McAfee Agrees to SEC Fine, Looks to Future

Computer security software firm McAfee has agreed to pay a US$50 million fine to the Securities and Exchange Commission (SEC) in order to settle charges that it pumped up revenue and earnings during the dot-com craze.

The fine will help McAfee settle charges that it exaggerated both sales and earnings figures by hundreds of millions of dollars between 1998 and 2000 and put to rest an investigation that was revealed nearly three years ago.

Plunging Stock

The inquiry was sparked, the SEC said in a statement, when the company announced in December of 2000 that it would miss its quarterly sales target by $190 million. That caused the company stock to nosedive, quickly erasing some $1 billion in market value.

The deal does not require McAfee to admit any wrongdoing, but the company also agreed to hire an independent consultant to review its practices, procedures and policies regarding revenue and expense recognition and to beef up an existing Ethics First program that is meant to make it easier for employees, partners and others to report potential fraud anonymously.

The SEC said McAfee engaged in various forms of “channel stuffing,” or selling products to distributors and recognizing it as revenue even though those third parties had never sold the product. The company then engaged in various means to entice distributors not to return the product. The result was some $622 million in overstated revenue.

McAfee has already written the charge into its third quarter 2005 results. The company’s stock was up modestly in morning trading today, gaining about a half percentage point to $28.11.

For McAfee, the settlement ends a lengthy distraction and closes the books on an embarrassing chapter in the company’s history.

Focus Now Competition

“The Board and the entire McAfee team are dedicated to continuing the important task of creating a corporate culture of ethics and compliance which permeates all of our relationships,” George Samenuk, chairman of the board and CEO of McAfee said in a statement. “We are pleased to be able to reach this settlement and will take this opportunity to reinforce and further institutionalize the strong message of putting Ethics First, which I have made the hallmark of McAfee since joining in January 2001.”

Analysts say the company will benefit from having settled the case and can turn its attention back to filling out its portfolio of security products to help it compete with Symantec and other security software companies.

McAfee, which changed its name from Network Associates, may face competition from new sources, including Microsoft, which this week unveiled some of the new built-in security features of its upcoming Windows Vista release. Microsoft has spent tens of millions in recent months acquiring security software firms and beefing up its own technology. And analysts say its Windows Live and other hosted-software efforts could also reduce the need for the desktop security products McAfee is best known for.

McAfee already faces an uphill battle against larger rival Symantec and is now part of a security industry that has seen widespread consolidation, with firms rolling up various technologies — anti-virus, spam blocking, firewalls and so on — to create broad offerings.

Gartner analyst Neil MacDonald said Microsoft is clearly moving away from its model of partnering with security vendors and toward offering its own solutions.

“What we’ve seen so far is only the beginning,” MacDonald said. “Microsoft will build a complete desktop security solution for consumers and enterprise users during the next five years.”

Some analysts say it may take a concerted effort from Microsoft to convince consumers and businesses to use its security products, given the number of vulnerabilities that have turned in past versions of Windows and other products, such as the Internet Explorer browser. But others say consumers are eager for built-in protection and are likely to embrace the Microsoft approach over time.

Playing Hardball

Meanwhile, for the SEC, the settlement reinforces a message of toughness. The agency noted that the case marks the third time a company has paid a fine in the $50 million range — all of them coming in the last three years. Before that, the largest single fine paid in conjunction with financial fraud was a $10 million fine against Xerox.

In fact, the SEC used the McAfee settlement to roll out a new policy on financial penalties meant to “provide the maximum degree of investor protection.”

Linda Thomsen, who oversees the enforcement division at the SEC, noted that in the McAfee case, the former CFO and two others have been charged directly with fraud in civil and criminal actions.

“The fraud was implemented and concealed through the use of various artifices and accounting ploys,” Thomsen said. Those schemes included secret payments and discounts to McAfee distributors in order to stop returns of product, the creation of a wholly-owned subsidiary to repurchase oversold McAfee product from distributors and falsified entries on McAfee’s books.

“McAfee used its overvalued stock to acquire other companies, capitalizing on the artificial value it had created through its fraud,” Thomsen added.

The SEC announced a separate action against management software maker Applix, Inc., which Thomsen used to highlight the difference between what it considered corporate-based fraud and that perpetrated by individuals. “In McAfee the conduct was pervasive and occurred over a significant time period; in Applix the conduct, while certainly fraudulent, was more limited,” she added.