Introduction to the case
Fraudster pocketed more than US$500,000 in kickbacks.
Michael Kail, the former Vice President of IT Operations at Netflix, was convicted of fraud on April 30, 2021, for accepting bribes and kickbacks from at least nine tech startups seeking to do business with the streaming giant between February 2012 and July 2014. He then funneled the payments to himself through a limited liability company with no employees or operations.
Details of the fraud
Kail was appointed VP of IT at Netflix in 2011 and managed contracts with small outside vendors for IT-related services.
In 2012, he devised a scheme to commit procurement fraud and obtain benefits from at least nine vendors by signing service agreements with them.
The contracts provided Kail with a commission, consulting fees, or stock options in these tech companies.
In exchange for benefits, Kail awarded a series of contracts worth millions of dollars during his 2011 to 2014 tenure.
Kail received more than US$500,000* in kickbacks and stock options from these outside companies.
According to currently available information from the U.S. Department of Justice, Kail awarded approximately $3 million worth of contracts on behalf of Netflix.
The exact amount of kickbacks Kail received and the value of service agreements he signed on behalf of Netflix will be disclosed in the sentencing hearing on Sept. 14, 2021.
How did the fraudsters commit the crime?
Details of the kickback contracts
Kail entered into two types of service agreements with the vendors: advisory agreements—which allowed him to receive monthly consulting fees or to purchase share options in the companies—and sales representative agreements.
Evidence presented at trial showed that Kail signed a sales representative agreement with IT service management company Netenrich Inc. on Feb. 5, 2012. The collusion granted him commissions amounting to 12% of the billing payments Netenrich received from Netflix for its staffing and IT services. Later in 2012, Kail began receiving 15% of all billing payments that VistaraIT LLC, a wholly-owned subsidiary of Netenrich, received from Netflix.
Trial evidence further showed that Kail received share options with vendors Platfora Inc., Sumo Logic Inc., ElasticBox Inc., Numerify Inc., Netskope Inc., and Maginatics Inc.
For example, Kail signed a vendor contract with Sumo Logic in July 2012, one month after receiving share options. The vendor contract led to more than $300,000 in payments by Netflix. Kail then approved a further $800,000 two-year contract with Sumo Logic, despite complaints from his IT team that the product underperformed.
In another instance, Kail made as much as $120,000 by exercising his stock option at Maginatics when the business was sold to EMC.
Receipt and diversion of kickbacks
Kail set up a limited liability corporation called Unix Mercenary on Feb. 7, 2012. The company had no employees or business location, and Kail was the sole signatory on its bank accounts.
Kickbacks were deposited in Unix Mercenary’s account via wire transfer. Kail then diverted the funds to his own account and used them to cover personal expenses and to buy a home in Los Gatos, Calif., in the name of a family trust.
Concealment of vendor contracts
Netflix uses DocuSign, a third-party record management system, to maintain a database of contracts. According to court records, Kail had asked a senior-level DocuSign employee to remove his corporate account from Netflix’s DocuSign records and instead stored the vendor contracts in his personal DocuSign account.
Rationalizing the scheme
In his defense, Kail argued he acted in good faith by introducing multiple service providers to help develop Netflix’s new IT strategy and that he never pressured the streaming company to keep contracts with the vendors when they were underperforming. Kail also claimed he did not exercise all his stock options and had even lost money on a few. He further countered that it is common for tech startups to hire a high-profile individual from an established company as their advisor and offer them stock options, and he was simply following convention.
What was the outcome?
Netflix filed a civil lawsuit against Kail for fraud, unjust enrichment, and breach of fiduciary duty in November 2014, following his departure to Yahoo in August 2014. Court documents suggest Netflix discovered the scheme by finding references to “our arrangement,” “getting my portion paid,” and “referral fees” in Kail’s emails with third-party vendors.
On April 30, 2021, a U.S. federal jury found Kail guilty on 28 of the 29 counts of fraud and money laundering against him.
Kail faces a maximum sentence of up to 20 years in prison and a fine of either $250,000, or twice his gross gain, or twice the gross loss to Netflix, whichever is greater, for each count of a fraud conviction. He also faces 10 years in prison and a fine of $250,000 for each count of money laundering.
A sentencing hearing is scheduled for Sept. 14, 2021.
How could this have been prevented?
Kail’s deception flew under the radar for several years, a consequence of poor internal controls at Netflix. With the right policies in place, companies can read the warning signs and improve their chances of early detection. Here are some of the red flags and risk management strategies gleaned from the Netflix case:
Kail’s responsibilities included negotiating and executing contracts on Netflix’s behalf, as well as approving invoice payments to third-party vendors.
Multiple parties should be involved in the procurement process, with negotiation, execution, and payment processing conducted by separate individuals who can provide independent opinions from different perspectives (e.g., financial and legal).
Simply having a corporate code of ethics isn’t enough. Companies must frequently monitor and test internal controls to evaluate their effectiveness and send a clear message on management’s commitment to integrity and fraud detection.
Although it’s not mentioned directly in current court records, it’s likely Netflix experienced a significant year-over-year increase in new contract volume and IT-related expenses. A robust system of internal controls may have helped the streaming company detect the variation and encourage management to investigate further.
A control point was bypassed when Kail succeeded in having his corporate account removed from Netflix’s DocuSign records. Apart from endorsing a code of ethics, companies should educate their employees on the risks of accepting kickbacks and have specific policies around vendor relationships.
In this case, Kail’s team had recommended against Netflix partnering with a vendor whose product they said fell short. A whistleblower program, operated by an independent party and available to both employees and vendors, would have played a significant role in flagging fraud.
How BDO can help
Preventing, detecting, and deterring procurement fraud requires a multifaceted approach that is proactive, reactive, and informed by a comprehensive risk assessment. Our risk advisory team can help your business set up a structured procurement process, actively monitor internal controls, and develop a comprehensive fraud response plan.
When fraud does occur, we can support your company in civil and criminal litigation and deliver tailored solutions for investigations. Our global network of Forensic Technology Services professionals combines actionable insights with advanced analytics to deliver fully integrated eDiscovery solutions and conduct end-to-end forensic data collection.
For more information, contact:
Footnotes:
*All amounts expressed in U.S. dollars unless otherwise stated.