CalPERS Wastes Fund Assets on a Sham Investigation to Intimidate Board Members

CalPERS has a thing about leaks. We’ll use the word “leaks” in the very loose way that CalPERS does. Experience has shown that the organization applies that label to the public disclosure of any negative information about it, even if the information was in no way confidential and the releasing party, such as a board member, was legally entitled to do so.

Readers may remember the coverage we gave a couple of years ago to the trumped-up charges of “leaking” made against then-board member JJ Jelincic, where the allegations ultimately collapsed in the face of evidence that nothing that Jelincic had disclosed was a secret.

Nevertheless, that embarrassing experience has failed to cure the organization of its fevered efforts to find someone, anyone, to pin the blame on for its staggering decline in reputation. To advance that goal, CalPERS has hired a big bucks law firm to lead an investigation. However, like its previous efforts, this one will probably go nowhere in terms of unmasking actual wrong-doing. A tell is is that the investigation has been apparently structured to ensure that at least one important source didn’t get talked to.

So whether this “investigation” is intended for public propaganda purposes or merely to have its “findings” shown privately to the CalPERS board to bolster the notion that their poor reputation is undeserved and results from bogeymen hiding under every bed, rest assured that it is a garbage in, garbage out process.

CalPERS has hired an outside law firm, Orrick, specifically the group within the firm that specializes in squashing corporate whistleblowers, to investigate these “leaks”. However, the investigation is being wrapped up after making a tellingly insincere effort to interview former board member JJ Jelincic.

This sham suggests two possibilities, both unflattering to Orrick and CalPERS. The first is the too typical stew of laziness and incompetence, where Orrick is making the minimal effort to collect the contracted-for fee, perhaps getting signals that CalPERS didn’t want a full-bore effort, and the two sides didn’t coordinate effectively. Second is that Orrick cynically invited Jelincic to an interview – mind you, he is retired and has no obligation to cooperate – with only a couple of days notice and a request that he travel to them, in order to elicit a rejection of their timetable. There is an established history of CalPERS trying to set Jelincic up as the fall guy for leaks, so this could be more of the same.

Before you think the idea that CalPERS would deliberately choose to omit key parties from an investigation is far fetched, CalPERS has done this before. After the private equity bribery scandal that led to the indictment of former board member Al Villalobos, who committed suicide, and former CEO Fred Buenrostro, who was convicted and is serving a four and one half year term in Federal prison, CalPERS hired law firm Steptoe & Johnson to conduct an investigation and prepare a report. We explained at considerable length why it was a whitewash.

The attorney leading the Steptoe investigation, Phil Khinda, contacted one prominent former CalPERS insider about the pay to play scandal investigation and invited him to lunch. Before his counterparty could even respond, Khinda proceeded to list all the reasons why the potential source should not want to participate. This individual said it was very clear that Khinda was actively discouraging him from being interviewed. So this is apparently part of the bag of tricks that big law firm “investigations” practices use, which is to discourage various parties from cooperating, when it would support the desired narrative to insinuate that only people with something to hide would decline an interview.

Why Leaks?

It’s apparently useful for CalPERS staff to play up supposed leaks to the board, as if they were the cause of the bad press the giant pension fund has been getting. In fact, the big causes are far too obvious: CalPERS deeply underfunded status, the board’s and staff’s failure to deal with that overarching problem honestly, with that problem compounded by widespread evidence of poor management and oversight. One glaring example of the last problem is CalPERS having a poor sense of priorities. For instance, it has more people in its PR department than in its risk management and audit unit.

On top of that, CalPERS has used “leaking” as a bloody shirt to attack insiders trying to reform the public pension fund….even when they’ve been presenting public information that is therefore not in any way confidential. One example is when Jelincic was falsely accused of leaking when he responded to a beneficiary question by providing information in a court document filed by CalPERS.

The fact that CalPERS would attempt to depict Jelincic as having breached confidentiality when he was in fact presenting public information indirectly exposes another pathology at CalPERS: a concerted effort to keep things secret when there’s no sound basis for doing so. This is analogous to a worrisome tendency in medicine, to move the threshold for “disease” so low as to look to be driven by profit rather than health considerations.

As an attorney said via e-mail:

The real outrage here is that the staff at a fund conclusively proven to have been rife with corruption, and who seem to have no problem wasting fund assets on the exact same high-fee outside managers who were the source of those corrupt influences, are conducting a “leak” investigation that is clearly aimed at intimidating independent board members from exercising their fiduciary duty of inquiry — by unlawfully creating the atmosphere where non-confidential public records are represented by staff to be “privileged” when the law is clear that they are not.

The CalSTRS Policy Guide specifically limits the use of the Government Code 11126(c)(16) “investment decisions” closed-session exception: “With regard to investment decisions, the Board shall consider most investment matters in open session unless such consideration would jeopardize execution of the investment or cause harm to the economic value of the investment.” p.32, Teachers’ Retirement Board Policy Manual (2015). This is the same law that applies to CalPERS.

The “attorney-client privilege” secrecy ruse is also complete poppycock. The Government Code 11126(e) closed-session exception severely limits the privilege to situations where the agency has “substantial exposure to litigation” and open session discussion would prejudice the position of the agency in the litigation. This exposure to litigation does not include covering-up wrongdoing by staff or the board. Government Code 11126(e)(2) states that, “…all expressions of the lawyer-client privilege other than those provided in this subdivision are hereby abrogated.”

Withholding information to which the public is entitled is a misdemeanor crime under Government Code 11130.7

In other words, “leaking” in the eyes of CalPERS’ staff is when an insider provides information that CalPERS would prefer to go unnoticed, regardless of whether it is actually confidential or not. That attitude is indefensible in a governmental body, where the employees and officers are accountable to beneficiaries and the public. It is also the sign of a diseased culture, since high functioning organizations acknowledge and fix problems rather than try to cover them up.

What About CalPERS’ Terrible IT Security?

One wonders whether CalPERS informed Orrick about CalPERS’ lax IT practices, which could raise doubts on the ability to reach firm conclusions as to how supposed confidential information got out into the wild.

Incoming board member Margaret Brown complained repeatedly that board members and certain senior executives had been assigned formulaic passwords and user IDs. Anyone who learned about them could readily access confidential board records by impersonating a particular user.

Brown got pushback when she sought to change her password to something more secure. Literally, all that staff was willing to do was to send her a later password in the same sequence. That meant the “new” password was every bit as guessable as the old one by knowledgeable insiders, as well as easily hackable.

On top of that, the “new” password was sent to her by e-mail, and that same e-mail was also sent to other members of the Board Services Unit.

Since the response to pointing out that the passwords were wildly insecure was for CalPERS to continue to generate insecure and widely-known passwords, Brown continued complaining.

The next iteration of response was for CalPERS to let Brown pick a number in the same password sequence. So if the old password had been “boardmember2” Brown could now make it “boardmember[number of Brown’s choice]. Not only was the “improvement” still trivially easy to hack, but the “new” password was again e-mailed to Brown and other CalPERS staffers, undermining the notion that the passwords were at all secure.

It was only in September, after we wrote about the laughably poor password security, that CalPERS finally made real changes. But even then, it’s not clear whether they were made for board members or also extended to senior staff, who also had similarly lame formula passwords. But either way, this means that board materials, including closed session records, could easily be accessed by individuals outside board through September 2018, and that knowledgeable senior staff could also impersonate board members to look at that information.

That means that any “leak” of closed session or other confidential information available to board members by computer before September 2018 can’t be attributed to board members with any confidence. The recipients of the “leaks” would be journalists, and it would be unheard of for a reporter to burn a source. It’s considered to be a huge ethical lapse when that happens accidentally (recall the uproar over The Intercept and Reality Winner).

More evidence of CalPERS’ poor IT security practices comes via a lawsuit by former employee Nancy Michaels against CalPERS and former employee Melinda Lorenz-Anderson (nee Lorenz). Lorenz obtained access to, altered, and distributed copies of Michaels’ confidential personnel records to members of the state legislature, alleging that Michaels had obtained a promotion improperly.

Bear in mind that Lorenz did not have access to any personnel file as part of her job duties. She badged in after hours and got access to Michaels’ records. To have done so, she either had to have hacked CalPERS’ system or had someone provide her with a password and login of someone who had access. Under Federal law, engaging in unauthorized access to computer records is a crime.

CalPERS was aware of Lorenz’s breach; it launched a disciplinary action against her, with the punishment set to become effective after Lorenz’s retirement.¹ Yet CalPERS was obligated to make a criminal referral, which it failed to do. On top of that, CalPERS in court is defending Lorenz’s “right” to disseminate the stolen information in such a way as to make it a public record….even after disciplining her for precisely this conduct. It is over my pay grade, but it seems highly doubtful that CalPERS would be supporting this line of argument had it made a criminal referral as it was obligated to

Needless to say, CalPERS’ overzealous defense of someone who unquestionably hacked CalPERS’ systems sends all the wrong messages to other CalPERS employees.

The Botched Effort to Interview JJ Jelincic

Lily Becker, a partner at Orrick, first rang JJ Jelincic on March 11. Jelincic told her he couldn’t speak then and she’d need to call back. It was a 38 second phone call (CalPERS may want to check its billings). She said she’d try again at 10:00 AM the following day. She did not call then.

Becker next called on March 19, again failed to get Jelincic live, and Jelincic returned the call the following day. Her next attempt was March 27, a full eight days later. She again missed Jelincic, who again dialed her the next day.

After two failures to connect by phone, if the matter were urgent or important, the logical move would have been to leave a message suggesting how to coordinate a time to speak, say via e-mail or through a secretary. But Becker tried calling Jelincic two more times before taking that step. The latest round of missed calls was when Becker rang Jelincic on April 4 and Jelincic returned her call on April 5.

On Monday April 8, Becker left a message asking Jelincic to come in for an interview in Orrick’s San Francisco or Sacramento office later that week and to e-mail to set a time. This is what transpired next:

From: JJ Jelincic
Sent: Tuesday, April 9, 2019 4:56 PM
To: Becker, Lily
Subject: meeting

This is not a good week. I’m working on a campaign. Next week doesn’t look a lot better.

What do you want to talk about?

JJ Jelincic

From: Becker, Lily
To: JJ Jelincic
Sent: Tuesday, April 9, 2019, 04:01:16 PM PDT
Subject: RE: meeting

Thank you for reaching out via email as I suggested, as I know we have been trading voicemails for several weeks. As I mentioned when we spoke the first time, we are conducting an investigation for CalPERS regarding certain leaks of confidential or closed session information from late 2017 to 2019. This week is the last week we are conducting interviews. Please let me know if you are available before the end of the week. It would be most useful if we could set up time for you to come to our San Francisco or Sacramento office.

Thank you,

Lily

From: JJ Jelincic
To: Becker, Lily
Sent: Wednesday, April 10, 2019, 07:49:59 PM PDT
Subject: Re: meeting

As I said this week doesn’t work.

I also cannot leave unchallenged your statement “As I mentioned when we spoke the first time, we are conducting an investigation for CalPERS regarding certain leaks of confidential or closed session information from late 2017 to 2019.” That is simply untrue. That first conversation was about that I was in the middle of something and could not talk then. We agreed you would call about 10:00 am the next day. That did not happen.

I actually had a conversation with Henry Jones on March 14 about you reaching out to me. He was aware of that and said you had spoken to him. However, when I asked him what it was about he said he would not tell me because he didn’t want to get ahead of you.

Your email of April 9 is the first time I knew what you wanted to discuss and that there was any deadline. There was normally about a week between the time I called you and you called back. That certainly showed no sign of urgency.

The last closed session I attended was in was in December of 2017. I would have no way of knowing if any information I received from staff since that time came from closed session.

JJ Jelincic

It may not be sufficiently obvious why this interaction does not smell right.

A critical bit of information is that Jelincic was a CalPERS employee through March 6, 2019. He had filed his retirement date well in advance, mid-December 2018.

In the March 14 meeting with Henry Jones, Jones mentioned that Orrick had already interviewed other board members. It is a reasonable assumption that Orrick would have scheduled at least some of the interviews at the time of the monthly board meetings, for the convenience of Orrick and board members who don’t live in Sacramento. Working back from that, Orrick almost certainly conducted some board member interviews at the latest at the February board meetings on February 19 through 21. That would mean it had been engaged, done preliminary research, and developed its investigation program, including its interview guide, before then.

That in turn means had CalPERS wanted to interview Jelincic, it easily could have while he was an employee. Jelincic would have had to take the meeting; he could also have requested that a union representative participate.

Instead, a presumably very competent Orrick partner made a minimal, leisurely effort to get a hold of Jelincic. When Jelincic made it clear that the week of April 8 was not convenient, suddenly Orrick says the interviews are about to be over and oh, by the way, tries to claim that Jelincic knew that they were about leaks, when he didn’t. Indeed, board member Henry Jones’ closed-mouthedness on March 14 about why Orrick was contacting Jelincic says he knew Jelincic didn’t yet know what the request was about….and Jones could have gotten that information only from the Orrick partner Becker.

It would be nice if CalPERS expended as much executive energy on improving its returns as it does on trying to prevent board members from doing their job. Indeed, the example of CalSTRS says that having a board that is active, pro-transparency, and engages in healthy give and take with staff, rather than acting as a rubber stamp, is consistent with higher returns. Too bad CalPERS is so determined not to eat the good governance cooking it feels so free to set before corporate America.

_____

¹ Lorenz set her retirement date after the sanction and sanction date was set. It certainly looks as if the intent was to encourage her to retire rather than have the disciplinary action bite.