The D&O Diary

The D&O Diary

A PERIODIC JOURNAL CONTAINING ITEMS OF INTEREST FROM THE WORLD OF DIRECTORS & OFFICERS LIABILITY, WITH OCCASIONAL COMMENTARY

The New Zealand Edition

Posted in Travel Posts

058aThe D&O Diary continued its South Pacific sojourn over the weekend with a short stop in Auckland, New Zealand’s largest city, for meetings and for a brief look around. Auckland is located on New Zealand’s Northern Island, about a three-hour plane flight from Sydney. Because Auckland is located just inside the International Date Line, every morning, the kiwis get first crack at the day.

 

I visited Auckland once before, 29 years ago. The transformation that has come over the city in the interim is remarkable. The city’s population, now over 1.3 million, has nearly doubled. And the city has gone upmarket. Queen Street, at the center of the city’s central business district, is now lined with new glass and steel office buildings. Viaduct Harbor (pictured below), the area where I stayed, is a new development of low rise office buildings and swish nightspots built on former docklands. Thanks to changes in the country’s immigration laws, the face (or perhaps the faces) of the city has changed as well – Auckland has to be one of the most diverse cities on the planet. It has the largest Polynesian population of any city in the world and a huge Asian and southeast Asian population as well.

 

051a

 

On the evening of my arrival, I stepped right into an example of the city’s diverse ethnicity. A stroll through the city center took me to Albert Park, where, it turned out, the city’s annual Lantern Festival was taking place. The park was decorated with illuminated displays, and there were musical performances and food carts. The lanterns glowed as the evening gathered and crowds strolled through.

 

009a

 

 

007a

 

 

037aOn Friday morning, before my first meeting, I went out to One Tree Hill, a prominent, nearly 600-ft volcanic cone located about a 15-minute cab ride from the city center. The hill’s name in Maori is Maungakiekie. Before European settlement, the hill had served as the located of a Maori pa (or fortification), and the remnants of many of the entrenchments can still be seen on the hillside. Unfortunately, there no longer is a tree on One Tree Hill. The original tree was cut down by a European settler in 1852, and Maori protestors cut down the replacement tree in 2000. The hilltop does afford absolutely fabulous views of Auckland and its surroundings, including Auckland’s two harbors — Waitemata Harbour to the north, which opens east to the Hauraki Gulf (as depicted in the first picture below), and Manukau Harbour to the south, which opens west to the Tasman Sea (second picture below). The views are fabulous, but I have to admit that my primary interest in visiting the hilltop was because of the song, “One Tree Hill,” on U2’s 1987 album, The Joshua Tree. (“A sun so bright it leaves no shadows/ Only scars carved into stone on the face of earth.”) It was cool.

 

031a

 

 

035a

 

On Friday afternoon, I took a ferry across Waitemata Harbor to Devonport, a pleasant seaside suburb with small shops, cafes and restaurants on the harbor’s north side, to meet some friends for drinks. I arrived early so I took advantage of the opportunity to hike to the top of Mt. Victoria, a nearly 300 ft. volcanic outcropping that affords great views back toward the city center (as reflected in the picture at the top of the post) as well as out beyond the harbor to Hauraki Gulf (see the picture below). At the crest of the hill, there is a retractable gun emplacement. A placard explains that the guns were installed in the 1890s out of concerns over Russian expansion into the South Pacific. Which just shows you how quickly things can change. A pedestrian walkway, the Prince Edward Parade, winds along the harborside back in the town.

 

060a

 

 079a

 

  086a

 

 

 007aWhen I had mentioned to folks back in Sydney that I was going to be stopping in Auckland before heading home, the uniform response was that I had to be sure to visit Waiheke Island. So Saturday morning, I took a 45-minute ferry ride to the island, located out in the Hauraki Gulf. In the ferry dock’s parking lot, I rented a bike. I thought I would be able to cover most of the nearly 12-mile long island. I soon realized that this was a hopeless plan. The island’s rugged terrain quickly wore me out. I also quickly figured out that just about every turning and side road led down to beautiful, shell-covered beaches. The beaches further away from the ferry landing were generally deserted, and each one seemingly more attractive than the one before. In this way, I was drawn further and further along the island’s coastline, only realizing as the afternoon progressed and as the fatigue from pumping up and down the island’s hilly roadways began to accumulate that I was going to have to beat it back to the ferry landing if I wanted to get back to the city before dark. I will say this, the people who told me that I had to visit Waiheke were right.

 

028a

 

 

025a

 

 

 033a

 

 

  037a

 

As it turns out, my visit to Australia and New Zealand this past week coincided with the early part of the World Cricket Cup, which is being played in locations around the two countries through March. On Saturday evening, after I had returned to Auckland, I wandered into a bar near my hotel and found that the New Zealand-Australia group stage qualifying match, which had begun earlier in the afternoon at the Eden Park pitch in Auckland, was still underway. Australia had scored only 151 runs, and so New Zealand needed only 152 runs to win, a target that seemed easily within reach, particularly at the point in the proceedings at which I arrived. New Zealand’s run total was quickly mounting and the Black Caps seemed to have the match well in hand. And then the wheels came off. Australian Mitchell Starc, who bowled superbly, claimed a number of quick wickets, and suddenly, with only one wicket remaining but still the Kiwis still six runs short, the contest seemed poised for a dramatic showdown. But New Zealand’s Kane Williamson hit a six to seal victory for New Zealand in a wonderfully tense climax – to put it in terms that Americans would understand, Williamson hit a walk off home run. I was surrounded by excited, shouting fans, and I participated in the celebration as if I had as much of a right to the celebration as everyone else. The celebratory mood carried out into the warm summer evening, and the crowds strolling along the city’s busy streets as night time gathered had something of a festive air. 

 

On Sunday, it was time to return to the States, back to home and to work. However, while I was in the South Pacific, I spent a considerable amount of time contemplating the concept of summer in February. I have decided that the idea has merit and warrants further study. 

 

084a 

 

 

031a

 

Cornerstone Research Releases 2014 M&A Litigation Report

Posted in Shareholders Derivative Litigation

cornerstone reserach pdfAccording to the latest report from Cornerstone Research, during 2014, over 90 percent of M&A transactions resulting in at least one lawsuit, but each deal attracted a smaller average number of lawsuits and in fewer jurisdictions than in past years. The report, entitled “Shareholder Litigation Involving Acquisitions of Public Companies: Review of 2014 M&A Litigation” can be found here. Cornerstone Research’s February 25, 2015 press release about the report can be found here.

 

The research reported in the Cornerstone Research study is generally consistent with the updated research that Professors Cain and Davidoff released earlier this week, as discussed here.

 

According to the Cornerstone Research report, 93 percent of M&A transactions during 2014 valued at over $100 million were litigated. The report does note that plaintiffs challenged fewer deals valued below $1 billion. 96 percent of deals valued at $1 billion drew at least one lawsuit, but for deals valued under $1 billion, the percentage of deals attracting a lawsuit declined slightly to 89 percent in 2014 from 94 percent in 2013.

 

By contrast to recent years, the majority of deals (60%) attracted litigation in just one jurisdiction (perhaps, the report speculates, because of the adoption of forum selection bylaws). Just four percent of deals were challenged in more than two courts, the lowest level since 2007. The average number of lawsuits per deal declined from 5.2 in 2013 to 4.5 in 2014. Interestingly, there were still a number of transactions that attracted quite a number of lawsuits; the Fusion-io/San Disk deal attracted 22 lawsuits, and the International Game Technology/GTECH deal attracted 21.

 

Fewer suits were resolved prior to the deal closing in 2014. Only 59% of lawsuits were resolved before deal close, compared to 74 percent in 2013.

 

Of the 78 settlements reached in 2014, only six percent provided monetary consideration to shareholders. 80 percent of settlements involved only the provision of additional disclosure.

 

The D&O Diary Goes Down Under

Posted in Travel Posts

067aThe D&O Diary is on assignment in Australia this week. Here’s what you need to know about Sydney in late February – if you traverse the vast expanse of the Pacific Ocean, fly across the Equator and the International Date Line, and then finally arrive Down Under, when you get there, it is summer. Warm, sunny, beautiful summer. Given that the day before I left home the thermometer on the dashboard of my car read minus seventeen degrees Fahrenheit (or minus 27 Celsius as they would say in Australia, as if it would ever get that cold there), the trip to Australia came at a particularly welcome time.

 

Sydney, Australia’s largest city and financial center, is a modern, busy metropolis. It is also massive. Its population of 4.7 million is larger than that of either Los Angeles of Chicago. At the city’s center is its vast harbor, which Captain Arthur Phillip, who led the famous First Fleet to Australia in 1788, described as “without exception the finest harbor in the world.”

 

072a

 

The city’s central business district sits along the harbor’s south shore, as shown above. The beautiful, lush Royal Botanical Gardens sit adjacent to the central business district and lead down to the water’s edge and the famous, iconic Sydney Opera House, which is one of the world’s most distinctive, beautiful and photogenic buildings.

 

096a

 

091a

 

Just west of the Opera House, beyond the Circle Quay, now in the place where the First Fleet landed back in 1788, is the Sydney Harbor Bridge, which crosses the harbor to northern shore. It is possible to cross the bridge on foot. The bridge’s pedestrian footpath affords fabulous views of the city and of the harbor.

 

038b

 

095a

 

This was actually my second trip to Australia, after my first trip there nearly thirty years ago. Just as happened on my prior visit, I found this time that I kept getting lost. Because I have a fair amount of pride in my sense of direction, I found this quite vexing. On my prior visit, I finally figured out the source of my disorientation. It was the sun. It was all wrong. It turns out that in the Southern Hemisphere, the sun passes from east to west through the northern sky (rather than through the southern sky, as happens in the Northern Hemisphere). When facing west, the sun has a right left trajectory (unlike the left-right trajectory in the Northern Hemisphere). The sun’s position kept steering me in the exact opposite of my intended direction. Despite my prior acquaintance with this phenomenon, I still struggled to avoid getting lost. There is, however, no truth to the rumor that the water in Southern Hemisphere toilets circulate counter-clockwise because of the Coriolis effect.

 

056aOn the plane on the way over, I read The Fatal Shore, Robert Hughes’s excellent book about the European settlement of Australia. Among other things, Hughes describes how Francis Greenway, the so-called convict architect, working under the direction of the then-governor Laclan Macquarie, designed and directed the construction of the first durable civic architecture in Sydney. Several of the buildings he designed still stand along Macquarie Street, near Hyde Park. One of these buildings, the Hyde Park Barracks, pictured below, is noteworthy not merely because it is an important landmark from the city’s early days, but also because it has a simple, symmetric and utilitarian order that even today seems appropriate for the place.

 

Thanks to United Airlines, which if it is incompetent it is also at least consistent, I once again had an overseas trip cut short by a day because of mechanically-related flight delays. I also had the pleasure of spending the night last Saturday night sleeping on a bench in a concourse at LAX. So much for the “friendly skies.” As a result of the lost day, I didn’t have nearly as much time to visit Sydney as I would have liked, and as I had intended. (Basically, all of the pictures in this post were taken in the course of one very busy afternoon.)  I had just enough time to be reminded that Sydney is a great place full of friendly people. And best of all, in late February, it is full of warm, summer sunshine.

 

I would like to thank John Goulios and his colleagues at the DLA Piper law firm for inviting me to participate in their firm’s client event in Sydney. I was delighted to be introduced to so many industry colleagues at the event. (Please see my pictures of the event, below.) I was also delighted to learn how many of them — not just from Sydney, but also from Perth, Brisbane, Melbourne and Auckland – follow The D&O Diary.

 

More pictures of Sydney:

 

The lush Botanical Gardens are full of a fascinating array of flora and fauna. The trees and grounds are alive with bird life, including brightly colored lorikeets, white Cockatoos, and the Australian white ibis.

 

 

081a

 

008a

 

 

006a

 

I love maps and signs, because they convey so much about places you might visit. Even a simple road sign suggests so many possibilities. What are the places referred to like? The sign not only points the way, suggests that you might easily travel there. The world is full of such a vast array of places and possibilities.

 

057a

 

In this picture, I demonstrate how to prevent half of a room full of Australians from seeing a powerpoint slide.

 

009a

 

Here, I am joined by two of my new friends from Australia, Kathleen Warden of Berkley Insurance Australia in Sydney, and Andrew Quartermaine, of Arthur J. Gallagher in Sydney.

 

010a

 

In this picture, I am joined Sophie Devitt of DLA Piper’s Brisbane office.

 

016a

 

Here is a picture taken with John Goulios of DLA Piper’s Singapore Office.

 

014a

 

 

Guest Post: Despite SLUSA, Plaintiffs File IPO Lawsuits in State Court

Posted in Securities Litigation

PrintIn a recent post, I noted the curious phenomenon of plaintiffs filing IPO-related securities class lawsuits in state court. Plaintiffs have this option under the concurrent jurisdiction provisions of the ’33 Act, but I still wondered why a plaintiff would chose to proceed in state court. I also noted that there is a split in authority within the federal circuit on the question whether subsequent legislation (SLUSA and CAFA) preempts the ’33 Act’s concurrent jurisdiction provisions.

 

In the following guest post, Maeve O’Connor and Elliot Greenfield of the Debevoise & Plimpton law firm take a look at these issues surrounding the ’33 Act’s concurrent jurisdiction provisions and discuss the reasons why we have been seeing more state court securities class action lawsuits, particularly in California.

 

I would like to thank Maeve and Elliot for their willingness to publish their article on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you are interested in submitting a guest post. Here is Maeve and Elliot’s guest post.

 

*****************************************

 

As The D&O Diary recently noted, there has been an increase in securities class actions filed in state court in recent years, the majority of them in California. This increase results not only from a surge in IPO activity, but from widespread confusion and disagreement among federal district courts regarding whether, after SLUSA, state courts retain concurrent jurisdiction over class actions asserting claims under the Securities Act of 1933, and whether such actions filed in state court may be removed. To date, of 37 cases, district courts granted remand in 23 and denied remand in 14.[i] In California district courts, plaintiffs have successfully remanded in 11 cases and have been denied remand in only 3. Excluding those California decisions, the national numbers are even closer, with 12 courts granting remand and 11 denying remand.

This trend raises several questions, including (1) why plaintiffs prefer to file in state court, (2) why federal courts disagree on such a fundamental issue of securities law, and (3) why plaintiffs have enjoyed relatively more success avoiding removal in California.

Why Plaintiffs Prefer State Court:

Plaintiffs – and plaintiffs’ attorneys – have several reasons to prefer to file a securities class action in state court rather than federal court.

For one thing, filing in state court allows a plaintiff to avoid certain procedural protections provided by the PSLRA. In particular, the numerous requirements set forth in 15 U.S.C. § 77z-1(a) expressly apply only to actions brought “pursuant to the Federal Rules of Civil Procedure” – i.e., brought in federal court. This provision requires, among other things, that the plaintiff publish nationwide notice of the pending action, alerting members of the purported class that they can seek to be appointed lead plaintiff, and that the court thereafter appoint lead plaintiff based on the rebuttable presumption that the plaintiff with the largest alleged loss is the “most adequate plaintiff.” It also places important limitations on any award of damages to the named plaintiff and on the payment of attorneys’ fees and expenses.  

The PSLRA’s stay of discovery during the pendency of a motion to dismiss, set forth in 15 U.S.C. § 77z-1(b), applies to “any private action” arising under the Securities Act, which on its face includes an action filed in state court. Despite this language, a plaintiff could argue that the discovery stay does not apply in state court, and there are surprisingly few cases addressing this issue. See Milano v. Auhll, 1996 WL 33398997, at *3 (Cal. Super. Ct. Oct. 2, 1996) (discovery stay applies to state court actions).

By filing in state court, a plaintiff also can avoid consolidation with any pending or later-filed federal actions, even where those federal actions assert identical claims against identical defendants. Avoiding consolidation may have important consequences for how attorneys’ fees are allocated if the case leads to a settlement.

And, as with any case, a plaintiff may feel, correctly or not, that it has a certain “home court” advantage in its local state court. There also appears to be a widespread perception, accurate or not, that state courts generally are less likely to grant a motion to dismiss on the pleadings.  

Why Federal Courts Disagree on State Court Jurisdiction Over 1933 Act Class Actions:

Congress passed the PSLRA in 1995 to curb “perceived abuses of the class-action vehicle in litigation involving nationally traded securities.” Merrill Lynch, Pierce, Fenner & Smith, Inc. v. Dabit, 547 U.S. 71, 81 (2006). The PSLRA, however, “had an unintended consequence: It prompted at least some members of the plaintiffs’ bar to avoid the federal forum altogether.” Id. at 82. Plaintiffs were able to escape the PSLRA by filing in state court because, prior to SLUSA, the 1933 Act gave state courts concurrent jurisdiction and barred removal.

In passing SLUSA three years later, Congress stated that “the purpose of [SLUSA] is to prevent plaintiffs from seeking to evade the protections that Federal law provides against abusive litigation by filing suit in State, rather than in Federal, court.” H.R. Conf. Rep. No. 105-803, at 13 (1998). SLUSA “makes Federal court the exclusive venue for most securities class action lawsuits.” Id.

Congress sought to accomplish this goal in two ways:

First, SLUSA required that securities class actions be filed in federal court.   It amended the 1933 Act’s jurisdictional provision, divesting state courts of concurrent jurisdiction over class actions asserting 1933 Act claims. As a result, those actions are no longer subject to the 1933 Act’s removal bar, which is expressly limited to actions “brought in any State court of competent jurisdiction.” 15 U.S.C. § 77v(a).

Second, SLUSA required that securities class actions be filed under federal law. It precludes class actions asserting certain state law claims that mirror the elements of a 1933 Act claim, and provides that such actions may be removed to federal court, 15 U.S.C. § 77p(c) (“Section 77p(c)”).

After SLUSA, therefore, class actions asserting 1933 Act claims are removable under the general removal statute, 28 U.S.C. § 1441(a), and class actions asserting precluded state law claims are removable under Section 77p(c). Both parties and district courts have struggled to understand and apply this statutory scheme, mainly because they confuse these two separate bases for removal.

Most federal courts faced with motions to remand 1933 Act class actions have ignored SLUSA’s amendment to the jurisdictional provision and, instead, have considered only whether those actions were removable under Section 77p(c). That approach is erroneous because, as noted, Section 77p(c) governs only the removal of actions asserting precluded state claims and has no bearing on the removal of actions asserting federal claims. See Kircher v. Putnam Funds Trust, 547 U.S. 633, 643-44 (2006).

Those courts that do address SLUSA’s amendment to the jurisdictional provision have disagreed about its impact. SLUSA limited the 1933 Act’s broad grant of concurrent state court jurisdiction by inserting the phrase “except as provided in section 77p with respect to covered class actions.” 15 U.S.C. § 77v(a). The most straightforward reading of that amendment is that state courts no longer have jurisdiction over “covered class actions” asserting Securities Act claims. The reference to “section 77p” points readers to the lengthy definition of “covered class action” set forth in Section 77p(f). See Knox v. Agria Corp., 613 F. Supp. 2d 419, 423-24 (S.D.N.Y. 2009).

Some courts, however, have found that the reference to “section 77p” refers to Section 77p(c), which governs removal of actions asserting precludes state law claims. Because class actions asserting 1933 Act claims do not fall within that section, those courts conclude, state courts retain jurisdiction over such actions. The problem with that analysis is that it would render SLUSA’s jurisdictional amendment meaningless. A provision that deals exclusively with actions asserting state law claims, such as Section 77p(c), cannot limit jurisdiction over actions asserting 1933 Act claims. SLUSA’s jurisdictional amendment would be mere surplusage, as it would not carve out any category of actions asserting 1933 Act claims from concurrent state court jurisdiction.

That interpretation also directly contradicts SLUSA’s clearly stated purpose of ensuring that securities class actions are governed by the PSLRA. As one court put it: “[G]iven the intent of SLUSA, it just makes no sense to prohibit the removal of federal securities class actions to federal court. Such a prohibition would permit the sort of end run around the PSLRA that [SLUSA] attempted to stop.” Unschuld v. Tri-S Sec. Corp., 2007 WL 2729011, at *9 (N.D. Ga. Sept. 14, 2007)

Why Plaintiffs Have Enjoyed Greater Success in California Courts:

The absence of any Court of Appeals or Supreme Court authority addressing SLUSA’s effect on state court jurisdiction has allowed the disagreement among district courts to persist. There appears to be a common belief that orders granting remand of 1933 Act class actions may not be appealed. Only the Eleventh Circuit has so held, however, and other circuit courts might disagree. Williams v. AFC Enterprises Inc., 389 F.3d 1185, 1191 (11th Cir. 2004). Barring that, unifying appellate authority will come about only if a plaintiff appeals a denial of remand – which none have chosen to do as of yet.

Although the Courts of Appeals have not provided any binding authority, they have made statements on the issue in cases addressing related questions. These dicta have, to some degree, guided the decisions of district courts, resulting in jurisdictions that plaintiffs consider “friendly” and others that they avoid entirely.

The Second Circuit, for example, is the most popular venue for securities litigation, but plaintiffs do not appear to have filed a single 1933 Act class action in state court in New York since the Knox decision in 2009, which was adopted by another S.D.N.Y. court shortly thereafter. In re Fannie Mae 2008 Sec. Litig., 2009 WL 4067266, at *2 (S.D.N.Y. Nov. 24, 2009). The Knox court based its decision on its own analysis of the statutory scheme, but it also cited statements by the Second Circuit to the effect that SLUSA gave federal courts exclusive jurisdiction over securities class actions. Lander v. Hartford Life & Annuity Ins. Co., 251 F.3d 101, 108 (2d Cir. 2001); Spielman v. Merrill Lynch, Pierce, Fenner & Smith, Inc., 332 F.3d 116, 123 (2d Cir. 2003).

By contrast, nine of the twelve decisions on remand motions issued in the past five years have come from California federal courts, where plaintiffs have enjoyed considerable success in avoiding removal. The primary reason for this success is dicta from the Ninth Circuit’s decision in Luther v. Countrywide Home Loans Servicing LP, 533 F.3d 1031 (9th Cir. 2008). Since Luther, eight remand motions have been granted by California federal courts, and only one has been denied.

The defendants in Luther removed the case under the Class Action Fairness Act (“CAFA”). Both parties agreed that SLUSA did not allow the case to be removed because the securities at issue were not “covered securities,” i.e., securities traded on a national exchange. The question for the district court, and the Ninth Circuit on appeal, was whether the right to removal under CAFA trumped the bar to removal under the 1933 Act. The Ninth Circuit held that it did not. In coming to that conclusion, the court stated that the 1933 Act “strictly forbids the removal of cases brought in state court and asserting claims under the Act.” Id. at 1033. While it is true that the 1933 Act barred removal of the class action in Luther, the court’s statement is incorrect as to 1933 Act class actions involving “covered securities.” Nonetheless, virtually all of the California district courts granting remand since Luther have relied on that dicta.

Unless and until a federal appeals court squarely addresses SLUSA’s effect on state court jurisdiction and removal of 1933 Act class actions, one can expect current trends to continue. Plaintiffs will continue to file these actions primarily in California state courts, avoiding New York courts, and district courts will remain divided, as they have been for more than a decade.

About the Authors: Maeve O’Connor is a litigation partner at Debevoise & Plimpton LLP. Her practice focuses on complex civil litigation and regulatory inquiries. She has significant experience in defending securities litigation and in representing life insurance companies in a range of litigation and regulatory matters. Ms. O’Connor can be reached at (212) 909-6315 or at mloconnor@debevoise.com.   Elliot Greenfield is a litigation associate at Debevoise & Plimpton LLP whose practice focuses on complex civil litigation. He has significant experience defending companies and officers and directors in securities class actions, shareholder derivative lawsuits, and merger and acquisition litigation. Mr. Greenfield can be reached at (212) 909-6772 or at egreenfield@debevoise.com.

 

[i] In an additional case, City of Birmingham Ret. & Relief Sys. v. MetLife, Inc., No. 2:12-CV-02626 (N.D. Ala.), the order of a magistrate judge granting remand was stayed pending de novo review by the district court judge. The authors represent MetLife, Inc. and other defendants in that case.

Legal Malpractice Insurance: Policy Rescission for Application Misrepresentation Applies Even to Innocent Insured

Posted in D & O Insurance

illinois3Under the applicable Illinois statute, an insurer may seek to rescind a policy if it was procured by an application misrepresentation if the misrepresentation was “made with the actual intent to deceive or materially affects either the acceptance of the risk or the hazard assumed by the company.” But even if rescission is otherwise warranted, may the insurer rescind the policy even as to an “innocent insured” who was unaware of the application misrepresentation? That was the question raised before the Illinois Supreme Court in Illinois State Bar Association Mutual Insurance Company v. Law Offices of Tuzzolino and Terpinas. In a February 20, 2015 opinion (here), the Court rejected the ruling of the intermediate appellate court, which had applied the “innocent insured” doctrine to preserve coverage for a law firm partner who was unaware of the a misrepresentation in the law firm’s legal malpractice insurance renewal application, and held that the insurer was entitled to rescind the policy as to all insured persons, even the innocent insured. As discussed below, I have a problem with the circumstances this case presents.  

Background 

Sam Tuzzolino, a partner in the law firm of Tuzzolino and Terpinas, represented Anthony Coletta in a several lawsuits referred to as the Baja litigation. Coletta later alleged that his claim in one of the Baja lawsuits was undermined because Tuzzolino failed to timely identify an expert witness on valuation issues. Coletta also alleged that in a separate lawsuit Tuzzolino failed to file the complaint before the statute of limitations expired. When Coletta confronted Tuzzolino about these concerns, Tuzzolino allegedly offered $670,000 to settle any potential claim of legal malpractice. (Coletta never received the money.)

 

Less than three months later, Tuzzolino completed an application to renew the law firm’s malpractice insurance. Question 4 on the form asked “Has any member of the firm become aware of a past or present circumstance(s), act(s), error(s) or omission(s), which may give rise to claim that has not been reported?” Tuzzolino checked “no” and signed his name as “owner/partner,” beneath the following statement “I/We affirm that after an inquiry of all the members of the applicant firm that all the information contained herein is true and complete to the best of my/our knowledge and that it shall be the basis of the policy of insurance and deemed incorporated therein upon acceptance of this application by issuance of a policy.”

 

Terpinas contends he first became aware of Tuzzolino’s malfeasance shortly after the application was submitted, when the law firm received a lien letter from an attorney representing Coletta. Terpinas reported the claim to the malpractice insurer, which in turn filed a lawsuit seeking rescission of the policy based on the application misrepresentation.

 

The circuit court granted the insurer’s motion for summary judgment holding that the insurer was entitled to rescind the policy. However, the intermediate appellate court reversed the lower court, holding that because Terpinas was an “innocent insured,” the policy should not have been rescinded as to him, based on its conclusion that a common law “innocent insured doctrine” applied to misrepresentations made on the renewal application. The insurer appealed the intermediate appellate court’s ruling to the Illinois Supreme Court.

 

The February 20, 2015 Opinion

On February 20, 2015, in a majority opinion written by Justice Charles Freeman, the Illinois Supreme Court reversed the intermediate appellate court’s opinion and affirmed the judgment of the circuit court rescinding the policy in its entirety. Justice Thomas Kilbride dissented.

 

Terpinas argued that it would be “patently unfair” to apply the rescission to him, as he was unaware of the application misrepresentation. In making this argument, he relied on the common law innocent insured doctrine, which as recognized by Illinois courts allows an insured who is innocent of wrongdoing to recover despite the wrongdoing of other insureds.

 

The Court rejected the applicability to the innocent insured doctrine to the rescission question in this case. The Court said that coverage cases applying the doctrine “usually involve the enforcement of policy exclusions” adding that “the innocent insured doctrine makes sense in that context because the insured’s innocence is relevant to whether an intentional act invokes an exclusion to coverage. But the innocent insured doctrine appears irrelevant to rescission, a recognized remedy for even innocent misrepresentations.”

 

The Court said that “unlike in a rescission case, the innocence of an insured matters a great deal when another insured’s wrongdoing triggers a policy exclusion, and a dispute arises over whether the insured has a duty to defend the innocent insured under a policy that indisputably was in effect.” But the issues of insurance coverage governed by common law rules of policy language interpretation are “significantly different from the question of whether an insurance policy should be enforced in the first place.” The court added that 

 

In the case of a misrepresentation that materially affects the acceptance of the risk, the issue is the effect of that misrepresentation on the validity of the policy as a whole. A misrepresentation on the policy application goes to the validity of the policy as a whole. The innocent insured doctrine, on the other hand, has a narrower focus, typically dealing with situations where an insured’s wrongdoing triggers a policy exclusion, and the question is whether the insurer has a duty to defend the innocent insured under a policy that is still in effect.

 

The Court also rejected the argument of Terpinas that the clause the Court described as the “severability clause” requires a different result. The clause provides, among other things, that “The particulars and statements contained in the Application will be construed as a separate agreement with and binding on each Insured.” The court concluded that “even if the policy is treated as a separate contract with each insured, there is nothing to permit the application – or the misrepresentation it contains – to be split off from an individual contract it contained.”

 

In dissent, Justice Kilbride said he would have applied the innocent insured doctrine here, reasoning that the doctrine “operates to preserve insurance coverage if a reasonable person would not have understood that the wrongdoing of a coinsured would be imputed to him.” Justice Kilbridge said that, because the coverage had first incepted in 2005 and had been continuously in place through the time of the 2008 application that had the misrepresentation, Terpinas had a “reasonable expectation” that he was insured and that his policy would remain in effect.

 

Justice Kilbride added that “nothing in the policy explicitly stated each insured would face rescission of their professional liability insurance coverage due to a misrepresentation by another member of the firm.” If the insurer intended to impute the wrongdoing of Tuzzolino onto Terpinas, Kilbride reasoned, it should have expressly stated so in the terms of the policy.

 

Finally, Justice Kilbride said that he was “troubled by the scope of the consequences resulting from the majority’s holding on other law firms and especially midsize and large firms,” where an application misrepresentation could cause rescission as to each and every attorney.

 
Discussion 

There is a serious problem with what happened here, but it isn’t any of the concerns that Kilbride identified in his dissent, or at least the problem isn’t exactly the ones Kilbride identified – although the anxiety Kilbride expresses about the possibility that in a larger law firm, every attorney’s legal malpractice coverage could be a risk of rescission if the application contains even a negligent misrepresentation, is as Kilbride correctly says, troubling.

 

Before I get to the serious problem lurking here, I want to comment on Kilbride’s suggestion that if the insurer intended to impute the application misrepresentation of one partner in the law firm to another partner at the law firm, it should have said in the policy that it was going to do so.

 

Kilbride could review a universe of policies before he would find any policy with the type of imputation clause he proposes. Indeed, in recent times, quite the reverse type of clause has become common in many types of management and professional liability insurance policies. In these types of provisions, the policy states that in determining the effect of an application misrepresentation, coverage is precluded only for individuals with knowledge of the misrepresentation, and further that the knowledge of others will not be imputed to anyone else. So, rather than the type of imputation clause Kilbridge proposes many policies now have non-imputation clauses. (Many policies are also expressly non-rescindable, and a misrepresentation only precludes coverage, but it does not vitiate the contract of insurance). If this law firm’s policy had had this type of non-imputations provision, Terpinas might have been able to preserve his coverage under the policy.

 

Which brings me to what I see as the real problem here – the misrepresentation on which the insurer relied in seeking rescission was in a renewal application. In an application for the renewal of a claims- made insurance policy, the insurer should not be asking and the policyholder should not be answering a question about the existence of acts, circumstances, errors or omissions that could give rise to a claim. 

 

A claims made insurance policy covers claims made during the policy period based on acts that occurred at any time (usually subject to a past acts or retroactive date). It is appropriate for the insurer to ask the known circumstances question when the coverage first incepts, as the insurer should not be asked to cover known claims. But after the coverage is in place, when it comes up for renewal, it is no longer appropriate for the insurer to ask the known circumstances question. The renewal policy should provide coverage for claims made during the renewal policy period, even if the claims involve wrongful acts that occurred before the renewal policy incepted (and after the retroactive date). 

 

If the insurer is able to ask the known circumstances question in a renewal application and use that as a defense to coverage – or as here as the basis of a policy rescission — the claims made policy is converted into a sort of hybrid occurrence/claims made policy, where coverage is secure only when a claim made during the policy period involves only acts that occurred during the policy period. At a minimum, by asking the known circumstances question, the fundamental notion that coverage under a claims made policy should apply to claim made during the policy period regardless of when the acts underlying the claim occurred is defeated. 

 

In my humble opinion, the problem with this case is that the insurer should not have been asking the known circumstances question. If as should have been the case the question had not been asked, there would have been no misrepresentation on which the insurer could base its rescission case.

 

I do not mean to find fault with anyone who was involved in this policy renewal. The insurance marketplace in 2008 was different than it is today, and the marketplace for small law firms is in some ways its own sphere. I do not mean to judge former circumstances by today’s standards or by conditions applying elsewhere but perhaps not here. But even allowing for all of that, I find the inclusion of the knowledge question in a claims-made policy renewal application surprising, troubling, and arguably inconsistent with the very nature of claims made coverage.

 

In his dissent, Kilbride sensed this problem. He pointed out that the coverage had been in place for three years prior to the renewal in connection with which the application misrepresentation had been made. He didn’t get to the point that the known circumstances question should not have been asked in the first place, but he was on the right track with his suggestion that after the renewals the insureds had a reasonable expectation of coverage. Of course, even though the question shouldn’t have been asked, it was answered, and there was little that could be done about it by the time the case came before Justice Kilbridge and the other members of the Illinois Supreme Court.

 

Rescission has been a hot button issue in the management liability insurance industry for nearly fifteen years. Policy language and policy practices about insurance application and application misrepresentations have evolved significantly during that time. Many of the industry changes in recent years have made rescission much less likely than it once was. However, as this case demonstrates, rescission remains a very serious issue. For that reason, the importance of the relevant language and of the application process cannot be overlooked. 

For an earlier post in which I discussed the problem with asking the prior circumstances question in a renewal application, refer here

Break in the Action: I am on the road for the rest of this week so there will be a break in the publication schedule for The D&O Diary. Normal publication will resume next week.

 

Takeover Litigation Continued at Heightened Levels in 2014

Posted in Shareholders Derivative Litigation

gavelnewOne of the most distinctive corporate and securities litigation trend in recent years has been the surge in M&A-related litigation, with virtually every deal attracting at least one lawsuit. This trend continued again in 2014, according to a recently updated study from Matthew Cain, an economic fellow at the SEC, and University of California Berkeley law professor Steven Davidoff Solomon. As reflected their February 20, 2015 paper entitled “Takeover Litigation in 2014” (here), takeover litigation continued at a “steady state” and at an extremely high rate during 2014. Lawsuits were brought in 94.9% of takeovers in 2014 versus 39% in 2005. The 2014 figures are consistent with but slightly down from the filings in 97.3% of all takeovers in 2013.

 

The authors’ paper is the latest update on the research originally presented in their January 2012 paper entitled “A Great Game: The Dynamics of State Competition and Litigation” (here), which I reviewed here. Following the original article’s publication, the authors updated their research with additional litigation data regarding M&A transactions that took place in 2011 and they updated their research again with respect to the transactions that took place in 2012 and again in 2013.

 

The professors have limited their analysis to merger transactions over $100 million involving publicly traded target companies with an offering price of at least $5 per share. The 2014 update includes only transactions there were completed as of January 2015. The professors intend to update their 2014 data in six months to incorporate information relating to the in-process transactions.

 

Based on this transaction dataset, the authors identified 79 transactions during 2014 that met these criteria, 75 of which resulted in at least one merger objection lawsuit. The lawsuit filing in connection with 94.9% of transactions means that 2014 is the fourth year in a row over 90% of transactions experienced a lawsuit. The authors note that “The higher figure continues the increasing trend of takeover litigation which is now brought at a rate almost 2.5 times that of 2005.” The authors conclude that “In plain English, if a target announces a takeover it should assume that it and its directors will be sued.”

 

The mean number of cases per transaction during 2014 was 4.3, down slightly from the 4.8 suits filed per transaction in 2013 and down from the 2011 high of 5.0 lawsuits per transaction.

 

The authors noted that the incidence of multi-jurisdiction litigation declined during 2014 relative to recent years. In 2014, 33.8% of transactions with litigation involved litigation in multiple states. This compares to 52.7% of transactions with multi-state litigation in 2012 and 41.8% in 2013. The authors speculate that the sharp decline in multi-jurisdiction litigation the “decrease may be due to the effectiveness and increasing use of forum selection by-laws,” but they add that this topic remains to be explored further.

 

During 2014, 82.6 percent of settlements were “disclosure only” in 2014 compared to approximately 78.9 percent in 2013.

 

Attorneys’ fees remained consistent with the amounts awarded in prior years. The average attorneys’ fee award in 2014 was $865 thousand versus $918 thousand in 2013. The mean attorneys fees awarded in a disclosure only settlement during 2014 was $531,000 and the median was $550,000, compared to $489,000 mean and $450,000 median in 2013. The authors suggest that the increase in mean and median fees in non-disclosure cases is “may represent an increased focus by courts on value-producing cases, and attorneys’ responding by holding out for these types of settlements.” The authors note that there were several instances during the year in which Delaware judges refused to accept disclosure only settlements. The authors add a note of caution about the 2014 data; since the award of attorneys’ fees lags the settlement of a case, there are many cases that settled during 2014 for which the attorneys’ fee data is not available.

 

Delaware drew a lower share of merger objection litigation in 2014. The state attracted 26.7% of all litigation which could have been filed in Delaware, down from 47.7% in 2013.

 

Discussion

As I have noted in the past with respect to the authors’ research, the criteria the authors use for their analysis means that their statistical conclusions are most relevant to larger transactions involving publicly traded companies. In my experience even smaller transactions also frequently attract the unwanted attention of the plaintiffs’ lawyers. Just the same, because the authors’ research most particularly pertains to larger transactions involving publicly traded companies, the authors’ statistical conclusions must be used advisedly outside of that context.

 

Although as noted above these cases often are resolved with disclosure only settlements, there have also been a number of significant cash settlements as well. For example, just during the last few months there have been massive settlements of merger objection cases involved Activision Blizzard, which settled for $275 in the largest shareholder derivative lawsuit settlement over, and in the merger objection case involving Freeport McMoRan, which settled for $137.5 million. (For further detail about these settlements, refer here and here.) The growth in this kind of litigation first and foremost represents a frequency problem for D&O insurers. But as the incidence of large cash settlements in these kinds of cases increases, the upsurge of this type of litigation represents a severity problem as well. (These issues about the possible impacts on the D&O Insurance industry are discussed in greater detail here.)

 

The fact that lawsuits emerge in connection with virtually every merger transaction does raise certain questions about the meritoriosness of at least some of this litigation. These kinds of questions about much of this litigation were reinforced but the recent publicity surrounding the one law firm’s use of a repeat plaintiff in these cases.

 

Break in the Action: I am going to be on the road this upcoming week (week of February 23, 2015) and s there will be a break in The D&O Diary’s publication schedule. Regular publication will resume next week.

 

Thinking About Bondholder Securities Class Actions

Posted in Securities Litigation

stocks_bondsWhen the topic is securities class action litigation, what is usually considered are lawsuits brought under the federal securities laws by shareholders. By way of illustration, when considering the extent of a company’s potential exposure to a future securities class action lawsuit, the starting point is usually the company’s market capitalization (that is, the number of its publicly traded shares multiplied by its current share price).

 

However, holders of publicly traded debt also have rights to pursue liability claims under the federal securities laws for material misrepresentations and omissions. According to a recent academic study, bondholder securities suits are more significant than may be recognized, and they could become increasingly important in the future. The extent of this potential liability exposure to bond holders could require a recalibration of the securities litigation risks of companies that have publicly traded debt.

 

In a February 19, 2015 post entitled “Bondholders and Securities Class Actions” on the Harvard Law School Forum on Corporate Governance and Financial Regulation (here), UCLA Law Professor James Park summarizes his longer scholarly paper of the same title. Based on his analysis of securities class action lawsuit settlements, Professor Park concludes that “bondholders are playing a greater role in securities class actions than previously recognized” and that this role “is likely to grow.”

 

Park examined 1660 securities lawsuits filed from 1996 through 2005. Park found that it was difficult to determine just from the initial filings whether or not bondholders were part of the class. In addition, he determined that looking only at cases where bondholders explicitly are named as plaintiffs underestimates the number of bondholder plaintiffs because some classes are defined in a way that might include bondholder plaintiffs. Park concluded that the most accurate way of measuring bondholder involvement in securities class actions was to search for bondholder recoveries by reviewing notices of settlement. In this way, Park identified many more cases where bondholders recovered than cases where bondholders were named as plaintiffs.

 

Of the 1660 securities cases in Park’s database, 1152 settled for some amount. Of those 1152 settled cases, 64 involved a bondholder recovery, a substantially higher number than cases where bondholders were specifically named as plaintiffs. In addition, the settlements of the later filed cases reflected a higher level of bondholder participation in the settlements than did the settlements of the earlier filed cases. Park found that for cases filed during the 1996-2000 period, three percent of cases involved bondholder recoveries. However, for cases filed during the period 2001 to 2005, nearly eight percent of the settlements involved bondholder recoveries. (The number of cases with settlements in the two periods was slightly different but fairly close; there were 542 settlements of cases filed during the period 1996 to 2000 and 610 settlements of cases filed during the period 2001-2005.)

 

In addition, Park also found that settlements involving bondholder recoveries were frequent in the largest securities class action lawsuit settlements. Four of the five largest securities class action lawsuit settlements involve bondholder recoveries, as did seven of the top ten and nineteen of the top thirty settlements. (In a footnote, Park says only that “it is unclear whether there is any causal relationship between bondholder recoveries and the size of securities class action settlements.”)

 

Many of the bondholder class actions raise allegations of distinct harm to bondholders. For the largest settlements, bondholder recoveries are primarily driven by credit downgrades, where a rating agency concludes that the issuer is at greater risk of defaulting on its debt. Fifteen of the nineteen largest bondholder settlements (79%) involved a credit downgrade. Bondholder class actions also often arise out of bond sales where risks were not adequately disclosed to bond purchasers. Both situations can involve transfers of wealth from bondholders to shareholders – as, for example, where a troubled company attempts to keep itself afloat (protecting shareholders) through an debt offering, or where a company pursues a risky strategy (which if successful would reward shareholders, through a higher share price) financed by a debt offering.

 

Park concludes that the growing involvement of bondholders in securities class action actions is likely to continue. Park found that in 1996, the first year in his securities suit filings database, less than 10 % of suits filed sought a recovery for non-shareholder plaintiffs. Over the next decade, however, it became routine for a securities class action lawsuit to allege claims on behalf of all investors of the company’s publicly traded securities. By 2005, close to half of securities class action lawsuits brought claims on behalf of such a broader class.

 

Professor Park’s paper also makes a number of interesting observations about the corporate governance implications of the bondholder involvement in securities class actions. Among other things, he notes that bondholder class actions highlight how fraud harms non-shareholder constituencies. A bondholder class action provides a remedy for reckless decisions that might well have benefitted shareholder, arguably providing a deterrent to this type of conduct.

 

Finally, Park suggests that certain aspects of these bondholder lawsuits arguably militate in favor of treating bondholder class actions differently than shareholder class actions. Among other things, the fraud-on-the-market hypothesis might have to be modified for bondholder claims, since bondholders rely not on the market price and the integrity of the market (since bond trade much less frequently than shares); rather, bondholders rely on credit ratings. Park argues that to the extent a fraud substantially distorts a credit rating, courts ought to presume that bondholders uniformly relied on the credit rating. Park also contend that in cases where bondholders rely on theory of harm distinct from that of shareholders, bondholders ought to be represented in a distinct sub-class with its own separate and independent counsel.

 

Discussion

Park’s analysis is very interesting and provides a different perspective on the potential securities litigation exposure that companies with publicly trade debt may face. The reason the article’s perspective feels so different may be owing to the fact that there has been little prior research on the topic of the settlement of securities claims by bondholders. Indeed, Price himself states that his article is “the first to present extensive data on bondholder actions.”

 

At a minimum, it is clear that Park’s conclusions need to be taken into account when assessing the potential securities litigation exposure of companies that have publicly traded debt securities. For starters, Park’s analysis underscores the fact that companies whose only publicly traded securities are debt securities may face securities liability exposures to debt holders. In addition, Park’s analysis highlights the fact that when assessing the extent of the potential securities liability exposure for a company that has both publicly traded shares and publicly traded debt, the debt needs to be considered.

 

This latter point may have important implications when it comes to limits selection issues. (By “limits selection,” I mean the process of determining the appropriate D&O insurance limits of liability for any given publicly traded company.)

 

Typically, the starting point for thinking about limits selection is a company’s market capitalization – that is, the number of its shares that trade publicly multiplied by its share price. The company’s market cap is typically used as the starting point of the analysis because it is basis on which the potential settlement of a future class action lawsuit might be conjectured. Professor Park’s analysis suggests that market capitalization alone is not a sufficient starting point for thinking about the potential securities litigation exposure. His analysis suggests that the extent company’s publicly traded debt also needs to be taken into account.

 

This potential importance of taking publicly traded debt into account for purposes of limits selection is underscored by the fact that, as Park’s analysis shows, bondholder participation in class action settlements tends to be associated with the larger settlements. This suggests that in assessing worse and worst case scenarios – always an important part of limits selection analyses – the possibility and extent of bondholder participation in a possible future securities class action settlement needs to be taken into account. That is, in order to select limits likeliest to be able to respond to those worse and worst case scenarios, the possibility that bondholder claims as well as shareholder claims will have to be funded as part of a class action settlement will need to be taken into account.

 

Break in the Action: The D&O Diary is going to be out of the office on travel next week (the week of Feb. 23 to Feb. 27) and during that period the normal publication schedule will be disrupted. The normal publication schedule should resume in early March, when I will be back in the office.

 

 

 

One Plaintiff, Dozens of Merger Objection Lawsuits, Millions in Attorneys’ Fees, Zero for Shareholders

Posted in Shareholders Derivative Litigation

filings piileIt is now well-established that pretty much every M&A deal attracts at least one lawsuit from a shareholder objecting to the transaction. According to research by Notre Dame business professor Matthew Cain and Ohio State law professor Steven Davidoff, 97.3% of all takeovers in 2013 with a value of over $100 million experienced at least one shareholder lawsuit. The lawsuits usually are filed almost immediately after the transaction is announced. Whether or not all of the transactions actually warrant litigation is a topic worthy of a separate blog post, but the fact is that in each case at least one shareholder is prepared to allow his or her name to be put on the lawsuit — which in turns raises the question of how it comes about that the shareholders in whose name the lawsuits are filed become plaintiffs in these cases.

 

The role of the named plaintiffs in these cases is an interesting one, and anyone interested in the topic will want to review Reuters reporter Tom Hals’ February 18, 2015 Special Report entitled “TV Stock Picker Leads Onslaught of Class Action Suits” (here). In his article, Hals take a close look at the M&A litigation blitz that has been waged in the name of Hilary Kramer, an investment newsletter author who has published a number of financial books and articles and who appears on Fox Business News.

 

Kramer, Hals reports, is “the most litigious of all American individual investors who have sued to block buyout deals,” according to a Reuters analysis of court cases dating back to 2011.

 

According to Hals, Kramer has been the named plaintiff in over 40 merger objection lawsuits since 2011. At least six more were filed either by her husband or her hedge fund, Greentech Research. Their total of 46 lawsuits, which were filed in 17 states, is at least 50 percent greater than that of the individual who had filed the second-most lawsuits in the Reuters analysis. Most of the cases were filed within six days of the deal announcement and settled within two months of being filed. In all of the cases, Kramer, her husband and her firm were represented by the same law firm.

 

Kramer and her husband were appointed lead plaintiff or co-lead plaintiff at least 19 times. Fifteen of the 19 cases in which she or her husband were named as lead or co-lead plaintiff settled for the disclosure of more details about the deal negotiations, with no money going to shareholders. The four other cases were dismissed at the plaintiffs’ request.

 

While neither the shareholders nor the companies involved in Kramer’s lawsuits received any payment in the settlements of these cases, the law firm that filed all of the lawsuits earned at least $14 million in fees in the cases in which Kramer or her husband had the lead role.

 

As Hals puts it, “it is unclear exactly what Kramer gained from all this.” Hals found from searching court records only once instance where Kramer received a payment, a $2,000 fee award given by a California judge to compensate her for her time in one of the lawsuits she filed. Kramer told Hals that she was upset by the terms of the transactions that led to the lawsuits she filed. She also said that she wanted to show the subscribers to her newsletter that “I’m going to flex my muscles and show strength and lead for them.”

 

However, Hals was able to find only one reference to an investor lawsuit in her investor newsletter; in December 2011 she mentioned in connection with the sale of the Morton’s Restaurant Group that “an investor has sued” but that “these types of suits almost never have any impact.” Hals notes that Kramer did not mention in the newsletter that she was the investor who brought the suit.

 

Hals also recounts an instance where one day after “trumpeting” a buyout in her newsletter, Kramer filed a lawsuit against the company involved, alleged that the company had agreed to a sale price so low that it would cause shareholders “irreparable harm.”

 

There are a number of problems when a single investor becomes a serial plaintiff. The first is that it creates the impression that the law firm is making use of the plaintiff rather than the other way around. In his article, Hals recounts that in a 2013 hearing , then Delaware Chancellor Leo Strine refused to accept a settlement in a merger objection case that Kramer had filed. The lawsuit related to a merger transaction involving Transatlantic Holdings, a company in which Kramer held only two shares. Strine reportedly said, of Kramer’s small holdings in the company, “I think that makes plaintiff Kramer not typical of any kind of rational investor in the company,” adding that “I don’t have any confidence, unfortunately, that there is a real plaintiff behind this.” Kramer told Reuters that she was unaware of Strine’s ruling and that she was a valid investor advocating on behalf of other Transatlantic shareholders.

 

There have been more insidious relations between plaintiffs firms and repeat plaintiffs in the past. As Hals notes in his article, several partners of the Milberg Weiss law firm were indicted in 2006 based on allegations of improper kickbacks from the law firm to plaintiffs on whose behalf the firm had filed lawsuits.

 

Hals says that in an interview, Kramer said she did not receive any money from the plaintiff law firm that who filed the suits on her behalf.

 

Hals’s article quotes a lawyer from the law firm that represented Kramer in the merger objection lawsuits as saying that “Kramer is a sophisticated investor who has pursued shareholder advocacy through litigation,” adding that “A lot of well-know activists employ the same law firms to file lawsuits against multiple companies.”

 

However, while it may be as the lawyer asserts that activist shareholders employ the same law firm on multiple occasions, others have raised concerns before about the reappearance of the same investor as a shareholder lawsuit plaintiff. These concerns have arisen even when the serial plaintiffs is an institutional investor, and even when the source of the objection is another plaintiff law firm.

 

For example, in the 2012 battle between plaintiffs’ firm to try to represent that plaintiff class in the J.P Morgan Chase “London Whale” lawsuit, one of the competing plaintiffs’ firms objected to the other firm’s involvement in the case because (as discussed in an article in Forbes at the time), the other firm represented what the objecting firm called a “professional plaintiff,” the Louisiana Municipal Policy Employers’ Retirement System. The Forbes article’s author commented that the objection “has some merit,” noting that the fund is “either the unluckiest or most litigious investor in America,” given that it has filed 49 securities lawsuits over the preceding two years, sometimes at a rate of two or three a week. On the other hand, the article’s author notes, the plaintiff that the objecting firm represented had filed more than 40 suits since 2003.

 

Our system of civil litigation operates on the assumption that a lawsuit begins only when an aggrieved party feels that the appropriate redress for a perceived wrong is to invoke the judicial authority of our courts. This assumption includes the expectation that a person who is motivated enough to file a lawsuit will be committed to controlling the lawsuit and to directing his or her lawyer. The presence of a serial plaintiff not only raises the inevitable question of the independence and volition of the actor on whose behalf the lawsuit nominally is brought. It also tends to undermine the seriousness or arguably even the legitimacy of the supposed wrongs that are the alleged basis of the lawsuit. When a plaintiff alleges the same legal violation over and over again, it degrades the value of allegation and threatens to bring the entire system into disrepute. More to the point, the repetition of the same allegation by the same claimant raises the question of whether there is in fact a real dispute.

 

There are some procedural controls that are intended to try to manage this sort of thing, at least in securities class action lawsuits filed in federal court. The Private Securities Litigation Reform Act has a provision that limits a shareholder to acting as a lead plaintiff five times in a three-year period. The concerns about the institutional investor plaintiff in the London Whale case noted above does, as the Forbes article notes, make something of a “mockery” of the rule. In addition, this provision only applies to federal court securities suits. It doesn’t apply to state court merger objection lawsuits.

 

While there are no state law provisions of the type found in the PSLRA that might constrain a serial merger objection lawsuit plaintiff, companies have started to take steps to try to protect themselves from these kinds of suits. Concerns about the kind of litigation that Kramer filed are what has been motivating companies to adopt litigation reform through the revision of their bylaws. For example, concern about multi-forum merger objection litigation is one of the motivations for companies to adopt forum selection bylaws. In addition, other companies have adopted “fee shifting” bylaws that would require unsuccessful claimants in shareholder suits to pay their adversaries fees. Other proposed bylaw provisions include mandatory arbitration provisions (about which refer here) and even minimum stake to sue bylaws (refer here).

 

Shareholder advocates may decry these kinds of litigation reform bylaws as inconsistent with shareholders rights and as inimical to shareholders’ ability to supervise company management through litigation. However, the movement toward the adoption of litigation reform bylaws is an understandable response to a situation where every transaction attracts a lawsuit. The attempt by shareholder rights activists to try to resist these provisions and to try to uphold the rights of shareholders to pursue lawsuits against company managers are seriously undermined by the situation that Tom Hals describes in his interesting and well-written article.

 

 

Politics and SEC Enforcement

Posted in Securities Litigation

seclogoA number of factors might be supposed to affect the SEC’s exercise of its judgment in deciding which firms to investigate. Some possibilities that immediately come to mind are the nature and seriousness of the suspected problem; the way the problem came to the agency’s attention; and the availability of resources to investigate the problem. However, at least according to a recent academic study, some other, more unexpected factors might be at work as well. Among other things, the SEC’s determination of which companies to investigate may be the result of political pressure arising from the electoral process.

 

In his December 22, 2014 paper entitled “Government Preferences and SEC Enforcement” (here), Harvard Business School Professor Jonas Heese examines the question whether the SEC’s determinations of which firms to investigate reflect political pressure on the SEC from the White House and Congress in response to voters’ interests, and in particular voters’ interests in full employment.

 

Because prior electoral research shows that employment conditions significantly affect electoral outcomes, elected government officials have an incentive to foster employment to ensure political support. An SEC enforcement action can significantly affect a company’s financial health and thus its ability to continue to maintain its labor force, and so the SEC’s enforcement actions could significantly interfere with the goal of elected officials of promoting employment. Heese asked whether political pressure as a response to voters’ interests for employment is reflected in the SEC’s decisions of which firms to investigate.

 

Heese used “labor intensity” as a proxy to identify firms that contribute to employment conditions and examined whether the SEC reduces its enforcement actions for labor-intensive firms. In his paper, Heese uses the term “labor intensive” to mean large employers and smaller businesses that employee a large number of people in relative terms and contribute to future employment. In the paper’s appendix, Heese explains that labor intensity itself is measured as a ratio of a firm’s number of employees to its total average assets, as compared to the comparable ratio for firms within the same SIC Code category.

 

Heese reviewed a sample of firms from the period 1982 to 2012 that were sanctioned by the SEC for violating Generally Accepted Accounting Principles as reported in Accounting and Auditing Enforcement Releases (AAER) and all other firms that did not receive an AAER over that period. He found that labor-intensive firms were less likely to be subject to an AAER. This conclusion held even after controlling for a firm’s size, performance, accounting quality, political contributions, the government’s partisanship, union membership, and other factors. This conclusion, Heese says, is “consistent with my hypothesis that voter’s interests drive political pressure on the SEC.”

 

Heese then sought to determine if he could identify any variations in the apparent enforcement sensitivity to voters’ interests. What he found was that SEC enforcement behavior changed during presidential election years. Specifically, the lower likelihood of SEC enforcement actions against labor-intensive firms is more pronounced in presidential election years and is concentrated in “politically important states” – i.e., closely contested states with high Electoral College counts.

 

Moreover, Heese also found that the lower-likelihood of SEC enforcement for labor-intensive firms is more pronounced if the firm is headquartered in a district of a senior congressman who serves on a committee that oversees the SEC.

 

In order to determine the stage in the process at which the SEC adjusts its enforcement actions against labor-intensive firms in order to accommodate elected officials’ preference for employment, Heese also examined whether labor-intensive firms are less likely to receive a comment letter. He found that labor-intensive firms are less likely to receive a comment letter, “suggesting that the SEC allocates fewer resources to reviews of labor-intensive firms, which might lead to fewer enforcement actions against those firms.”

 

There is the possibility of course that labor-intensive firms were investigated less frequently because of higher quality accounting at those firms. Heese used several various accounting quality factors that other academics have developed to control for a firm’s accounting quality. After running several tests to investigate whether labor-intensive firms have a better accounting quality and therefore fewer SEC enforcement actions, Heese found consistent evidence across all of the various factors used that labor-intensive firms actually have a lower accounting quality than their less-labor intensive peers. This suggests that the lower level of enforcement activity against labor-intensive firms cannot be explained by these firms having a higher accounting quality.

 

Heese suggests there are a number of ways the political pressures might influence the SEC’s decisions on which firms to investigate. The SEC is of course dependent on Congress’s budget decisions, and the budget decisions can be used to reward or punish agency decisions. With the advice and consent of the Senate, the President appoints SEC commissioners and can thus impact which political views are represented in the SEC. The commissioners and other key SEC employees often have political careers and their careers often depend on political support from the incumbent government. Finally, congressman and members of the presidential administration can actively intervene with an SEC investigation. As a result, Heese says, the SEC is likely to act in accordance with the preference of elected officials to foster employment, and thus to exercise its judgment of which firms to investigate in a way that favors labor-intensive firms.

 

It is hardly a surprise that an agency that is run by political appointees might be subject to politics. However, the suggestion that the political process might regularly influence the determination of which firms the SEC might investigate is something of a surprise. It does seem that if the regulated firms are to respect the SEC’s investigative and enforcement processes, the SEC should work hard to maintain the appearance of impartiality and even-handedness.

 

I will say that this paper, likely many academic papers these days, is thick with the language of mathematics. Because of the technical nature of much of the paper, it is very difficult for me to assess many of the critical aspects of the author’s analysis. Essentially, I am able to read and understand only his conclusions. As for the validity of his techniques and analysis, I am simply unable to judge.

 

Special thanks to Joe O’Neil of the Peabody & Arnold law firm for sending me a copy of Professor Heese’s paper.

Guest Post: Cybersecurity and Privacy Diligence: Incident Response and Business Continuity Planning

Posted in Cyber Liability

weilThe disclosure of yet another massive cyber breach at yet another company has become a weekly occurrence. These recurring events have a number of implications, which include not only what companies need to do to try to prevent these kinds of events, but also how companies need to prepare in order to be able to respond if they are hit with a cyber breach. In the following guest post, Paul Ferrillo and Randi Singer of the Weil Gotshal & Manges law firm describe how company officials can evaluate their company’s cyber breach incident response and business continuity plans. A version of this article was previously published as a Weil client alert.

 

I would like to thank Paul and Randi for their willingness to publish their article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest blog post. Here is Paul and Randi’s article.

 

************************************************ 

 

“By the time you hear thunder, it’s too late to build the ark.” – Unknown

In November 2014 – just two weeks after Admiral Michael Rogers, director of the National Security Agency, testified to the House Intelligence Committee that certain nation-state actors had the capability of “infiltrating the networks of industrial-control systems, the electronic brains behind infrastructure like the electrical grid, nuclear power plants, air traffic control and subway systems”[i] – Sony Pictures announced it had experienced a major cyber-attack, one many sources believe was likely perpetrated by or on behalf of a nation-state. This destructive cyber-attack was a game-changer for corporate America because it became clear that hackers are not simply focused on credit card numbers or personal information. Indeed, the attack on Sony was designed to steal the Company’s intellectual property, disseminate personal emails of high-ranking executives, and destroy Sony servers and hard drives, rendering them useless.[ii]

What the events of 2014 proved to corporate America is that there are no fool-proof methods for detecting and preventing a devastating cyber-attack. As FBI Director James Comey eloquently put it, “There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.”[iii]

Thus, it is absolutely critical to understand what kind of data a company collects, how the company uses, stores, shares, processes, protects, and disposes of information, and how to develop and evaluate a plan to respond to attacks that target these data. Proper planning can mean the difference between a news story that begins, “Sony has just announced that Sony Pictures Entertainment co-chairman Amy Pascal is stepping down from her post,”[iv] and one that announces a major cyber-attack, but concludes, “Anthem said it doesn’t expect the incident to affect its 2015 financial outlook, ‘primarily as a result of normal contingency planning and preparation.’”[v]

Proper planning includes incident response and information management business continuity planning, which are mission-critical. They are (or should be) part of a Board’s enterprise risk management duties, and they are particularly vital for certain federally-regulated entities with an obligation to protect consumer and client information and to keep it private. We have written in-depth elsewhere about incident response plans and their elements.[vi] Here, we set forth a high-level summary designed to help evaluate a company’s incident response and business continuity plans.

Incident Response Planning – You Can’t Defend What You Can’t See

            Given that 97 percent of the IT systems of companies surveyed globally have been breached,[vii] the question of how to protect a network from a breach is effectively a moot point. The better question is, how do you respond in the event of a breach when it occurs despite your best prevention efforts?

Incident response planning is exactly what it sounds like – a plan to detect and respond to indicators or actual evidence found on a network server or alert system that a malicious intrusion may be occurring.

In general, there are many indicators or precursors of a potential cyber-attack. Though there are far too many to list, potential triggers for a robust incident detection and response plan include:

  • A network intrusion detection sensor alerts when a buffer overflow attempt occurs against a database server.
  • Antivirus software alerts when it detects that a host is infected with malware.
  • A system administrator sees a filename with unusual characters.
  • An application logs multiple failed login attempts from an unfamiliar remote system.
    • An email administrator sees a large number of bounced emails with suspicious content.
    • A network administrator notices an unusual deviation from typical network traffic flows.[viii]

This non-inclusive list, based on the National Institute of Standards and Technology Computer Security Incident Handling Guide, illustrates one of the most basic challenges of working with advanced incident intrusion detection systems: they often generate thousands, if not tens of thousands of alerts of potential intrusions into a company’s computer network every day. In fact, one recent report notes that potentially actionable (i.e., “we better take a look at this”) malware intrusions could number in the thousands per day.[ix]

Even in the largest companies, resources are not unlimited, particularly given the shortage of skilled IT professionals in the marketplace today, so each company’s incident response plan will necessarily reflect certain compromises. However, recent events offer some basic principles as to how companies can and should lay out their incident detection and response plans from a “process perspective”:

  • Incident responders need to understand the “normal” behavior of their network. Logs kept by intrusion detections systems provide detailed reports from firewalls, intrusion detection devices, and network traffic flow activity meters.
  • Incident response handlers need to fully understand what is “normal” behavior on any given day and time, so that they then can determine what is “not normal” based upon any one particular alert. Visibility is one of the key issues to emphasize because no security system in the world will mean much if you can’t tell the difference between alerts to which you should respond and alerts to which you must respond. Often, breaches happen because critical alerts are overlooked amid the noise of numerous other alerts of lesser importance.
  • Firewall, intrusion detection, and network activity logs need to be maintained and accessible, so efforts can be made to correlate potentially malicious current activity with network activity in the past. It may be necessary to keep these logs handy for months, since many attacks take that long to be “noticed” by an unsuspecting company.
  • Cyber events need to be correlated quickly. Many times, this function can either be outsourced to a third party vendor, or it can be performed mechanically with an appropriate hardware solution that can analyze all of the alerts in real time.[x]
  • After reviewing evidence supplied by each of the above steps, incident response teams need objective criteria to determine which intrusions need to be escalated to a higher level and/or investigated further.[xi]
  • Finally, when a breach and/or exfiltration of customer or protected data is confirmed, a plan should be in place to quickly minimize the damage to your network infrastructure, your brand, and your customers and employees.

As there is no silver bullet in a constantly-evolving environment where hackers are often several steps ahead of cybersecurity professionals (or at least adapt quickly to new security measures), a lawyer conducting due diligence on a company’s incident response plan should evaluate the approach and process of the plan. Malware leaves signs or indicators of “bad behavior” on logs. Network traffic monitors may show spikes at unusual times, or even better, at regular intervals. A robust plan will have a process in place to correlate all of the indicators as quickly as possible and then escalate those more “suspicious” events for further review. In many cases, automated processes that correlate aggregated log data using “big data” analytics may be of particular benefit given the time-sensitive nature of event-response: any particular piece of malware could have devastating consequences if it is not quickly captured and eradicated.[xii]

Business Continuity Planning

Information management business continuity planning requires implementing procedures to recover data and information from a backup source as quickly as possible in order to get systems back online.[xiii] Business continuity planning was once the province of preparations for hurricanes, fires, and earthquakes, but in the wake of the devastating attack on Sony Pictures – as well as the companion announcement of the wiper malware attack on the Las Vegas Sands[xiv] – it is incumbent upon a company (and its board) to plan for the consequences of a severe cyber-attack, which might involve the loss of data, the loss of servers, the loss of computer hard drives, and even the loss of VoIP-based phone systems. As many have noted, “The biggest risk a company faces in today’s uncertainty of cyber-attacks is not being prepared.”[xv]

Volumes can be (and have been) written about business continuity planning in general. Vendors abound in this area, many claiming to offer the “best” back-up and business continuity procedures. And of course, every company (whether it is U.S.-based or multi-national, or a financial institution, broker-dealer or “brick-and-mortar”) is different when it comes to determining the most important elements of a business continuity plan, including which systems are critical to the organization, and how and when to bring them online. But in examining a company’s continuity planning for a cyber-attack, at least the following issues should be addressed:[xvi]

  1. Does the company have a written Business Continuity Plan?
  2. Has the company done a Business Impact Analysis that identifies the company’s most critical systems and the maximum downtime that can be tolerated if they go down?
  3. What are the company’s systems back-up procedures? How often is the full system backed up? Are back-ups maintained on the network? Has an “air gap” architecture been built into the company’s back up-procedures so that a cyber-attacker cannot attack system back-ups because they are segregated and being held off of the network?[xvii]
  4. Where are the back-ups held and how are they stored (network storage, external hard drives, or even in the cloud)?
  5. How long will the back-up media be maintained? How quickly can the company get to the back-up data when it is needed?[xviii]
  6. Once the back-ups are accessible, what are the company’s exact procedures for (A) obtaining whatever hardware is needed for the system restoration, (B) the restoration of the company’s critical operating systems and applications, (C) restoring other data to their then-known back-up state, and (D) testing the restored system to make sure everything is working properly?
  7. Finally, as many telephone systems are internet-based, a telephone recovery strategy also needs to be in place.[xix]

Like an incident response plan, a business continuity plan needs to be tested, the personnel responsible for implementing it need to be trained, and it should be periodically rehearsed so that all involved (including third-party or outsourced vendors) know their roles in getting the organization’s information management system back on line.[xx] Ideally, a plan should be put to the test through a full-scale functional exercise that includes a “full cut-over” and recovery to back-up data.

*          *          *          *

In many cases, the company that you are diligencing may be your own. It is indisputable that enterprise risk management is part of a director’s fiduciary duty to the organization and its shareholders. And cybersecurity today is undoubtedly part of enterprise risk management, and thus within a board of director’s oversight role:

The control environment is the set of standards, processes, and structures that provide the basis for carrying out internal control across the organization. The board of directors and senior management establish the tone at the top regarding the importance of internal control and expected standards of conduct. Management and the board of directors have the authority and responsibility to set the top priorities of the company. If being secure, vigilant, and resilient is not defined as a priority and communicated within the organization, there is little hope that the organization will deploy sufficient resources to protect its information systems and to respond to cyber events appropriately.[xxi]

Though the drafting of incident response plans and business continuity plans can be complex, the last 13 months of cyber-attacks have taught us both types of plans should be in writing, in place, practiced, tested, and ready to implement at any time. Taking the time to plan may well determine the fate of a company following a cyber-attack.

 

[i] See “NSA Director Warns of ‘Dramatic’ Cyberattack in Next Decade,” available here.  

[ii] See “Devastating malware that hit Sony Pictures similar to other data wiping programs,” available here.

[iii] See “Cyber Attacks on U.S. Companies in 2014,” available here.

[iv] See “Amy Pascal out as Sony Pictures co-chair,” available here.

[v] See “Health Insurer Anthem Hit by Hackers: Breach Gets Away With Names, Social Security Numbers of Customers, Employees,” available here.

[vi] See “The Importance of A Battle-Tested Incident Response Plan,” available here.

[vii] See “FireEye suspects FIN4 hackers are Americans after insider info to game stock market,” available here.

[viii] See NIST Computer Security Incident Handling Guide, Special Publication 800-61 (Rev.2) (2012), available here.

[ix] See “Security Case Study: Responsys,” available here. The same study notes that one large network it studied was getting 100,000-150,000 cyber “events” per day.

[x] See e.g. “An Adaptive Approach To Cyber Threats For The Digital Age,” available here (discussing one such advanced solution).

[xi] Indeed, for regulated investment advisers and managers, the April 2014 SEC Office of Compliance and Examinations announcement listed most of these process steps as “required” answers that a regulated entity will have to give at its next annual examination. See “OCIE Cybersecurity Initiative,” available here.

[xii] See e.g. “Big Data Analytics for Security Intelligence,” available here (noting “Big Data tools have the potential to provide a significant advance in actionable security intelligence by reducing the time for correlating, consolidating, and contextualizing diverse security event information, and also for correlating long-term historical data for forensic purposes.”).

[xiii] Note that both incident response planning and business continuity planning are both questions that are required to be answered as part of the SEC Office of Compliance and FINRA Street sweep programs that are currently ongoing as respects cybersecurity.

[xiv] See “Now at the Sands Casino: An Iranian Hacker in Every Server,” available here.

[xv] See “Why Companies Need a Business Continuity Plan,” available here; “Hurricane, Fire… DDoS? Make Cyber Threats Part of Business Continuity Planning,” available here.

[xvi] We again note the concept of business continuity planning is “fair game” when dealing with regulators. See SEC OCIE Cyber Security Risk Alert, at pg. 2 (“Please provide a copy of the Firm’s written business continuity of operations plan that addresses mitigation of the effects of a cybersecurity incident and/or recovery from such an incident if one exists.”).

[xvii] See e.g. “Black Hat Keynoter: Beware of Air Gap Risks,” available here (noting the positives and potential negatives of an “air-gapped” based back up system).

[xviii] The NIST “Contingency Planning Guide for Federal Information Systems,” Publication 800-34 Rev. 1, available here, also suggests that certain organizations may also consider an off-site facility to not only keep their back up data, but keep hardware available so that they can resume business operations from the off-site facility. Such a site would obviously be more expensive, but for larger companies it would certainly be a feasible option to resume critical options as soon as possible.

[xix] Id.

[xx] See SEC OCIE Cyber Risk Alert, at pg. 3 (“[Does] the Firm periodically tests the functionality of its backup system. If so, please provide the month and year in which the backup system was most recently tested.”).

[xxi] See “COSO in the Cyber Age,” available here.