The (Guilty) Brain of the Firm: Applying Management Cybernetics to Corporate Criminal Liability

“Corporations are people, my friend.”

Mitt Romney, 2011

Introduction

The federal government has long been able to prosecute corporations when they violate criminal statutes. Because, unlike natural persons, a corporation does not have a single, unitary mind, the question of how to ascertain mens rea in a prosecution of a corporate entity presents an epistemological conundrum, particularly where corporations compartmentalize duties to avoid concentrating the requisite criminal knowledge in any single employee. Most—though not all—circuits have addressed this dilemma by adopting the collective knowledge doctrine, which allows the court to impute the aggregate knowledge of all of a corporation’s agents to the corporation itself. Whether this doctrine is legally sound and when courts may apply it are both sources of substantial controversy; consequently, it is only rarely applied.

The recent revival of the field of management cybernetics—a long-dormant interdisciplinary field focused on the study of how large social organizations regulate themselves—presents a new lens through which to examine those questions. This Essay draws on several of the central insights of management cybernetics to provide guideposts for the application of the collective knowledge doctrine in criminal cases with corporate defendants. Particularly, it argues that a collective knowledge instruction is appropriate in cases where certain regulatory systems within the corporation have been attenuated to the point where they cannot operate with the complexity required by law.

I.  The Collective Knowledge Doctrine

When a corporation is prosecuted, its mens rea is established by imputingthat of a corporate officer, employee, or agent acting in the scope of their authority and at least in part for the benefit of the corporation. This basic doctrine dates back to N.Y. Central & Hudson River Railroad Co. v. United States (U.S. 1909), in which the Supreme Court established the principles of corporate criminal liability and ruled that corporations may be “charged with the knowledge and purposes of their agents, acting within the authority conferred upon them” by the corporation. The doctrine of imputation was straightforward but left an obvious hole: The management of a corporation seeking to avoid criminal liability for its illegal acts could silo its employees into compartmentalized units, such that no individual employee ever had full knowledge of those acts. This exact fact pattern gave rise to the seminal case establishing the collective knowledge doctrine, United States v. Bank of New England, N.A. (1st Cir. 1987).

A.  United States v. Bank of New England, N.A.

In Bank of New England, a depositor at the titular bank (the Bank) repeatedly made simultaneous check deposits and cash withdrawals from one account, using a different teller and depositing or withdrawing just under $10,000—the threshold at which a bank is mandated to report a transaction to the Treasury Department—in each simultaneous transaction. Cumulatively, he withdrew and deposited significantly over $10,000 at each visit without any individual teller becoming aware of the total. The Bank consequently failed to report the transactions and was prosecuted for violating the Bank Secrecy Act, which criminalizes structuring transactions to avoid the reporting requirement and requires financial institutions to report instances of suspected structuring. Because—ostensibly—no individual teller was aware that the depositor’s activity required the Bank to file a report, there was no employee whose mens rea could be imputed to the Bank, even though the Bank had clearly violated the law. (While none of the tellers in Bank of New England were found guilty, some of them likely did know that they were violating currency transaction reporting requirements.)

The trial judge solved this conundrum by instructing the jury that “the [B]ank's knowledge is the totality of what all of the employees know within the scope of their employment.” More concretely, “if Employee A knows one facet of the currency reporting requirement, B knows another facet of it, and C a third facet of it, the bank knows them all.” The Bank was convicted, and appealed to the First Circuit, arguing that this jury instruction effectively made it criminally liable “for negligently maintaining a poor communications network that prevented the consolidation of the information held by its various employees.”

The First Circuit drew on a lineofcases particular to the trucking industry to reject the Bank’s appeal, writing that “[c]orporations compartmentalize knowledge, subdividing the elements of specific duties and operations into smaller components. The aggregate of those components constitutes the corporation's knowledge of a particular operation.”

B.  Subsequent Interpretation

While a fewcourts have declined to follow the First Circuit, for the most part the collective knowledge doctrine has been widely adopted. However, probably because the doctrine is used relatively sparingly, most of the interpretation of it post-Bank of New England has been academic. Within that field, there are two principal strains of thought about the breadth of the collective knowledge doctrine, each of which has its own particular flaws.

MostscholarstakeBank of New England and its ilk at face value—the collective knowledge doctrine allows courts to collate the knowledge of a corporation’s employees without limit. In this strain of thought, the collective knowledge doctrine, for better or for worse, is extremely broad. This breadth has negative implications—particularly the possibility of sweeping in essentially innocent conduct—which derive from the obvious fact that the employees of a corporation are not a hive mind. Corporations are complex entities, with differentiated internal systems, and one system may make an unlawful decision because of an entirely innocent failure in communication with another system. The broad theory of the collective knowledge doctrine improperly treats corporations as mentally unitary entities, to the detriment of the law. For example, an employee at a tax preparer may unknowingly submit returns containing false information to the IRS. Their employer could be convicted under the broad theory of collective knowledge so long as another employee knew of the false information, even if that employee failed to communicate that knowledge out of individual negligence, or even if they were simply out sick when the returns were submitted.

One alternative strain of thought—exemplified in a 1997 article by Thomas A. Hagemann and Joseph Grinstein—characterizes the broadest interpretation of the collective knowledge doctrine as “a frightening bedtime story” which could easily sweep in innocent conduct. Hagemann and Grinstein draw on the tellers’ possible knowledge that they were committing a crime in Bank of New England to argue that that case and its predecessors implicitly established the presence of willful blindness in the corporation as a prerequisite for the application of a collective knowledge instruction. The willful blindness theory also has conceptual shortcomings. Willful blindness, in its actually-applied form, involves a person avoiding gaining knowledge that could make them criminally liable. But in the cases where collective knowledge instructions are given, the employees of a corporation do have that knowledge—it just hasn’t been aggregated. Assuming the corporation is a unitary entity, this leaves proponents of the willful blindness theory in the position of saying something contradictory: that collective knowledge instructions are only rendered by courts where the corporation knows exactly what it is doing wrong, and is willfully avoiding knowing it is doing something wrong at all.

Observing this contradiction admittedly has the flavor of asking how many angels can dance on the head of a pin, but it has serious practical consequences. Where there is clear record evidence of willful blindness concentrated in a specific individual, the application of the willful blindness theory is straightforward. But where it appears that the corporate entity itself, not any one individual, is willfully blind—perhaps through an organizational structure which silos information as in Bank of New England—courts have to face that contradiction directly. In those situations, courts have two unpalatable options. They can decide more or less arbitrarily, relying at best on evidence about corporate culture,1 that the defendant seems willfully blind, potentially raising the same overbreadth issues as the broad interpretation of the collective knowledge doctrine. Alternatively, they can let the defendants in these cases off the hook entirely.

Compounding this problem is the increasing prevalence of an organizational phenomenon originally identified by Professor William Black: deliberately criminogenic corporate environments. These are businesses which are organized such that they will ultimately commit crimes—generally fraud—without any meeting of the minds between their agents. As these entities become more common, courts which hold to the willful blindness interpretation increasingly face the choice between convicting defendants based on tenuous corporate-culture theories and letting them go entirely.

As we can see, both prevailing theories of the application of the collective knowledge requirement have serious flaws. Both theories’ flaws tend to derive from the fact that they are directly applying doctrines which were developed for mentally unitary entities—natural persons—to complex, differentiated corporations. In order to address these flaws, it might be useful to examine the field which first tried to understand how firms “think”: management cybernetics.

II.  The Brain of the Firm

Management cybernetics is a school of thought founded by British academic Stafford Beer which applies the insights of cybernetics—a transdisciplinary field focused on recursive and feedback-based systems originating in the 1940s from which the fields of computer science and artificial intelligence arose—to the study of large institutions, particularly economic ones like businesses, banks, and governments. The field aims to understand how organizations regulate themselves and apply that understanding to improve those forms of self-regulation. Though management cybernetics has been largely dormant since the 1973 Chilean coup ended the only country-scale experiment in applied cybernetics, it has enjoyed a small popular revival recently thanks to British economist Dan Davies.

Management cybernetics, and cybernetics writ large, are deeply baroque fields, full of esoteric terminology and gnomic pronouncements. Two particular ideas from management cybernetics, however, may be helpful in approaching the collective knowledge doctrine. The first is the fundamental move in cybernetics: the black box. Rather than attempt to examine the inner workings of complex systems, cybernetics splits them into black boxes, which it examines in terms of their inputs and their outputs. The second is variety engineering, which is expanded on further in the next Section.

A. Variety Engineering

The central insights of cybernetics were expanded by Beer in his book, appropriately titled The Brain of the Firm, into the viable system model. There are five types of system—operations, regulatory, management, intelligence, and philosophy—but for our purposes, only Systems 1 and 2 (operations and regulation) are truly relevant. Each system is a black box. System 1 is the system which actually interacts with the world through its outputs. System 2 regulates System 1 by taking System 1’s outputs as its inputs, and vice versa.

The process of deciding what inputs System 2 will take is called “variety engineering,” because it involves attenuating the variety of information arriving from System 1 to a manageable menu of input options, each of which has an appropriate output assigned to it. In a section titled “Variety engineering for beginners,” Davies gives the example of a squirrel cage with a heater in it (System 1) and a regulator for that heater (System 2):

The ambient temperature of our squirrel cage could take practically any value (within a realistic range). If we make a decision to reduce our information set to ‘too hot’ and ‘too cold’, we can match it to a regulator with states of ‘heater on’ and ‘heater off’; we've built a thermostat. Doing this isn't difficult—we just decide to throw away some of the information, on the assumption that it's not relevant.2

Importantly, System 3—management—does not have the resources to deal with the volume of information that comes from System 1. They rely on System 2 to attenuate that volume by enforcing day-to-day rules and only deal with special cases. The vast majority of decisions about what happens in System 1 are made by System 2.3

B. Application to the Collective Knowledge Doctrine

Drawing on the viable system model, we can place some labels on what happened in Bank of New England. The tellers taking the customer’s deposits and withdrawals are System 1—operations. The reporting rules that they follow are System 2—regulatory. Their regulatory functions, however, were incredibly attenuated—they only generated outputs (a Currency Transaction Report) where the customer deposited or withdrew more than $10,000 in a single transaction. These regulatory functions were clearly mismatched with what was required of the Bank under the Bank Secrecy Act. Its System 2 had been improperly engineered—the variety of information it took in was so attenuated that it did not recognize structuring, even though it was required by law to do so.

The problem was not that the Bank had avoided learning that it was committing crimes—because corporations do not have unitary minds—but rather that the Bank was not stopping itself from committing crimes. At that point, a collective knowledge instruction was appropriate, though not to mystically unify the many minds of the tellers into one corporation. Instead, it served to demonstrate that the Bank had the information it needed to comply with the law, but its upper management had built a regulatory function that was inadequately complex to do so.

Shifting the analytic frame to corporate systems, rather than employees, avoids sweeping in innocent conduct like the broad theory of collective knowledge while avoiding the conceptual contradictions of the willful blindness theory. Under a cybernetics-guided lens, the tax accountancy from Part II.B would escape willful blindness instructions so long as it could demonstrate that its employee’s failure to report the false tax information was inconsistent with the regulatory policies of the corporation—and, importantly, with how those policies are usually implemented. 

This shift also allows courts to concretely assess the criminogenicity of a corporate structure. Instead of relying on broad evidence about corporate culture, courts can ask whether the practices, policies, and resources of a corporation’s regulatory function properly engineer it to take in the varieties of information which the law requires. Where the alleged violation is of a regulatory provision which directly governs the defendant, as it was in Bank of New England, answering this question is easier: courts can look to what information is required to meet the obligations the law places on the defendant, and assess whether the defendant has developed a regulatory function capable of gathering, processing, and responding to that information. Where the alleged crime is more general—like fraud, for example—answering that question is more difficult, but nonetheless possible. Courts there might look to best practices implemented by other firms in the same industry. They might also look to the scale and consistency in type of the crime which “snuck by” the corporation’s regulatory function, and the ease of re-engineering the regulatory function to detect that crime, which could indicate a systemic failure to take in a particular variety of information.

Conclusion

Our present doctrines of corporate criminal liability treat corporations essentially as unitary intelligences for purposes of establishing mens rea. The collective knowledge doctrine, as it stands, exists to further that goal by aggregating many individual intelligences into one. But corporations are not people. As Davies writes, “corporations are decision-making systems, not ‘intelligences.’ . . . To attribute motivation to them is to make assumptions about the inner workings of the black box—the original intellectual sin of cybernetic analysis.”4 As such, collective knowledge instructions are most appropriate not to prove that a corporate defendant has a mental state in the same way that a human defendant would, but to show that a corporation had the information it needed to comply with the law, given an adequately constructed regulatory system.

One final note: Davies, appropriately, became interested in management cybernetics while researching financial frauds in the 2008 financial crisis. He observed that, in the runup to the crisis, bank executives reorganized their institutions in criminogenic ways by setting unrealistically high profitability targets and underinvesting in regulatory systems like legal and compliance departments. Davis concluded that “[i]t wasn’t so much that anyone had told their traders [to collectively engage in a fraudulent scheme]; more that nobody ever organised things in such a way that they wouldn’t form a criminal conspiracy.”5

In times of enthusiastic regulatory pullback, like the years leading up to the 2008 financial crisis, the unconstrained animal spirits of the market push firms to engage in criminogenic reorganization with little countervailing pressure from regulators. But firms’ beliefs about the future behavior of government can also motivate them to engage—or not engage—in criminogenic behavior. Much has been said in that vein of the moral hazard risks of government bailouts: the surer firms are that they will be bailed out if their reckless behavior goes wrong, the more reckless they are likely to be. But this can work in reverse as well: if firms know they may be prosecuted for engaging in intentionally criminogenic behavior down the line under cybernetic collective knowledge theories, the shadow of such prosecutions may induce them to—on the margin—build more effective regulatory systems.

Prosecuting corporations under cybernetic collective knowledge theories may be controversial. As Hagemann and Grinstein note, broader theories of corporate mens rea stretch the limits of realistic interpretations of federal criminal statutes. But our criminal statutes were written for natural persons, and corporations are not people. The purpose of corporate criminal liability is not to prevent them from committing crimes, but to ensure they prevent themselves from doing so, and to punish them when they do not.

* * *

Connor Elliott is a J.D. Candidate at The University of Chicago Law School, Class of 2027. He thanks Dan Davies and the staff of The University of Chicago Law Review for their support and feedback throughout the writing process.

• Some jurisdictions—notably Australia—do permit evidence about corporate culture to be admitted in proving mens rea.
• Dan Davies, The Unaccountability Machine 108 (2025).
• Id. at 119–20.
• Id. at 267.
• Id. at 12.