty exec won't be offered another job at Telstra, but got away scott free because Australian law regarding white collar crime is toothless.

I've seen it with Salesforce at least two times, of course not a board seat but the exec joining SF in a comfy role after launching a very expensive project at the company the exec came from. Could be that they were so impressed collaborating with Salesforce that they immediately before the project even ended wanted to join them, but it at the very least smells fishy.
Or by organizing a congress and bribing everyone with free devices (tablets/phones), like Microsoft has been doing with the french Ministry of Education for about a decade.
Regardless of the perpetrator at Netflix to be named as one of the companies implicated in this is also very damning. I have looked at all the suppliers and added them to my black list. Fortunately I have never worked with any of them so I don't have to cancel anything.
My lack of surprise sadly exceeds my indignation.
The surprise here is that this person got caught. (And don't take me wrong, I'm very happy this happened)

The bigger companies will also bully you and "tell" you to your boss because how dare you don't buy their overpriced POS from that big company.

Are they indicting the companies that did this as well?

Be very aware if you're a founder, I wouldn't hire people with even a vague connection to those vendors and would watch out for purchases.

> The bigger companies will also bully you and "tell" you to your boss because how dare you don't buy their overpriced POS from that big company.

A particular company came to my mind reading this.

It starts with an O.

The 'O' company with more lawyers than engineers?
LOL what a moron. Was making north of $1 million a year at Netflix most likely, now he’s going to do 10+ years in the slammer and lose his house.
And now remember he was VP of ops. It's always the psychopaths that get the corner office.
Imagine the world we would live in if crime would pay, even if one be caught for it.

The plan by which most criminals enter crime, entails not being caught.

> entails not being caught

No, they calculate the cost of being caught and factor that into their margins.

Only problem for them is if they get more time they calculated they would get or that their estate gets confiscated (and LE found where they stashed everything).

Really skilled execs get kickbacks for products they planned to use anyway, and do not get caught.
There are other ways. Just ask people with the right skillset and experience. There are entire industries built around this in certain countries.
Really skilled "exec" fraudsters aren't stupid enough to ask for money or gifts while they are on the job. They will wait until they change occupations to cash out legally. For instance Business B bribes individual A with future speaking engagements, a seat on their board or another executive position. This Netflix IT exec was too greedy.
At a certain level, nobody is asking for anything. A lot of things are negotiated without even mentioning the subject directly. When two people who understand such nuances find each other, it works seamlessly and without evidence.

As for waiting to cash out, there are always ways: everybody has a favourite nephew or college friend, who has an IT consultancy/marketing firm/charity/pet zoo/whatever.

Michael Kail, the Netflix exec convicted by a jury trial, had kickback agreements with the following vendors, according to the article:

- Netenrich (and VistaraIT, wholly owned by Netenrich)

- Platfora

- Sumo Logic

- Netskope

- Maginatics

- ElasticBox

- Numerify

Any missing?

Sumo Logic sales once sent me a targeted email asking if I needed help getting the most out of my AWS S3 Load Balancer logs. The creepy part is I just created an S3 bucket the previous day that had the strings “load balancer” and “logs”. They must be scanning S3 bucket names for key words and maintain or pay for a list of AWS account id mappings to likely owners.
Maybe. But I’d also guess your browser history in the lead up to / around the creation of those buckets would also indicate that you were in the process of managing load balancer logs.

Free dev content exists to educate / onboard to product. It’s utilised in exactly this manner to determine what & when a developer is trying to achieve. And then sell them on suitable solutions.

or AWS sold them rough sketches of your activity.
It was surprising to see SumoLogic there... I used them in a previous company and the service was generally good. Sad to see they subscribed to such shady practices.
Or they're bribing one of your colleagues for information about what you're doing.
Sucks to hear that employees saw Sumo underperforming. I used it at my last place, and while it has a steep learning curve, it's incredibly powerful. I thought it was the premier enterprise logging/monitoring platform.
Sumo in 2012 was two years after founding, a lot of things likely improved over the years.
I wonder... what's the actual crime here? I don't know how US law works. In my country there is no "bribe" in the private sector, it's probably still not allowed in some cases (certainly publicly traded companies), but I'm assuming Netflix wasn't a public company during that time. Can someone explain?

If a director is given freedom to make certain purchasing decisions on behalf of a company (private company at that point, I assume), why specifically is it a criminal offense in the US to be rewarded money for it? (I don't mean money laundering i.e. hiding source of income, I mean the actual "bribe")

[Edit] I did just find out that my country also has "management bribery" as a criminal offense within the private sector.

Was wondering the same thing. The article mentions the suit is Netflix vs the exec, so this will at least be breach of contract.
Their standard employee agreement must include a set of clauses relating to conflict of interest.
There may indeed by a Netflix vs. the exec, but this article is United States vs. the exec. Fraud is a crime. Wire/mail fraud is a federal crime.
The article says "wire fraud, mail fraud, and money laundering". So basically he used telecommunications/the Internet and the US postal system to defraud his employer, and then laundered his dirty money (I assume using the family trust mentioned in the article).
It might give you a better overview to go straight to the source: https://www.justice.gov/usao-ndca/pr/former-netflix-executiv...

It outlines that Michael Kail was convicted of wire fraud, mail fraud, and money laundering, so it seems the "preference of products for payments" was just a small piece of the puzzle here.

He was defrauding his own company by rigging the selection process. The kickbacks are explicitly stated as the core of the case on the DoJ site.
Frankly, being convicted of wire fraud, mail fraud and money laundering might as well be an acquittal.

The wire fraud and mail fraud statutes are written to be vague enough that basically existing is a violation, money laundering is existing with money.

If they had real crimes they would have charged them, this is just some "because I don't like you" political bullshit.

Are you saying he didn't commit a crime or he shouldn't be held legally responsible for what he did? I don't see how your view is consistent with anything else.
I don't really know enough about what happened to have an opinion on it, and neither do you, but the media's told you to hate him, so here we are I guess.

Moving on, what I actually said, and what I actually meant, was that those laws are incredibly vague and have been used to convict more or less everything under the sun except actual wire or mail frauds.

If a conviction involves only wire, mail, and money laundering charges then it is because the only guilt that could be proven was axiomatic.

Pardon me for pausing a moment to ponder before picking up a stone and joining you.

So, you admit there is such a thing as wire and mail fraud, and those laws should exist, and yet if someone is convicted of those crimes it is automatically because they couldn't convict them of another crime. And you don't know enough about this case to make a judgement and yet the only reason they convicted this person of this crime is because it is "axiomatic." You aren't convincing me these are bad laws from this argument.
I'm not trying to, either.

Read the laws or remain ignorant, I don't care.

There are many jurisdictions where this would be a tort, not a criminal matter. Being sued into the ground is another way to be held legally responsible. It is a reasonable question if this is the best use of scarce criminal justice resources.
Enough people like him could damage and eventually destroy many American companies, I'd think. That'd create unemployment and weaken the country, so seems to me it's something worth to try to stop and discourage, from the DOJ's point of view, even if the company doesn't want to sue? Netflix even withdrew their lawsuit -- but then the DOJ continued anyway (if I understood correctly) good that they could do that I think
... Wait, are you suggesting that everyone is doing fraud and six figure money laundering?
(comment deleted)
(comment deleted)
Yeah I don't think there's a crime here, not in a legal sense. I work at a large software company where doing this is prohibited by contract and you can be dismissed due to it, but I'm not aware of any legal problems outside of this.
The US and most countries have very strict anti bribery laws
Yes , but when bribery takes the form of lobbying those laws are useless.
For public sector, absolutely 1000%, very illegal.

However, please point me to a law that says it's illegal to give a gift from one private company to another for any kind of advantage.

> However, please point me to a law that says it's illegal to give a gift from one private company to another for any kind of advantage.

Company B,Z or X didn't gift Netflix, they gifted a Netflix employee who then defrauded the company he worked for of its money, in exchange for these personal gifts and money. The "defrauding" part is his hierarchy not being aware of that arrangement.

It's called fraud and it's illegal. It's so illegal it is a federal crime.

> It's called fraud

Is it really just counted as fraud in the US? Here in the UK, bribery is a different offence from fraud.

In most countries there are laws for dealing with breach of trust, which covers all kinds of damage that a person can do when hired to manage someone else's company.

So my guess is that while bribes in private sector are not illegal per se, you can still go to jail for the decisions made as the result of taking the bribe.

In california at least, private sector bribery is explicitly a felony.

On the federal level you get charged for using mail or telecommunications to lie for financial gain or for hiding the source of the money.

I believe that as an employee of a company charged with setting up relationships to support the delivery of revenue you have a duty to fairly and openly select the offers that are in the best interest of your employers without considerations for yourself.

If you accept considerations for your own interest - like payments or offers of subsequent employment and so on, then you are defrauding your employers. Since the payments mean that effectively there is a transfer of money from your employer to the contractor and then to you I believe that this is also a kind of theft.

At the least, it's dishonest - unless your employer understood you were doing it - in which case it's a kind of hidden remuneration I guess.

It would be tax evasion at minimum, unless you declared everything in your tax return.
I’m not sure he was a c-suite executive. So, likely no fiduciary responsibility.
In the US legal system individual states and the federal governments both have enforceable laws. This case was federal and it boils down to “fraud” of a few types which comes down to lying for financial gain and “money laundering” which involves hiding the source of money.

California though (but it doesn’t seem this was charged by the state) explicitly has a law criminalizing commercial bribery where if you take money secretly and privately to make a decision at your job, you have committed a felony.

it looks like the crime is not so much that he accepted bribes but how he did it.

For example if a company came and gave him §10000 in hand and he reported in on his taxes he would probably be alright but reading the article I can see he was found guilty of multiple cases of money laundering - like you indicated that is against the law not the 'bribe' per se, furthermore he got convicted of fraud - I think because as it says

"To facilitate kickback payments, the evidence at trial showed that Kail created and controlled a limited liability corporation called Unix Mercenary, LLC," the DOJ said. "Established on February 7, 2012, Unix Mercenary had no employees and no business location. Kail was the sole signatory to its bank accounts."

So basically the company he created was involved in fraudulent activities.

There may be other forms of fraud involved here - for example if he said to Netflix I think we should use X because it is the best but he actually wants to use X because he is getting 10000 for it - I could envision a law being written in such a way that it could be interpreted as him defrauding Netflix of 10000 worth of value.

on edit: I can also see in the article it says "When an inquiry from the Netflix CEO ensued, Kail falsely denied that he was formally working with Platfora. Kail resigned from his advisory position at Platfora the next week." so he explicitly stated he was not doing something while getting value for doing that thing - that would generally be considered fraudulent.

You can't lie to your employer about receiving money from another company in exchange for preferential treatment. That's the definition of fraud. So, yes, receiving the bribes was absolutely illegal
But is that money laundering?
It is if you try to disguise the source of that bribery income as something else in order to declare it as income.
> But is that money laundering?

fraud isn't money laundering, however cashing out fraudulent gains by using a corporation is the textbook of money laundering.

> Kail set up a corporation to receive bribes from Netflix contractors, the DOJ said.

The article is quite clear about that.

>You can't lie to your employer about receiving money from another company in exchange for preferential treatment.

but can you receive money from another company for preferential treatment and when asked by your employer say yes, I did it? If you can do that then can you lie by omission? I think these things might depend on the jurisdiction, but I guess this was federal so easier to figure out.

Actually in Anglo Saxon employment law its very "naughty" as lawyers put it :-)
> "When an inquiry from the Netflix CEO ensued, Kail falsely denied that he was formally working with Platfora. Kail resigned from his advisory position at Platfora the next week."

Apparently he lied to the CEO for personal financial gain. That's fraud, isn't it?

> I wonder... what's the actual crime here? I don't know how US law works.

Fraud and money laundering - it clearly says so, in the second paragraph in the article:

> Michael Kail, the ex-Netflix executive, was convicted by a federal jury of wire fraud, mail fraud, and money laundering.

My point was I didn't understand why making a decision that gives a manager an extra (hidden) benefit is a crime - i.e. it's not money laundering (money laundering is misrepresenting the source of money, right?, and "wire fraud" and "mail fraud" is too elusive to me - it's a name, not an explanation of the nature of the wrongdoing :)

It's clearer now.

I see this happening all the time. Our chief architect got a few trips to SF with hotel, lots of swag and now we all have to use this crappy data analytics tool. A manager got an invite to speak at a conference which was a disguised sales pitch, and a month later we switched static analysis tool. The former was working fine. Would be interesting to know if he's liable for that.
It's interesting that the line between cargoculting a product and outright being bribed is so thin apparently. Maybe this conviction will make people think twice in the future before cargoculting, but that's probably just wishful thinking.
That's not the same though. Flying someone out and putting them in swanky accommodations for a product pitch is fine, though I think the line is gray here. Like flying out to the office makes sense. Flying you out to the Bahamas at an all inclusive resort for 7 days with your family for a product pitch? Maybe that's getting on the disallowed side.
Wait so if the products actually worked as expected then he would not have been caught/found guilty? Why is Adam Neumann not also facing prison time for leasing his own building/selling "we" to wework?
Because this is common practice. The business owner my dad worked for "leased" the building and warehouse from his son.
Owner is a relevant point. If you funnel shareholder/co-owner money to you that's a problem, if you entirely own the company that argument goes away.
Yeah, probably not unethical from that standpoint. My dad seemed to think it was some sort tax avoiding inheritance scheme.

I guess my question would be, is there a point where it does become illegal even if there was an individual owner? Is there a threshold where leasing at higher than market rate becomes illegal?

Why would it be illegal to pay yourself more than market rate?

In the US, you typically want different entities owning the real estate versus the ones operating the business for liability and tax purposes. The IRS treats owners' basis differently based on whether the income is due to passive (real estate rental) or non passive activity (operations).

Why? Idk that's why I'm asking.

And your comment didn't help clear anything up other than getting across that you are obviously superior in the field of tax law.

Thanks.

Wasn't that one of the issues with WeWork, the company leasing estate owned by it's founder ?
It doesn't make it any less shady/unethical.
Because this exec received cash and stocks to approve contracts and purchasing of licenses.

It's okay for a business to purchase services from another business and for both businesses to be run by the same person or family. What's not okay is for someone in one business to receive cash and stocks from another business, completely separate from any contract or employment agreement, in order to approve a contract between both businesses especially if this is not disclosed to the person's employer

Because Adam Neumann did it openly and followed the law? If Netflix VP disclosed company affiliation and kickbacks to Netflix and Netflix was fine with it, it won't be a problem.

At much smaller scale, engineer on my team had brother who owned business organizing offsites/company retreats. Engineer suggested we use his brother company for our team offsite (and told what a cool rope courses they do) and disclosed affiliation (that he is his brother). After that I checked websites, looked at other options and decided to go with engineer's brother company. I email HR just in case and it was totally fine. Key was that I (unaffiliated with brother company) made final decision and disclosure of relationship. Event was a blast and frankly I feel that we got more than we paid as brother worked extra hard to make sure everything went smooth and cool.

I recommended that company to other managers and I know that a few other teams had events with them. At this point it was twice removed (those managers did not even know engineer on my team) and no disclosure was necessary.

Disclosure is key.

If something were to go wrong on the retreat would you think there would be a risk of the relationship being of legal consequence?

Don't mean to sound like a clown but You know what I've noticed? Nobody panics when things go "according to plan." Even if the plan is horrifying!

Go wrong as in retreat was boring? I guess I will trust judgment of that engineer a bit less but otherwise I can't think of any consequences.

Go wrong as in somebody died? Pretty sure conflict of interest will be about 10th thing anyone will worry about.

Go wrong as in rafting guide bantering sexist jokes? Happen to my team without any conflict of interest. Asked him to stop as soon as I heard it, reported to HR, explained situation and nothing came out of it. Again I can't imaging conflict of interest will change anything here.

I think "forced" is a strong word here for making a purchasing decision.
This is present in any sufficiently large organization. I have seen people getting fired over it multiple times.
It's not that I mind being bribed. It's that the offers are insultingly low.

A coffee mug in exchange for an appointment.

A lunch coupon in exchange for an appointment.

A USB flash drive in exchange for intelligence about the company.

A "chance" at an iPad in exchange for filling out a 12 page survey.

These just don't cross any reasonable risk/reward threshold.

Did this person get offered multiple years of their salary, or did they not do any thinking at all?

The miniscule value of those items is exactly what makes them -not- bribes.
Legally, yes. Functionally, they still work.

https://www.nytimes.com/2009/05/19/health/research/19beha.ht...

> A study reports that students from a medical school where such gifts are allowed had a more favorable attitude toward a cholesterol drug than did students from a school where they are banned.

> Although hospitals have long discussed what restrictions to place on the more valuable offerings lavished by drug companies, the researchers, whose study appears in The Archives of Internal Medicine, suggest that no gift is too small.

I think there's a decent argument that 'bribe' still isn't the most applicable category. The gifts are certainly used as a manipulative tactic, but if their value is trivial and they are given unconditionally, maybe they have more in common with practices like hiring attractive representatives and instructing them to be friendly when pitching a product (and also with ordinary advertisements; part of the point of those free pens is simply to get a name or logo into the doctor's head). They're tactics to give the product a positive sheen and 'earn' some goodwill and familiarity, rather than items of (non-trivial) material value used to incentivise the desired behaviour.

edit: I'm thinking of practices like the one referred to in the nyt article -- gift-giving to doctors by drug manufacturers. The top-level comment that started this chain did talk about items offered as part of a direct exchange, which is different.

Then why do the companies give them out?
> ultimately received over $500,000 and stock options from these outside companies.

$500,000 seems like probably a little less than one year salary for a Netflix VP. But then again people have been known to engage in fraud for much less.

500K is a year's salary for a senior SWE there. I imagine VPs are making well above that.
It was about 10 years ago though, maybe Netflix salaries were lower back then
Perhaps he gambled on the options being worth more. I don't know about all the companies mentioned, but Sumo IPO'd last year.
The amount of RSUs that a VP at Netflix would have been awarded 2011-2015, the years this guy was there, would now be worth about 20 million dollars.
Well, that's for the one company he got caught accepting bribes for. The article lists at six other companies he was receiving kickbacks from. And the fact that he set up an LLC in his own name demonstrates just how comfortable he was with all of this.

All told, I wouldn't be surprised if he banked tens of millions over his career before getting caught.

you can buy a US senator for a few thousand bucks.
This has been tested experimentally in a way and nearly everyone offered accepted a bribe, one that didn't said "not at this point" and only one reported it.

https://en.m.wikipedia.org/wiki/Abscam

Why doesnt the FBI do such sting operations these days?
probably because it worked so well last time.
(comment deleted)
"In the wake of Abscam, Attorney General Benjamin Civiletti issued "The Attorney General Guidelines for FBI Undercover Operations" ("Civiletti Undercover Guidelines") on January 5, 1981."

Short answer: The AG made it much harder to do that sort of thing.

At least the Snap-On or Redlon Johnson salesmen would bring in donuts or sandwiches. Then again, a full kit of Snap-on tools probably costs more than some companies' AWS spend for a year...
Welcome to the old boys network, same as it ever was. This isn't marketing, its corruption. The advantage of "knowing the right people" in this case was probably half of some of these companies value. You can say its always been that way and you'd be right, but I think its wrong, and ultimately bad for both customers and people who are forced to work with poor and broken tools.
Sounds like the entitled BLM network, they shake you down and if you don't pay they protest and kick your windows in.
No mention that those who paid the bribes were prosecuted.
Per the article, he was convicted of fraud and money laundering.

Depending on how it was handled, it might be that the companies that paid the bribes have enough plausible deniability to avoid prosecution.

That title is funny. I work at big nameless european telco and for the last 10 years that's exactly how I perceive the whole culture here.

Some higher up, either the CTO, CIO, or close to those roles, gets a pamphlet about some shitty product. And without listening to anyone buys it and forces all us techs to use it for a year or two before they move on to the next shitty product.

In one case we even had a CTO force a shitty product on us, speak very highly about it, only to quit and take a position at the vendor of the shitty product.

Yeah, the same thing in European banks. It gets quite obvious when executives in local branches start pushing for shitty products.

When I started working professionally, I always thought that eventually the best product wins. Then I was struck with this kind of reality, where the product with the biggest people network wins.

Similar thing ended up being true for me. Without a good support network, I won't end up anywhere even if I have above average abilities.

I find this to be an interesting thing about reading the Torvads–Tanenbaum debate, that both sides seemed to assume without much consideration that the best instruction set, and product in general, would always win.

With instruction sets in particular, there is a very large amount of inertia.

To be fair, Tanenbaum is an academic and Torvalds was not that far out of college. It's easy to be idealistic like that when you haven't been jaded by experience in the real world.
This also works in reverse. If you build an extensive ecosystem of "partners", then decide to cut them off, chances are these people will move on to something else and take customers with them, cutting you back to size. (Oh hai Oracle, I definitely wasn't talking about you, nope, nossir...)
Haha. In contrast to that, SAP is known for being very cooperative with SAP consulting firms - I guess that is part of their success.
It also sounds similar to how physicians prescribe medicines.
https://projects.propublica.org/docdollars/

https://www.frierlevitt.com/articles/service/pharmacylaw/pha...

> Last month, the United States Department of Justice (DOJ) announced a $39 million settlement agreement with pharmaceutical company, Daiichi Sankyo, Inc., resolving allegations that the company submitted false claims to federal healthcare programs by paying kickbacks to physicians to induce them to prescribe drugs. The DOJ alleged that Daiichi violated the Anti-Kickback Statute by disguising kickbacks as legitimate business engagements. Specifically, Daiichi engaged physicians as participants in various speaker programs, offering honoraria, payments, meals and other remuneration in return for the physicians’ services. The settlement agreement highlights the following activities which the DOJ found particularly offensive:

> 1. Honoraria was paid where recipient spoke only to members of his or her own staff in his or her own office.

> 2. [...]

that doc dollars is interesting, propublica does good work.
Not sure why people downvote it? Just because you don't like to hear it, it does not mean this is not happening. Doctors get paid cash and hospitality benefits (and in my country they don't even have to declare it). Pharma companies get sales reports from regions and reward doctors based how given region performs. Nothing is done about it, because pharma pays well to maintain the status quo.
The entire medical profession as it exists runs on grift and payback schemes. The reason why the medical industry is pushing out vaccines to the elderly is that their pharma cash cow would disappear if the number of 85+ year olds dwindled a few percentage points.
It seems like there are quite a lot of relatives/family members of doctors on HN. My wife is a doctor (and she hates most f what she sees in the way the medical field is run/operating these days), but I try to be impartial about judging them. The general emotion toward doctors on HN or any other Reddit forums is like they can't do no wrong or they are not evil or that they are smart (smarter than average) people (example that I just ran across today on Reddit's front page: https://i.redd.it/bjhk6ozyj7x61.jpg). That assumption/belief is very different from the reality. After observing and hearing so many stories about doctors (I have quite a lot of doctor friends/acquaintances in the US), my conclusion is that most of them are complicit in some of the things that is wrong with the US medical system these days.

A quick anecdote - my wife used to volunteer at a clinic in Chinatown. The doctor always get invites for lunch/dinner from medicine companies and she'd sometimes invite my wife to attend. I was extended an invite to one of them (the doctor knows me via my wife). It was hosted by a rep from Sanofi for the staff of the entire clinic (about 6 people) plus their SOs (including myself and the doctor's husband). There were a total of ~10 people at the dinner and the doctor gets to pick the restaurant so she picked one of the most expensive hotpot restaurants in Chinatown. We ordered lots of grade A beef slices and other expensive goodies. The rep, who is white, curried favors with the doc and the nurses/staff members all evening (to the point that I felt cringe at one point when she says something like this to an asian nurse, "I really like your Asian skin and hair; it's so smooth and glowing"). My estimate is that the dinner bill came out to at least $2000. That dinner, according to the doctor, happens every year with this particular company. Of course, I had to sign on a sheet (roll-call if you will) to acknowledge that I attended the dinner (I presume it's for the rep to reclaim expenses). I can only imagine how much/many drugs from Sanofi that the doctor is prescribing to her patients throughout the year.

Another anecdote - my host-family mom is a psychiatrist (the doctor type; not the other psychiatrist kind). She worked for a private mental institution near Philadelphia. There, they have about 20 mentally-challenged patients, 4-5 nurses and my host-family mom. I have accompanied her to there a couple of times and spent ~6 hours while she was touring and meeting with the patients. Both times, a rep from a medicine company brought lunch for the host-family mom and all the staff. Once was just pizza. Another time was some sort of sandwich and stuff. According to my host-family mom, that's pretty typical and they have about two or so such lunch from medicine company reps every week.

> Another anecdote - my host-family mom is a psychiatrist (the doctor type; not the other psychiatrist kind).

In the US, a psychiatrist is a medical doctor, MD or DO. The other kind is a psychologist, who are not medical doctors, and can only prescribe in a small number of states.

This is not unusual.

It also complies with law as long as the entire staff have access to the same perks as the doctor.

Morally ambiguous, but certainly within the law.

I can tell you most rank and file really love this

>I can tell you most rank and file really love this

Let them feel like they're getting something special and you can roll the safe out the front door.

Assuming the details of your story are accurate, that dinner violates a number of norms and industry standards.

Reps can pay for dinners where clinical presentations are made (educational events). Budgets are supposed to be capped and reasonable. Non-physicians are not allowed to attend.

Not saying your story isn’t true, just saying there are already rules around not doing those things.

Oh, and your sign in sheet will record how much was spent on your meal and it’s should be on the Sunshine Act website that is publicly accessible.

https://openpaymentsdata.cms.gov/search

> It seems like there are quite a lot of relatives/family members of doctors on HN.

Lots of actual doctors on HN. It's true, pharmaceutical companies do market directly to doctors. The most positive form of marketing for patients is when they provide doctors with free samples of drugs they were going to prescribe anyway.

In my country generic drugs are not always the most reliable option and having more trustworthy alternatives really helps. This isn't drug marketing speaking either, there have been actual newsworthy scandals involving "mismanagement" of taxpayer money meant to pay for the production of basic hypertension drugs.

It's a generalisation that I'm not sure is helpful. There's an unhealthy lobbying from pharma reps - true. But the scale of the problem depends on the country on the clinic, and on the doctor.

"how physicians prescribe medicines" is in my opinion a bit shitty way to describe it to be honest, because there's also the whole scale from outright fraud and pushing addiction, all the way to offering a specific type of what would be prescribed anyway. (With pharmacies offering substitutes and generics)

There are also regions which try to counteract this with, for example, forcing prescriptions to list the active ingredient rather than a brand of medication. (with fun sideeffects like meningitis vaccine taking ~6 lines to describe)

"We have serious problems with pharma influence" - yes. "how physicians prescribe medicines" - unless you qualify that with more information - it's FUD.

The scale of the problem in the US is something like 2 billion a year, so for us it's 1) serious corruption, and 2) the rule, not the exception.
It's not only in the US. In EU it's the same with some countries worse than others. There are doctors which do not pay for their vacation and prescribe almost only expensive medicines because "they are better as generics". This corruption is helped by the fact that a lot of doctors work in small clinics so they are easier to bribe.
> It's not only in the US. In EU it's the same with some countries worse than others.

[citation needed] [details needed]

Sure, there is some effect and there is high influence over specific doctors (https://bmjopen.bmj.com/content/7/9/e016408 for a good start). But the sweeping generalisations are not the quality of contents I expected here.

Or how politicians pass bills, then get $7M in "speaking fees" for delivering a talk for the group that benefits most from the bill.
Try running a practice with a disfunctional customer service team, insurances that make you do cartwheels to get paid, a billing team that keeps their performance measurement secret, ever changing regulations, random audits at all levels and from all directions, and patients skipping on their portion of the bill.

It should not be surprising that doctors choose the path of least resistance: they go with the salesperson that came to meet them for lunch

As someone who works in the field very little of this happens now compared to say 30 years ago. Hell, industry can’t even give pens now.

Yes, smaller companies will still blatantly break the law sometimes, but it’s rare versus decades ago where “perks” were business as usual.

Had similar experiences working at LatAm banks. I thought it was a third world thing.
Glad to know every place is equally subject to shitty practice.
Have you tried to report it to anti-corruption unit at your org? I understand sometimes they are on it as well and that can put your position at risk.
>to anti-corruption unit at your org

Do most companies have this?

A lot of the larger ones have a Code of Business Ethics and is a required training you take yearly. Either Netflix didn't have this, or this guy just didn't care.
In my experience, Business Ethics exists to silence whistleblowers. In either case they have about as much influence over executive prerogative as diversity offices have — the people who make the decisions will never give them enough power to question decisions at or above the VP level because they don’t want their own decisions investigated.
It depends. If it puts the company at legal risk, they're pretty quick to act in all companies I've been at.

If it puts the company at just PR risk, varies by company whether they will do anything or participate in the cover up.

"Internal Audit" is pretty common. Though I wouldn't just assume they would take your side. Whistleblowing is tricky business. Someone may decide that the public tarnish of "it happened" is worse than letting it slide.
In most cases I choose to lay low and believe it was a case of hanlon's razor.

But the one case with the CTO who took a leading position at the vendor he was promoting, that was something. It happened almost 9 years ago now.

It's a fun story that me and my friends still laugh about and refer to whenever similar situations come up. But I'm not prepared to push the whole whistleblower agenda in this case. Feels like throwing rocks at a hornets nest for no reason other than principal.

I've witnessed similar and it's usually Hanlon's Razor. Can't say for sure with every case but I've seen a fair few senior execs who are just legitimate suckers for sales pitches. There's a lot of pressure on them to bring innovation and cut costs and when someone comes along promising to do both they have a hard time passing it up.
Unfortunately it's super hard to just buy innovation. You can buy the best tool in the world, but it won't do you any good unless you pivot your business practices to take advantage of it. Sometimes a good tool can by the catalyst for that rethinking. The re-imagining can be as valuable as the tool itself.
I feel exactly the same way. Worked for a big american Telco company that is universally hated everywhere (but unknown enough here in Europe so that they manage to hire) and I feel this is exactly how contracts of this kind worked.

We would hear that this or that product was forced on us because this or that senior executive's friend/relative owned the company producing that product.

Fighting against having to use crappy tooling because of this was one of the nuisances that we'd have to deal with a few times a year.

Verizon right
I would rather not confirm or deny, but I find it funny that apparently telco companies in the US share a considerable amount of hate; enough for you to have to wonder :D

maybe it is a location-based hatred distribution?

I've hated every Telco I've ever used, except the first. The first was a small local cell provider that kept my prepaid cell phone in service for months after my funds expired. Since then I've been plagued with terrible service (customer and signal), random outages, near fraudulent billing practices, sketchy offers, high pressure sales in stores, overage fees, arbitrary fees, continuously increasing bills, etc.
Could easily be Telekom, which is T-Mobile in Europe. But yeah, it's one of those.
It's not American though.
Indeed, but it bought Sprint last April, so it's got some American DNA now.
These elite glass-office dwelling executives all know each other from their elite college experience.
I had a grand-boss who proposed buying an add-on to our PDM system. I explained how we already threw away $15 MILLION on buying ALL the licenses for a previous PDM system up front, only to scrap it when our company got taken over (and pillaged and destroyed, but that's a story for another day). I BEGGED him not to spend the money until we proved that we could actually, you know, integrate the add-on, and USE it successfully. No, of course, we spent all the money up front. And THEN found out that we couldn't use it. And then I heard he got a big kickback from the company, and I because a little less naive, and a lot more jaded.
Yep. Alternate headline: "Netflix IT exec chose products using standard industry practices".
Yeah this is pretty much how these decisions are made at many companies. If it's not a direct kickback its a friends of the decision maker and they go golfing together four times a year. At the vendors expense of course.
This is so common, we even have ethics training at our mega tech corp and we are supposed to report any such activities. A lot of time kickbacks are subtle though like unpaid internship at vendor for CTO's niece. Or sometimes it is a bit more bold like a consulting contract that vendor need to sign up with CTO's brother's firm etc.

The most obvious and legal form of kickbacks is just regular sales process that involve a lot of nice dinners or even trips to conferences on nice resorts. One of my old boss owned his company and it was so normal for him to go out for 4 hour lunches with clients.

In recent years, I've noticed that more and more vendors offer quite lavish "training" events for the tech teams evaluating their products. I'm sometimes still surprised by the type of questionable practices that are common in otherwise highly regulated industries.
Did you an I work at the same place? We had the exact same thing happen. Incompetent CTO bought millions of dollars in unnecessary crap and consulting, quit and joined the unnecessary crap company.
Yeah but

"Kail set up a corporation to receive bribes from Netflix contractors, the DOJ said."

Super blatant. I don't get how he expected to get away with it? You'd think there's a fair chance his employment contract at Netflix would prohibit having an outside interest like this. Plus you know, maybe learn how brown paper bags work. Or find a relative who has a consulting business to bill. Maybe read what cryptocurrency is. Seems like there are a lot of things you could do that aren't making a separate company which has bank accounts and files returns. Oh yeah and don't buy a house with it, a house can be confiscated.

Anyway he should have read the newspapers more. Clearly the thing to do is like your CTO or how politicians do it, just get them to pay you with a "job" after you leave. Perhaps he just hadn't reached scale yet like you can with political roles. Those £38B we spent on track & trace here in the UK will surely come back to the right pockets somehow.

Yeah reading the case this is nothing like anything I've experienced. But the title alone made me chuckle.
It director's wife runs a foundation that gets big donations from software vendor. Every time the vendor sells to the guy's company.
This kind of thing is way more common in the enterprise world than we care to admit. But at big tech I admit I was surprised. One of the perks of working to big tech was supposedly being imune to this kind of shenanigans from the suits.
Clearly only Netflix is doing this. Every other company always implements BYO-whatever policies and a democratic, bottom up, consensus based, grassroots approach to trialing and adopting the next whizbang new shiny things. That dastardly Nextflix, at it again, I can't believe them...
Regardless of how common shitty and vaguely illegal sales tactics, this was one was particularly egregious.

He set up a corporation and was a paid ‘advisor’ at a company Netflix was paying large amounts of money. And the pure number of times he did it.

Criminal’s greed always bring them down and this guy went massive.

If it was just the usual deal where there's some sort "goings on" between vendor sales and procurement/execs, and then everyone needs to use the product from the top-down, that's normal, but not great for enterprise software innovation or people who use it, IMO.

Anyway, I think the situation described where former execs become advisors on the contractor side and use their contacts to get contracts, is exactly the deal with K-street and defense contracts. Except in this case, the guy was still on the inside! Not ok! But once you're out, that's cool /S

The startup world version of this is being both a decision maker at a company and an angel investor, as then you can force what you invest in on your employer.
As a non-US'er, there are several things I don't understand here:

1. Why was the federal government suing Kail, rather than the company? i.e. on what basis do his actions constitute a criminal offense, when conducted within a single organization (the company)?

2. I remember hearing the terms "mail fraud" and "wire fraud" a lot, but what do Kail's actions have to do with mailing or wiring anything?

3. From the description, it seems like Kail's actions were pretty transparent. Wasn't he called out immediately on this stuff?

1. Netflix itself did nothing wrong - it's lawful for a company to use shitty expensive useless products. On the other hand, if a company officer takes bribes to act against the interests of their employer, they're breaching their duty of care towards the employer and defrauding them, and that is a felony. I'm not certain about the guilt of the bribing company, that might depend on the exact details and where it happens/which law applies.

2. "Standard" in-person fraud is prosecuted by the states, but fraud over mail or wires is a federal crime, so if any long-distance communications were involved then the federal justice system can (also) get involved.

> breachingtheir duty of care towards the employer and defrauding them

That's the part that sounds a bit strange to me. I mean, breach of duty is one thing, and fraud is a second thing. But I guess that's how fraud is defined in US criminal law.

> 2. "Standard" in-person fraud is prosecuted by the states, but fraud over mail or wires is a federal crime, so if any long-distance communications were involved then the federal justice system can (also) get involved.

Well, the relations between a company and its officer are in-person, aren't they? Or is it the case that if I defraud you and during that time call your phone once, I can be prosecuted for "wire fraud"?

The definition is "the use of an interstate wire communication to further the scheme".

Email and phone qualifies, and it does not need to play a crucial role in the scheme to defraud, it only needs to be made in order to advance the scheme somehow; a single email exchange about the kickbacks with a vendor sales representative in another state might be sufficient push it from "normal" fraud to wire fraud.

This reminds me the first time I got in the process to sign a 1MM contract. I kept pushing for a price reduction and the sales guy kept giving me clues of how this would affect commission. I had no idea that he was talking about my commission. It was so ridiculous that I involved compliance and shit scaled pretty quickly.
Did you get as far as finding out the level of bribe that the sales guy was offering? I'm curious about the going rate for corporate graft.
When I was signing off on a dotted line, I have adopted the Walmart approach from the early nineties -- vendors willingness to wine and dine us meant that the price was still too high. It worked surprisingly well as a signal. We were able to get our costs cut in nearly half on very expensive gear.
How did you find out that they no longer wanted to wine and dine? E.g. they usually contacted you, but stopped?
Across multiple vendors ( deal value ~2-5 million a year per deal ) the progression of where the sales people wanted to talk to us pretty much always went like this:

massive wine and dine [5-6 people from out side, two to three stops a night] -> dinners in nice restaurants [ 3-4 people on our side] -> lunches in nice restaurants [1-2 people on our side ] -> lunches [ me or me +1 on our side] -> coffee [ just me ]

This roughly corresponded to initial price down to "you are killing us" price, the later being additional 35-50% discount off the initial proposal ( which would typically be their published price less 20-30% to begin with )

Those progression steps happened with each vendor? A vendor started with massive wine, and ended with coffee in the last meeting? (As you might notice, I don't know that much about sales)

(Rather than just one sales meeting with each vendor, and you observed a trend across many vendors)

From massive wine and dine, to coffee, made me smile :-)

I'm surprised that wine and dine apparently works (with many people but not you). To me it honestly sounds a bit boring and I'd rather go to the gym maybe. And even if the food and company was really nice, it'd be just a one time thing (or a few times) but the contract would be ongoing for years

> Those progression steps happened with each vendor? A vendor started with massive wine, and ended with coffee in the last meeting?

Multiple vendors followed the same pattern. In all cases we were already pre-qualified as a potential customer/existing customer expanding the account value and the vendor was pre-qualified as a possible vendor. They knew they were in the running to sell us the gear ( and service contract on a top of it ) and we did not disqualify them outright.

> I'm surprised that wine and dine apparently works (with many people but not you).

It is so popular that Walmart made accepting it a fireable offense for procurement people as they crunched the numbers and found that suppliers willing to wine and dine were closing deals at the higher prices.