The D&O Diary

The D&O Diary

A PERIODIC JOURNAL CONTAINING ITEMS OF INTEREST FROM THE WORLD OF DIRECTORS & OFFICERS LIABILITY, WITH OCCASIONAL COMMENTARY

Liability Exposures of Audit Committee Chairs

Posted in Director and Officer Liability

secOne frequently asked question is whether members of a corporate board’s audit committee face heightened liability exposures. Two recent SEC enforcement actions seem to underscore that audit committee chairs do face liability exposures. Though both cases involve somewhat unusual circumstances, they seem to suggest that the “gatekeepers” on which SEC has said it will be concentrating increased enforcement focus may include audit committee members.

 

Hat tip to Daniel Goelzer at the Baker & McKensie firm for his April 2014 memo entitled “Audit Committee and Auditor Oversight Update” (here) that brought these cases to my attention.

 

The Ag Feed Case: On March 11, 2014, the SEC filed an enforcement action in the Middle District of Tennessee against Agfeed Industries and certain of its current and former directors and officers. including K. Ivan Gothner, who served as chair of the company’s audit committee, and Edward Pazdro, who served for a time as the company’s CFO.

 

The SEC’s complaint, which can be found here, alleges that from 2008 through June 30, 2011, AgFeed, an animal nutrition and hog production company, overstated its revenue by $239 million. The fraud allegedly was orchestrated by the company’s Chinese management. The complaint alleges that in May 2011, Gothner and Pazdro learned that the hog production division had maintained two sets of books in China – a real set and a fake set. In June 2011, Gothner and Pazdro received a report from Chinese counsel at AgFeed which concluded based on witness statements and documents that AgFeed had maintained the two sets of books for the purpose of inflating revenue and profits, that the company’s former CEO and CEO had directed the fraud, and that the former CFO had ordered the destruction of the second set of books.

 

The complaint alleges that between June 2011 and September 2011, a period during which the company was engaged in an effort to raise capital, Gothner and Pazdro “engaged in a scheme to avoid or to delay disclosure of the fraud,” including failing to disclose the fraud to auditors and to key company personnel. With respect to Gothner, the audit committee chair, the SEC further alleges that he misrepresented to counsel that a third-party expert had been hired to analyze the USB stick on which the two sets of books were maintained when no expert had been hired. Both Gothner and Pazdro are alleged to have failed to “conduct further meaningful inquiries into the fraud even as additional red flags arose.” The complaint further alleges that their failure to act on the fraud allowed the company to file a false and misleading Form 10-Q in August 2011.

 

L&L Energy: On March 27, 2014, the SEC filed an administrative cease and desist order against Shirley Kiang, the firmer audit committee chair of L&L Energy, a Seattle-headquartered coal company with all of its operations in China. The order alleges that the company misrepresented in public filings that a person was serving as the company’s Acting Chief Financial officer when in fact that person never did.

 

The order alleges that  in May 2009 while Kiang was audit committee chair, the purported Acting Chief Financial Office became aware that she had been falsely represented as the company’s Acting CFO, and that the purported Acting CFO asked Kiang to investigate. Kiang advised the company’s chairman of the information; the chairman told Kiang that the person had never actually served as the Acting CFO and that Kiang should not share this information with anyone, including the company’s Board of Directors or the public.

 

In August 2009, the company filed its 10-K for the 2009 fiscal year. The 10-K contained the required certifications that any fraud involving management had been disclosed to the company’s auditors and audit committee. The SEC cease and desist order alleges that when Kiang signed this certification, she knew or should have know it was false.

 

The SEC’s cease and desist order charges that by withholding the information that the purported Acting CFO had not served as the actual Acting CFO and allowing the false certifications to be filed, Kiang “caused” L&L Energy to violate the reporting requirements of the securities laws. Kiang agreed to settle with the SEC without admitting or denying allegations (because the cease and desist order was filed in an administrative proceeding, no judicial approval was required). Kiang consented to the entry of an order directing her to cease and desist from any future violations.

 

Discussion 

As the Baker McKenzie memo notes, enforcement actions against audit committee chairs are rare, and these two cases involving as they do somewhat unusual fact patterns “may seem of limited significance.” However, these two enforcement actions come at a time when the SEC has already announced its intention to pursue “gatekeepers” and to hold them accountable.

 

It is noteworthy in that regard  that a March 11, 2014 Reuters article discussing the action against the AgFeed audit committee chair quotes SEC Enforcement Director Andrew Ceresney as saying that “today’s enforcement action is a cautionary tale about what happens when an audit committee chair fails to perform his gatekeeper function in the face of massive red flags.”

 

As the law firm memo puts it, “these cases seem to illustrate how the Commission intends to apply its gatekeepers program to audit committee members.” The Reuters article linked above quotes a leading defense attorney as saying that the AgFeed enforcement action represents “a warning shot across the bow” for public company audit committees,” and that the case is a reminder that “audit committees must follow up on red flags and seek outside counsel for assistance.”

 

At a minimum the cases should affect the way that audit committee members – particularly audit committee chairs – think about the liability exposure associated with their activities in those roles. These individuals will not only want to understand their exposures but also will want to inquire about the indemnification and insurance available to protect and defend them in the event they are hit with an action based on their service in those roles.

 

Special thanks to a loyal reader for sending me a copy of the Baker & McKenzie law firm memo.

 

The Beautiful Game: For many years, my wife and I have joked that when the Wall Street Journal or the New York Times decide to try to do some trend-spotting, they peek inside our house and then write about what we are doing. So it was this morning, when my wife handed me the Thursday Styles section of today’s Times, said, “They’re following us around again,” and pointed to an article entitled “Their Game, Now Ours,” (here), which in the print edition has the subtitle “Soccer emerges as the sport of the thinking class in the U.S.”

 

Regular readers undoubtedly are aware that I am an energetic fan of European soccer (sorry, to avoid confusion, I can’t call it football in this context), particularly English Premier League soccer. Some may even recall the short item in my post this past Monday about Liverpool’s dramatic 3-2 win over Manchester City on Sunday – a game that the Times article in fact references in its very first sentence. Among other things, the article states that soccer is a topic you can no longer ignore, which is “particularly evident in New York creative circles, where the game’s aesthetic, Europhilic allure and fashionable otherness have made soccer the new baseball – the go-to sport for the thinking class.”

 

I commend the Times article to anyone interesting in thinking about whether there actually is a trend here.  For myself, I think the current enthusiasm for the sport has less to do with Europhilic sensibilities and more to do with the sheer pleasure of watching the matches. It is, as is often said, a beautiful game – in fact, the beautiful game.

 

If you have any doubts about the game’s beauty, I recommend you watch the video below of the welsh soccer star Gareth Bale of Real Madrid scoring what proved to be the winning goal in Wednesday’s championship match in the annual  Copa del Rey soccer tournament, between Real Madrid and perennial rival Barcelona. It is one thing to watch the replay aware that you are about to see something special; at the time Bale scored the goal, the moment was absolutely electric. You will note in the video that when Bale’s breakaway run ended with his spectacular goal, Barcelona players collapsed onto the pitch as if they were literally thunderstruck. Watch this video, and you will see what the excitement is about. (When  the video begins, hit Skip Ad, and don’t worry when the video freeses momentarily about 49 seconds in, it starts up again).

Guest Post: Social Media and D&O Liability Exposures

Posted in Director and Officer Liability

danbailieyEarlier this week I published a post on this site about the employment practices liability exposures that the social media may present for employers. After seeing my post, D&O maven Dan Bailey of the Bailey Cavalieri law firm send me a note pointing out that the social media also present D&O liability exposures for companies and their directors and officers as well. Dan sent me a brief article he had written on the topic as well. Dan agreed to publish his article as a guest post on this site, and I have reproduced it below. I would like to thank Dan for his willingness to publish his article on this site. Responsible commentators who would like to submit a guest post on a topic of interest to readers on this site should contact me directly. Here is Dan’s guest post:  

************

One cannot overstate the important impact that social media is having on all aspects of our social and professional lives.  Evidence is growing that this phenomenon may also impact D&O liability exposures if it is not properly addressed within corporations.  The primary issue from a D&O perspective is whether social media posts by a company or its directors and officers of information that may be considered material to investors can serve as a basis for a securities claim either because the information was selectively disclosed to a few rather than to the entire market, or because the information was false or misleading.

 

On April 2, 2013, the SEC issued a report that provides guidance on the application of Regulation FD to the use of social media by public companies and their directors and officers.  The SEC stated in the report that social media channels may be used by companies to communicate material non-public information, as long as the company previously took appropriate steps to alert investors and the market to both the types of social media channels that the company may use to distribute such information, and the type of information that the company intends to disclose through those channels.  This guidance applies with respect to disclosures through company websites, blogs and social media sites such as Facebook, Twitter and YouTube.  If a company has not properly informed its investors and the market regarding the company’s intended use of social media sites to communicate company news or if the information disseminated by a company or its directors and officers through those sites is not truthful and complete, significant securities law violations may occur.

 

Social media risks can arise under other laws, as well.  For example, on January 17, 2013, the Federal Financial Institutions Examination Council issued proposed guidance on risk management for financial institutions impacted by social media.  The guidance addresses the application of various laws, regulations and policies to the social media activities of banks, savings associations, credit unions and other nonbank entities supervised by the Consumer Financial Protection Bureau.  The guidance seeks to promote institutional awareness of responsibilities to identify, measure, monitor and control social media-related risks.  Those risks include not only legal risks, but also reputational and operational risks.  Among other things, the guidance states that all financial institutions should have risk management programs for social media, including internal controls; policies for the use, monitoring and retention of social media communications, with specific regard to compliance with consumer protection laws; employee training; oversight and monitoring of all information posted on the financial institution’s own social media accounts; and compliance procedures and director/management reporting parameters.

 

Most companies today utilize social media platforms to support their business strategies, but many are not adequately managing the liability exposures which may arise from such activities.  Some suggested loss prevention concepts in this area to protect both the company and its directors and officers include the following:

 

a.            Company Policies.  Companies should adopt internal policies regarding the appropriate use of social media by its directors, officers and other employees, should train all personnel with respect to those policies, and should monitor social media sites for compliance with those policies.  The informal nature of social media communications may tempt people to abandon their normal discipline regarding appropriate communications when participating in social media sites, thereby creating potential exposures not only for themselves, but also the company and its management.

 

b.            Authorized Corporate Representatives.  Social media communications which purport to be by or on behalf of the company should be made only by a few select authorized persons who are trained in the various issues which can arise through social media communications.  Any unauthorized communication purporting to be by or on behalf of the company should be disclaimed by the company.

 

c.             Securities Law Compliance.  All social media communications by or on behalf of the company or its directors and officers should be carefully vetted to assure compliance with securities laws.  For example, one should assess whether the information is material and non-public and, if so, whether the communication is being made through a channel of distribution previously disclosed to investors.  Also, like any corporate disclosure, the communication should be truthful, not misleading, and free of hyperbole or spin.

 

d.            Inform Investors.  If the company intends to disclose material information through social media channels, the company should clearly inform investors to that intended practice and the specific channels of communication that are likely to be used, as well as the types of information that may be disclosed.  Investors should be notified of this information through alternative sources—such as SEC filings, press releases, and the company’s website—in order to increase the likelihood that all investors will have access to the information, thus giving all investors the opportunity to monitor the social media communications.

 

e.            Regularity.  If possible, companies should create a pattern or some regularity to its use of specific social media channels so that investors have a better opportunity to monitor all of the information disclosed by the company through social media.

 

If directors and officers directly participate in social media communications which violate either the securities laws or other legal standards, claims by regulators, shareholders or other third parties may be asserted against the directors and officers.  Likewise, directors and officers who fail to properly identify and manage a company’s social media risks may also be the target of claims by shareholders or regulators.  As the burgeoning world of social media continues to expand rapidly, these risks to directors and officers are likewise expanding.

 

Cornerstone Releases 2013 Study of M&A Lawsuit Settlements

Posted in Director and Officer Liability

cornerOnly two percent of M&A lawsuit that settled in 2013 involved a monetary payment to shareholders, according to the latest report on M&A lawsuit settlements from Cornerstone Research. The report, entitled “Settlements in Shareholder Litigation Involving Mergers and Acquisitions: Review of 2013 M&A Litigation” (here), is the second part of a two-part series on M&A litigation. Cornerstone’s earlier report on 2013 M&A lawsuit filings trends can be found here. Cornerstone Research’s April 15, 2014 press release about its latest report can be found here.

 

According to the report, monetary settlements related to M&A lawsuit were rarer in 2013 compared to prior years; only two percent of M&A lawsuits settled in 2103 involved a monetary contribution, compared to over five percent in prior years. In addition, there were only two M&A lawsuit settlements in 2013 for over $5 million (CNX Gas, $42.7 million; BMC Software, $12.4 million), compared to three in 2012 and six in 2011.

 

Supplemental disclosures remained the only shareholder consideration in the majority of 2013 M&A lawsuit settlements. Nearly 92 percent of M&A lawsuit settlements reached in 2013 includes additional disclosures or additional disclosures plus other terms. As in prior years, over 90 percent of the settlements were reached before the deal closing.

 

Interestingly, the fees the plaintiffs’ counsel are requesting are as a general matter declining, both with respect to M&A settlements taken as a whole and with respect to disclosure only settlements. Average fees requested by plaintiffs’ counsel declined to $1.1 million in 2013, compared to $1.4 million in 2011 and 2012. Average fees requested in disclosure only settlements declined in 2013 to $500,000, compared to $513,000, down from $953,000 as recently as 2008.

 

Over the last four years, the plaintiffs’ attorney’s fees requested in the Delaware Court of Chancery are slightly lower than in other courts. Over the same period, the Delaware Chancery Court approved, on average 80 percent of the requested fees, compared to 90 percent in other courts. Delaware Chancery Court granted less than the requested fees in 35 percent of settlements, compared with only 18 percent for other courts.

 

A number of specific factors affect the size of the fee award. Plaintiff attorney fee awards were higher in settlements with monetary consideration and with reduced termination fees. Between 2007 and 2013 plaintiffs fee awards were 22 percent higher in settlements involving a monetary fund. Fee awards were also higher in  settlements with higher than average number of lawsuits and in cases where settlements took longer than average to reach.  The reports analysis shows that attorneys fees awarded increased on average by $147,000 for each additional lawsuit above the average of five lawsuits per deal. On average, the attorneys fee award increased by $1,100 per additional day between lawsuit filing and settlement above the average of 113 days.

 

The press release accompanying the report quotes Dr. Lassaad Adel Turki of Cornerstone as saying “We’ve seen a steady decline over the last seven years in aver plaintiff attorney fees in disclosure-only M&A litigation settlements. This decrease may reflect the courts’ apparent growing skepticism for settlements where shareholders do not stand to benefit monetarily.”

 

PwC 2013 Securities Litigation Report Asks Whether There Are Changes Ahead

Posted in Securities Litigation

pwc2In its recently released annual analysis of securities class action litigation, PricewaterhouseCoopers observes that while 2013 may not have been a particularly noteworthy year in the securities class action litigation arena, “significant events and announcements in 2013 have set the stage for potentially sweeping changes in the future.” The PwC report, which is entitled “Are Changes on the Horizon?: 2013 Securities Litigation Study” can be found here. PwC’s April 11, 2014 press release about the report can be found here.

 

In making its suggestion that there may be significant changes ahead, the PwC report is relying on a number of factors, including first and foremost the U.S. Supreme Court’s reconsideration of the “fraud on the market” theory in the Halliburton case currently pending before the Court. The report cites a number of other factors as well, most particularly be the SEC’s July 2013 creation of the Financial Reporting and Audit Task Force.

 

The SEC’s new Task Force is dedicated to identifying and prosecuting those involved in accounting and financial reporting.  The Task Force’s efforts will be substantially aided by the many whistleblower reports flooding into the agency, as well as the analytic tools at the Task Force’s disposal, such the agency’s Accounting Quality Model. The PwC report notes that “an SEC Task Force dedicated to financial fraud, this is equipped with modern tools and a potential army of whistleblowers waiting in the shadows to report misconduct, will inevitably lead to a greater number of financial fraud cases.”

 

As companies announce their involvement in SEC investigations or enforcement actions, “securities litigation will inevitably follow.” The PwC report suggests that while there may be a delay before the litigation impact, “it may only be a matter of time before the number of accounting related cases returns to previous highs.”

 

The PwC report also notes that during 2013, there was an increase in the number of companies completing initial public offerings compared to the immediately preceding years and that many of the IPO companies are completing their listings by taking advantage of the JOBS Act provisions for Emerging Growth Companies. The PwC report states that the companies taking advantage of the JOBS Act provisions “may be at a heightened risk of becoming the subject of litigation.” The reduced level of financial information that EGCs are required to provide “may increase the potential for allegations of omissions and/or inadequate disclosures regarding factors detrimental to the current financial position and future prospects.”

 

According to the PwC report, there were 160 securities class action lawsuits filed in 2013, up from 149 in 2012 but below the annual average number of filings (179) since the enactment of the Private Securities Litigation Reform Act. The report also notes that in 2013 there were the fewest numbers of accounting fraud cases during the 18 years that PwC has been completing its annual securities litigation survey. The low levels of accounting fraud allegations held both with respect to the absolute numbers of accounting fraud filings (46) and to the percentage of all cases filed (29%).

 

The report notes that with respect to the accounting cases that were filed, allegations of internal control deficiencies are cited more frequently than any other type of allegation. In 2013, 70% of all accounting-related cases alleged inadequate internal controls, or controls that were inappropriately designed, overridden or ineffective. The 70% figure for 2013 accounting-related cases is higher than the 6) of accounting cases in 2012, and represents the highest percentage of accounting cases citing internal control allegations in over ten years.

 

The report also notes that companies should be wary of any notion that they are “too small “to attract the attention of the plaintiffs’ lawyers. According to the PwC report, in 2012 and in 2013 respectively, 61% and 67% of all companies named in securities class action lawsuits had market capitalizations under $2 billion.

 

As was the case in 2012, the industry that attracted the highest percentage of securities class action lawsuit filings was the health industry, which was hit with 23% of all filings in both 2012 and 2013. The report notes a number of factors that cause the health industry to attract litigation. First, at least with respect to pharmaceutical companies and medical device companies, “both are heavily dependent on the successful launch of new drugs and products.” Because of marketplace pressure to keep investors apprised of product developments throughout the produce development life cycle, inevitably if problems later emerge investors may question the accuracy of prior statements about the products.

 

The health industry is also heavily regulated by multiple government agencies. As the report notes, “from research and development, to manufacturing, marketing, selling and billing, companies in the health industry are under intense government scrutiny – with securities litigation as a bi-product if allegations of non-compliance with regulations are made or investigations are initiated.”

 

Of non-U.S. companies named in securities class action lawsuits in 2013, the country with the most companies sued was Canada. The report notes that this may be due to the fact that in general companies in the mining sector – an important part of the Canadian economy—attracted significant litigation activity in 2013.

 

The PwC report notes that the number of securities class action settlements in 2013 (69) was roughly the same as the number in 2012 (70). However, the average securities class action settlement in 2013 of $49.6 million was 32% greater than the 2012 average and 21% greater than the five year average. The 2013 average was pulled upward by a number of significant settlements during the year of large cases relating to the financial crisis. The report cautions that these larger settlement figures “should not be viewed as the new ‘normal’ by the plaintiffs’ bar and by mediators” and notes that as the financial crisis cases filter out “total settlement value and average settlement amount will likely decrease in coming years, barring any new trend or industry practice that leads to increases in case filings and the resulting settlements.”

 

While the average securities class settlement in 2013 was higher than in 2012 and when compared to the average of the preceding five years, the median settlement was unchanged. The median settlement in 2013 was $9.1 million, the same as in 2012, and above 2011 ($8.9 million) but below 2010 ($10.8 million). 

D.C. Circuit Strikes Down SEC Conflicts Minerals Rules in Part, Upholds Other Provisions

Posted in Conflicts Minerals

dccircuitIn an April 14, 2014 Opinion (here), the D.C. Circuit struck down a portion of the SEC’s conflicts minerals rules as violative of the First Amendment, while at the same time upholding the other challenged portions of the Rules. A majority of the appellate panel found that the rules’ requirement that companies must disclose in their SEC filings and on their website that their product is not “conflict free” – by compelling “an issuer to confess blood on its hands” – violates the First Amendment’s free speech protections.

 

Background

As discussed here, Section 1502 of the Dodd Frank Act required the SEC to promulgate rules requiring companies to annually disclosure their of conflict minerals originating in the Democratic Republic of Congo (DRC) or an adjoining country. On August 22, 2012, the SEC adopted the conflict mineral disclosure rules. The SEC’s August 22, 2012 press release can be found here and the rules themselves can be found here.

 

The specific minerals at issue are tantalum, tin, tungsten and gold. The countries covered by the disclosure rules are, in addition to the DRC, Angola, Burundi, Central African Republic, the Republic of Congo, Rwanda, South Sudan, Tanzania, Uganda and Zambia. Companies are required to comply with the new disclosure rules for the calendar year beginning January 1, 2013, with the first disclosures due May 31, 2014 and subsequent disclosures due annually each year after that.

 

Several business organizations including the National Association of Manufacturers challenged the rules in Court, arguing that the way that the SEC adopted the rules violated the Administrative Procedures Act, the Exchange Act and the First Amendment. In July 2013, the district court granted summary judgment in the SEC”s favor, rejecting the various challenges to the rules. The business organizations appealed the district court ruling to the D.C. Circuit.

 

The April 14 Opinion 

On April 14, 2014, in an Opinion by Senior Judge A. Raymond Randolph for a three judge panel, the D.C. Circuit affirmed the district court’s ruling in part, but reversed the district court with respect to its ruling on the First Amendment challenge. Judge Sri Srinivasan wrote a separate opinion in which he concurred with the court’s opinion in all other respects but dissented from the majority on the First Amendment issue. Judge Srinivasan contended that the Court should have held the First Amendment portion of its opinion in abeyance while an en banc panel of the D.C. Circuit considered the same First Amendment issues in a separate case involving rules relating to the labeling requirements for meat products.  

 

All three judges on the panel agreed in rejecting the business groups’ challenges to the conflict minerals rules based on argument that the rules are “arbitrary and capricious” under the Administrative Procedure Act and the argument that the SEC had failed to establish that the benefits of the Rules outweighed the substantial costs they are likely to impose. Essentially the court upheld the rules’ requirements for companies to investigate whether their products include the minerals and file public reports on their investigations beginning in June.

 

However, with respect to the business groups’ contention that the rules’ requirement that issuers must in their SEC filings and on their websites list specific products as not “DRC conflict free” unconstitutionally compels speech in violation of the First Amendment, a majority of the appellate court upheld the business group’s arguments. The appellate court said:

 

The label “conflict free” is a metaphor that conveys the moral responsibility for the Congo war. It requires an issuer to tell consumers that its products are ethically tainted even if they only indirectly finance armed groups… By compelling an issuer to confess blood on its hands, the statute interferes with their exercise of the freedom of speech under the First Amendment.

 

The court held that the conflict minerals provisions of the Dodd Frank Act and the SEC’s rules violate the First Amendment “to the extent the statute and the rule require regulated entities to report to the Commission and to state on their website that any of their products have ‘not been found to be DRC conflict free.’” The appellate court remanded the case to the district court for “further proceedings consistent with this opinion.”

 

In a footnote, the majority opinion addressed the concurring opinion’s suggestion that the panel should have stayed the First Amendment portion of its ruling in order to allow the en banc consideration of the First Amendment issues in the meat labeling case. The majority opinion states that issuing the opinion rather than holding the First Amendment issue in abeyance, “issuing an opinion now provides an opportunity for the parties in this case to participate in the court’s en banc consideration of this important First Amendment question.”

 

Discussion

The SEC’s conflicts minerals rules have been highly controversial. As discussed here, the rules could prove difficult for many companies to put into effect and the implementation of the rules could create a host of problems for companies, including in particular even litigation risks. However, though a portion of the rules was struck down, the other portions were upheld. 

 

The SEC now has some decisions to make, and in particular it will have to decide whether or not it wants to seek en banc review of the appellate court’s First Amendment ruling.  By the same token, the business groups will have to consider whether they want to seek en banc review of the portions of the appellate court ruling upholding the rules. Either way, an en banc review of the case could create procedural complications. Among other things, there is the question of whether or not the en banc panel, the district court or the SEC itself will stay in the implementation of the rules during the en banc review.  

 

The SEC will also have to consider whether, on remand to the district court, it wants to go forward now with implementation of the portion of the rules that the appellate court upheld, without the disclosure requirements that were a key component of the transparency objectives of the Dodd Frank conflict minerals provisions.

 

In an April 14, 2014 Reuters article about the D.C. Circuit’s ruling (here), at least one legal commentator suggested that the ruling and the current state of play will put pressure on the SEC’s to grant companies more time to comply with the rules. In any event, it seems like there is more of this story to be told before the court challenge phase is complete.

 

It would seem that in light of the fact that the appellate court upheld the other portions of the rules and that for now at least the implementation of the rules has not been stayed that companies should prepare themselves to meet the rules’ requirements and deadlines in all respects other than the specific portion of the rules that the appellate court struck down.

 

I welcome comments from any readers who can shed any further light on where things stand with the implementation of the conflicts minerals rules now given the D.C. Circuit’s rulings and the current procedural posture of the case.

 

Employers and Social Media

Posted in Employment Practices Liability

socialmediaIn a very short time period, Internet-based social media have become a pervasive part of our lives and culture. Inevitably, employee use of social media has become a workplace issue. As a result, employers are concerned about employee social media use and employees are concerned about privacy and rights of individual expression. As social media use has become a workplace issue, it has also created a number of areas of potential liability exposures for employers, particularly as relates to hiring decisions and to other employment actions.

 

One source of potential liability arises from employers’ use of information and material gathered from social media sites about job applicants and employees. Many users of social media are accustomed to documenting their lives in online posts, as well as in pictures and videos. Some of this online information may reflect behavior or attitudes that prospective or existing employers find to be disqualifying. As a general matter, there is nothing unlawful about employers accessing publicly available information about job applicants or employees. But there at least a couple of ways employers could trigger potentiall liability from this kind of information gathering.

 

First, in reviewing social media sites, employers expose themselves to all kinds of information that cannot be legally considered in the hiring process or in employment actions, such as religion, race, gender, sexual orientation, and health status.  As noted in a recent post on the National Law Review entitled “Employers Using Social Media to Monitor Employees: Risks and Liability” (here), an employer’s use of information gathered from a social media site “may provide the basis for claims under employment discrimination statutes if the employer used such methods of off-resume information-seeking to seek out information about the employee that was legally protected in some way.” While it may be difficult for the applicant or employee to prove that the employer used the information as a basis for an adverse action, it is an area of concern.

 

Second, several states have passed laws that prohibit an employer from requesting or requiring that an applicant or employee disclose a user name, password or other means of access an online account or service. Just last week, Tennessee’s legislature enacted a bill with these kinds of protections, joining a number of other states including Maryland, Illinois, California, Michigan, Utah, New Mexico, Arkansas, Colorado, Wisconsin and Nevada. According to the National Council of State Legislatures (here), legislation on these issues has been enacted or is being considered in 28 states. Many of these state statutes also prohibit an employer from forcing an employee to log into their personal accounts in their employer’s presence, or forcing the employee to “friend” the employer or an employer’s representative. Many of the states protect employees and applicants from retaliation for refusing to allow employers access to social media sites.

 

Another troublesome area for employers as they attempt to grapple with these workplace issues are the efforts by some employers to adopt social media policies. Over the last several years, the National Labor Relations Board has issued a series of decisions and guidelines specifying that employer social media policies may not sweep so broadly that they prohibit activity protect by Section 7 of the National Labor Relations Act, such as the discussion of wages or working conditions among employees.

 

Just last week, the NLRB issued a statement that it had reached a settlement with Valero Services in a proceeding in which a labor union contended that the company’s social media policy interfered with employees’ rights to discuss their terms and conditions of employment  on social media sites. In the settlement, the company agreed that it will rescind its unlawful social media policy and notify employees that they will not be prohibited from using social media to discuss their terms and conditions of employment.

 

The settlement with Valero is the latest in a series of NLRB actions relating to employee use of social media, starting with the NLRB’s September 2012 ruling in a case involving Costco (which is discussed at length here). In that case, the NLRB struck down Costco’s social media policy based on a finding that the company’s social media policy “clearly encompasses concerted communications protesting [Costco’s] treatment of its employees.” Costco’s maintenance of the social media policy therefore “has a reasonable tendency to inhibit employees’ protected activity” and as such “violates” the National Labor Relations Act.”

 

In addition to these and other decisions, the NLRB has also released guidelines in three reports, describing acceptable and unacceptable employer social media policies. The first of these guidelines, released August 18, 2011, can be found here. The second report, dated January 25, 2012, can be found here. The third report, dated May 30, 2012, can be found here.  A “fact sheet” posted on the NLRB’s website describing the agency’s position with respect to social media can be found here.

 

Essentially, the NLRB’s position is that employers may not prohibit employee use of social media in a way that interferes with “the rights of employees to act together to address conditions at work, with or without a union.” The protection under the federal labor laws applies whether or not the employees are organized or trying to organize under a collective bargaining agreement. On the other hand, “an employee’s comments on social media are generally not protected if they are mere gripes not made in relation to group activity among employees.”

 

The NLRB’s position on social media has been the subject of criticism. For example a November 3, 2013 article on the Cornell HR Review website (here) notes that while the NLRB’s guidance provides a “baseline structure” for employers, it does not provide “an explicit test for determining what constitutes protected social media activity.” In addition, the NLRB’s approach, while protective of employees’ rights still allows for employers to monitor and even to base employment decisions on an employee’s social media activities. Moreover, while speech related to working conditions may be protected, it may be very difficult to tell when an individual is discussing workplace conditions or is just venting frustrations. By the same token, employers may feel that the NLRB’s decisions and guidance “fail to fully address concerns over disclosure of confidential or private information.”

 

In a July 29, 2013 Bloomberg BNA article entitled “Creating an Effective Workplace Social Media Policy” (here), Spencer Hamer of the Michelman & Robinson law firm suggests in light of these concerns that employers take a number of steps in crafting social media policies, including taking care to ensure that the policy does not prohibit protected activity, at the same time providing that personal complaints and offensive remarks are not protected. The Cornell HR Review article closes by noting that “employers should continue to remain cognizant of employee expectations of privacy and changing employment laws to ensure their policies are not overly broad unlawfully restrictive or intrusive.”

 

In addition to the careful construction of their social media policies, employers concerned about these issues may also want to consider their employment practices liability insurance policies. At a minimum, claims arising from job related actions that are alleged to represent harassment or discrimination are within the scope of protection afforded by the typical EPL insurance policy, and the fact that the alleged discrimination or harassment involved employer access to or information drawn from a social media site should not change that analysis.

 

An employer’s retaliation against an employee for refusing to provide social media password information, if in violation of one of the applicable state statutes, may present a different analysis, and the question of coverage will depend on the company’s EPL policy’s definition of Employment Practices Wrongful Act. To the extent employer retaliation in and of itself comes within the definition, the policy’s coverage may be broad enough to provide coverage for this type of claim. However, this issue may be the type of concern that needs to be specifically addressed in an amendment to the definition of Employment Practices Wrongful Act.

 

In thinking about the potential EPL insurance implications of the NLRB’s position that social media policies may violate the protections of the National Labor Relations Act, it is important to note that many EPL policies have National Labor Relations Act exclusions, precluding coverage for claims based upon alleged violations of the NLRA or similar federal, state and local statutes. However, many insurers are willing upon request to amend this exclusion to provide a carve-back specifying that the NLRA exclusion does not apply to claims for retaliation.

 

A retaliation carve-back to the EPL policy’s NLRA exclusion would not preserve coverage for all claims asserting that a company’s social media policy violates the NLRA. The retaliation claim coverage carve-back to the NLRA exclusion might preserve coverage for a claim by an employee that he or she was terminated in retaliation for engaging in activity that contravened a social media policy that violated the NLRA – or to put it more simply, in retaliation for engaging in activity protected by the NLRA. However, even among carriers who are willing to extend the carve-back to the NLRA exclusion, the carriers sometimes restrict the carve-back so that it does not extend to extend coverage to class or mass action claims.

 

The workplace issues surrounding employee social media use continue to evolve rapidly. Employers, employees, regulators and the courts will continue to struggle with these issues as we seem an equilibrium position that appropriately balances employer’s needs with employees’ expectations of privacy and free expression.

 

More About Antitrust Enforcement and Follow-On Civil Litigation: In a recent post, I noted the rising global levels of antitrust enforcement activity, and also noted that increasingly antitrust enforcement actions are accompanied by a follow-on private civil action as well. A recent lawsuit filing provides yet another example of this phenomenon.

 

On April 11, 2014, a Microsoft shareholder filed a derivative lawsuit in the Western District of Washington against certain directors and officers of the company, as well as against the company as nominal defendant, in connection with recent EU antitrust enforcement actions against the company. The complaint, which can be found here, alleges that the individual defendants breached their fiduciary duties by willfully violating a prior European Union antitrust settlement agreement and incurring a $731 million fine.

 

In, 2009, Microsoft had entered an antitrust settlement with EU regulators that required Microsoft to offer consumers a choice of web browsers within the Windows operating system. It was later alleged that the company had eliminated the choice option, which resulted in an action against the company to enforce the prior settlement agreement and ultimately in the entry of the massive $731 million fine. The plaintiff alleges that he had made a demand on Microsoft’s board to investigate the matter and initiate a lawsuit those responsible for the actions that led to the fine, but that the board refused.

 

As I noted in my recent post, the current regulatory enthusiasm for antitrust enforcement not only represents an important liability exposure for companies and their boards, this trend may also represent a significant exposure for their D&O insurers as well, even if only in the form of the follow on shareholder litigation. The recent derivative lawsuit filed against the Microsoft board is just the latest example of this phenomenon.

 

You’ll Never Walk Alone: A couple of weeks ago, on March 30, 2014, I was in London the day of the Premier League soccer game between Liverpool and Tottenham. The game took on unanticipated importance when the day before league-leading Chelsea lost unexpectedly to lowly Crystal Palace, meaning that if Liverpool won its game against Tottehamn it would take over the at the top of the league table. I watched the afternoon match between Liverpool and Tottenham at the Famous Three Kings pub on West Kensington, in London.

 

Because the pub is in London and because Tottenham is a London team, I had assumed that it would be a Tottenham crowd watching the game. As it turned out, the pub was packed with “Scousers” (that is to say, serious Liverpudlians). Even though I had arrived before the match began it was standing room only inside the pub. The crowd was decked out in red and white and chanting and singing as if they were at actually at the game at Anfield, Liverpool’s home field. It was great fun standing in the crowd and watching as Liverpool dominated the match. Liverpool eventually won, 4-0, sending the team into first place in the Premier League.

 

I have always enjoyed watching Premier League soccer but I have never really had one particular team that I have rooted for. I can’t say that my London pub experience with the Liverpool fans has made me a complete Liverpool fan, but I did come away with much stronger feelings for the team, which has a loyal fan base, a great history, and is having a great run at the top of the league table.

 

One of the great traditions for Liverpool fans is their singing of the song “You’ll Never Walk Alone” at the start of each game. The song’s title has become something of a motto for the team and its fans. The video below, which captures some of the team’s great fan loyalty and emotion, shows Liverpool’s fans singing the song before yesterday’s game against Manchester City at Anfield.

 

The video doesn’t show it, but after the song, there was a moment of silence for the 96 people that died in the Hillsborough disaster in April 1989. Perhaps as a result, the game between Liverpool and Manchester City was very emotional. It was also a great game. Liverpool scored early and led at the half, 2-0, but Manchester City came back to tie the game 2-2 before Phillipe Coutinho scored the game winner to seal the game – and possibly the league title — for Liverpool. It was a great game for a great team with great traditions.

 

So in honor of the team and its fans, here is a video of the crowd singing “You’ll Never Walk Alone” before yesterday’s game.

 

 

  

D&O Policy’s Professional Services Exclusion Does Not Preclude Law Firm’s Coverage for False Advertising Claim

Posted in D & O Insurance

rhode islandWell-advised professional services firms will carry both errors and omissions insurance and management liability insurance. A recurring problem under management liability insurance policies for all types of professional services firms relates to the very broad professional services exclusions often found in these polices. These exclusions preclude coverage for claims relating to the professional services firm’s delivery of professional services. Insurers sometimes attempt to apply a very broad preclusive effect to these exclusions, even with respect to claims for which the professional services firm rightfully expects coverage under its management liability policy.

 

In a recent case, a federal district court applying Rhode Island law ruled that the Legal Services Exclusion in a law firm’s D&O insurance policy did not preclude coverage for false advertising claims asserted against the law firm and two of its attorneys, and therefore that the insurer had a duty to defend the  underlying lawsuit. The case provides a good example of the kinds of problems that can emerge when carriers broadly apply the professional liability exclusion in a professional services firm’s management liability insurance policy. A copy of the district court’s February 3, 2014 opinion can be found here.

 

Hat tip to the Jones Lemon Graham law firm’s D&O Digest blog for the link to the district court’s decision. The blog’s April 7, 2014 discussion of the case can be found here.

 

Background  

Levine & Associates, a small law firm, advertises on the Internet and on television using the tag line “Call a Heavy Hitter® Today!”  Two clients of the law firm filed an action in Rhode Island Superior Court against the law firm and two of its attorneys. The third count of the claimants’ complaint alleges a class action for “Deceptive Trade Practices.” Specifically, the plaintiffs allege that the defendants “deceptively advertised in all media in Rhode Island” and that the defendants “gave the false impression to Plaintiffs and …to future clients that they have special expertise in personal injury cases and disability cases.”

 

The law firm submitted the lawsuit as a claim under its D&O Insurance policy. The D&O insurer denied coverage for the claim, citing the D&O policy’s Legal Services Exclusion, which precludes coverage for “Loss for any Claim based upon or arising out of any Wrongful Act related to the rendering of, or failure to render, professional services.” The law firm filed an action against the D&O insurer seeking a judicial declaration that the law firm defendants are entitled to defense and indemnification for the underlying lawsuit. The parties cross-moved for summary judgment.

 

The Court’s Opinion 

In a February 3, 2014 opinion, Rhode Island District Court Judge John J. McConnell, Jr. granted the law firm’s motion for summary judgment and ruled that the D&O insurer had a duty to defend the defendants in the underlying claim.

 

The D&O insurer had sought to rely on the Legal Services Exclusion’s broad “arising out of” preamble, arguing that courts have interpreted exclusions with this language very broadly. The insurer argued further that the allegations of false and deceptive advertising are “inextricably intertwined with the rendering of professional services” and that the allegedly deceptive advertising would not constitute a Wrongful Act within the meaning of the policy unless the law firm was hired by a claimant and then failed to deliver services as advertised. For its part, the law firm argued that the alleged deception related to advertising not to the delivery of legal services.

 

Judge McConnell looked at the dictionary definition of the term “render,” which means “to do; perform; to render a service” and “to do (a service) for another.” Based on this, he said that “the plain and ordinary language of the Legal Services Exclusion therefore eliminates from coverage only conduct that relates to Levine & Associates providing legal services.” He noted that the claimants’ claim “is about advertising not about the provision of legal services.” He added that “applying the Legal Practices Exclusion to this alleged deceptive advertising would ignore the meaning of the word ‘rendering’.”

 

Judge McConnell concluded by saying that “if the Court were to adopt the expansive reading” of the exclusion urged by the D&O insurer, “then any conduct by Levine & Associates would be excluded from coverage since Levine & Associates’ business is ‘related to the rendering of …professional services’.” He added that “if this were the case, the D&O Policy would be meaningless and provide no coverage. The Court will not construe the contract to create such an absurd result.”

 

Judge McConnell added in a footnote the following observation: “What seems clear from the plain language of the exclusion is that it was meant to exclude claims commonly referred to as malpractice claims, as opposed to claims arising from the business side of running a legal business. The policy in question here was a Directors and Officers policy, not a legal malpractice policy.”

 

Discussion 

When the law firm in this case advertised itself, it was engaging in ordinary business activity of the type any business organization might undertake. It was not “doing what lawyers do,” it was “doing what any business might do.” The law firm rightfully expected that its D&O Insurer should provide coverage for the advertising-related claim to the same extent as it would provide coverage for a similar claim against any small business. 

 

This case provides a perfect example of why I have long argued that the professional services exclusion within a D&O Insurance policy ought to have the narrower “for” wording rather that the broader “arising out of” wording – the danger is that with the broader wording the insurer could seek have the exclusion’s preclusive effect apply far beyond the relatively narrow delivery of professional services and apply it to anything a professional services firm does.

 

 

Unfortunately, as I have previously noted on this blog (refer here), the question of whether or not claims related to the activity of a professional services firm are precluded from coverage under the firm’s management liability insurance policy is a recurring issue.  The use of the “for” wording in the exclusion’s preamble would provide some assurance that the exclusion is not applied overly broadly, and that the exclusion would apply only (as it should only apply) to “malpractice” claims and not to the business side of a professional firm’s business. Regrettably, many carriers decline to give the narrower “for” wording, and so problems continue to arise when carriers seek to apply the exclusion broadly.

 

Judge McConnell was right when he said that if a D&O insurance policy’s professional services exclusion is applied broadly to apply to the business side of the professional firm’s business, it threatens to render the policy meaningless and to lead to an “absurd result.” If a carrier will not (as it should) agree to change the professional services exclusion preamble to the “for” word, then it is incumbent on the carrier to ensure that it does not rely on the breadth of the broader “arising out of” preamble wording to try to make the exclusion apply to the business side of a professional firm’s business.  

 

As the Jones Lemon Graham law firm’s blog post notes, the Court’s opinion discusses only the third count in the underlying complaint, it does not discuss the other counts. Nor, as the blog post notes, “is the firm’s commercial general liability advertising injury coverage addressed.” I would note that the opinion also does not discusses whether or not the law firm’s D&O policy has a so-called “antitrust” exclusion, which as sometimes worded will preclude coverage for allegations of unfair or deceptive trade practices.

 

I suspect some readers may have some strong responses to my comments in the blog post. Readers are strongly encouraged to add their comment to this post using the blog’s comment feature.

 

District Court Upholds FTC’s Authority to Bring Data Breach Enforcement Action

Posted in Cyber Liability

new jerseyIt is a dangerous world out there. Among many other things, companies and other organizations are increasingly vulnerable to data security attacks from would-be hackers. Indeed, an April 8, 2014 New York Times article entitled “Hackers Lurking in Vents and Soda Machines” (here) notes that “companies scrambling to seal up their systems from hackers and government snoops are having to look in the unlikeliest places for vulnerabilities.”

 

According to the article, in recent incidents hackers have gained access to sensitive data through all kinds of internal systems, including “heating, ventilations and air-conditioning ; billing; expense and human-resource management systems; graphics and data analytics functions; health insurance providers; and even vending machines.”

 

As if it were not enough that companies and other organizations have to contend with the possibilities that the hackers are coming at them from just about every conceivable direction, the companies must also face the possibility that if they are subject to a successful hack, they may have to face an enforcement action from governmental regulators over the breach and its consequences.

 

In an April 7, 2014 decision (here), in a test case of the agency’s authority, District of New Jersey Judge Esther Salas confirmed the authority of the Federal Trade Commission to pursue an enforcement action against Wyndham Worldwide Corp. and related entities alleging that the company and its affiliates had failed to make reasonable efforts to protect consumers’ private information.

 

Background 

The FTC alleges that between April 2008 and January 2010, intruders gained unauthorized access to Wyndham’s computer network on three occasions, on each occasion accessing sensitive personal information stored in Wyndham’s hotel property management system. The agency also alleges that after discovering the first two breaches, Wyndham “failed to take appropriate steps in a reasonable time frame to prevent the further compromise” of its network. The FTC alleges that the data breaches resulted in the compromise of more that 619,000 consumer payment card account numbers, many of which were subsequently exported to a domain registered in Russia, allegedly causing fraudulent charges and more than $10.6 million in fraud loss.

 

As discussed here, the FTC filed a complaint against Wyndham and its related entities alleging that the defendants’ alleged failure to maintain reasonable and appropriate data security for consumers’ sensitive personal information violated the prohibition in Section 5(a) of the Federal Trade Commission Act of “acts or practices in or affecting commerce” that are “unfair” or “deceptive.” The FTC’s lawsuit seeks to compel the company to improve its security measures and to remedy any harm its customers have suffered.

 

The defendants moved to dismiss, arguing that the FTC does not have the authority to bring an unfairness claim involving data security; that fair notice principles require the agency to promulgate regulations before brining this type of an unfairness claim; and that the FTC’s allegations are pleaded insufficiently to support either an unfairness or deception claim.

 

The April 7 Ruling  

In a detailed, 42-page opinion, Judge Salas denied the defendants’ motion to dismiss and rejected the hotel chain’s arguments that the FTC does not have the authority to regulate data-security practices or that the agency has to issue regulations before bringing a data breach enforcement action. She also held that the FTIC’s allegations were sufficient to state a claim for purposes of the motion to dismiss.

 

Before considering the question of whether the FTC had authority to bring the action, Judge Salas noted that “we live in a digital age that is rapidly evolving – and one in which maintaining privacy is, perhaps, an ongoing struggle.” This environment “raises a variety of thorny legal issues that Congress and the courts will continue to grapple with for the foreseeable future.”

 

In contending that the FTC did not have the authority to regulate data security and therefore to bring the enforcement action, Wyndham argued that various measures Congress has enacted give certain federal agencies the authority to establish minimum data-security standards in various sectors of the economy, in effect carving out a data-security exception to the FTC’s unfairness authority by its specific statutory specifications.. Judge Salas found that the data-security legislation “seems to complement – not preclude – the FTC’s authority” and that in any event the legislation actions “do not call for a data-security exception to the FTC’s unfairness authority.”

 

As for Wyndham’s argument that fair notice requires the FTC to issue rules and regulations before it can file an unfairness claim, Judge Salas noted that “Circuit Courts of Appeal have affirmed FTC unfairness actions in a variety of contexts without preexisting rules or regulations specifically address the conduct-at-issue.” Moreover, she said she could not accept “the untenable consequence of accepting” Wyndham’s argument, that the FTOC would have to cease bringing all unfairness actions without first prescribing particularized prohibitions – “a result that is in direct contradiction with the flexibility inherent in Section 5 of the FTC Act.”

 

Finally, with respect to Wyndham’s argument that the FTC’s complaint did not satisfy minimum pleading requirements because, among other things, it did not specify how the consumers had suffered the requisite “substantial injury.” Judge Salas concluded that the FTC’s complaint sufficiently pleads both an unfairness claim and deception claim under Section 5 of the FTC Act.

 

Judge Salas emphasized, with respect to her rulings, that “the Court does not render a decision on liability today,” and she further emphasized that her decision “does not give the FTC a blank check to sustain a lawsuit against every business that has been hacked.” Instead, she said, she her decision only “denies a motion to dismiss given the allegations in this complaint – which must be taken as true at this stage – in view of binding and persuasive precedent.”

 

Discussion 

Though Judge Salas took pains to emphasize that ruling was narrow and addressed only to the specific matter and issues before her, her decision does nevertheless have “broad ramifications for the liability of companies whose security systems are breached,” according to an April 7, 2014 Wall Street Journal article about the ruling in the Wyndham case (here).

 

According to the Journal, the FTC has brought dozens of data-security cases, but “the overwhelming majority of them have produced out-of-court settlements, meaning judges were never asked to weigh in on the agency’s powers.” The article quotes the FTC’s chair, Edith Ramirez, as saying that the ruling confirms the agency’s ability to “hold companies accountable for safeguarding consumer data.” It also quote her as saying “Companies should take reasonable steps to secure sensitive consumer information,” adding that “when they do not, it is not only appropriate but critical that the FTC take action on behalf of consumers.”

 

By now, most company officials are aware that a significant data breach can be disruptive and expensive for their companies and can be a public relations disaster. In addition to these problems, a significant data breach can also have litigation consequences as well. As I noted in a recent post, following Target’s recent high profile data breach, the company’s directors and officers were hit with a shareholders derivative suit. And as the FTC’s Wyndham case shows, companies experiencing significant data breaches at least potentially could face a civil enforcement action from the FTC, and perhaps other regulators as well. Not only does this case affirm the FTC’s authority to bring these types of actions, but the statement of the FTC chair make it clear that the agency intends to pursue more of these kinds of actions on behalf of consumers.

 

For publicly traded companies, these kinds of regulatory actions may present insurance challenges. The only defendants in this action were the corporate parent company and certain of its operating subsidiaries. In a public company D&O policy, the corporate entity is provided coverage only for securities claims. Because the FTC’s enforcement action did not allege violation of the securities laws, an FTC action of this kind would not trigger the entity coverage found in most D&O policies.

 

While private company D&O insurance policies provide broader entity coverage, private company policies also often contain so-called “antitrust” exclusions that broadly preclude coverage for claims involving allegations of unfair or deceptive trade practices. The exclusions in some carrier’s policies expressly preclude coverage for claims under the Federal Trade Commission Act. Some carriers will remove these exclusion upon request, but others will not, while yet others will only provide so-called antitrust coverage on a sublimited basis, or on a defense cost only basis.

 

Many carriers now offer separate cyber risk insurance policies that include third-party liability protection. The third-party liability protection available under these cyber risk policies usually include insurance protection for actions brought by regulators following a data breach, including even coverage for regulatory fines and penalties where insurable.  However, the third-party regulatory protection available under many cyber risk policies is often subject to a sublimit.

 

The threat of a significant cyber breach presents a significant risk for companies and Increasingly these risks include the possibility of litigation following a data breach — including the risk of litigation brought by shareholders or by regulators. These data breach litigation risks in turn may present potentially complex insurance coverage issues, which underscores the need for companies to consult with knowledgeable insurance advisors in connection with these developing litigation exposures.

 

 

Antitrust Enforcement and Corporate Risk Exposure

Posted in Director and Officer Liability

wikiglobeAs a result of heightened regulatory scrutiny and changing enforcement priorities around the world, “cartel enforcement is a hot topic in boardroom,” according to a March 29, 2014 Economist magazine article entitled “Just One More Fix” (here). According to the article, antitrust enforcement authorities are getting “better at detecting cartels and bolder in punishing them.” This developing global regulatory trend has important implications for companies, their boards, and for their D&O insurers.

 

According to the article, “fines and penalties” for conduct violating antitrust laws “have shot up in recent years greatly raising the costs of collusion.” In recent years, enforcement authorities have busted international conspiracies “in fields as diverse as seat belts, seafood, air freight, computer monitors, lifts and even candle wax.” 

 

Although in this as in many other regulatory arenas U.S. regulators have lead the way, the article mentions significant current or recent enforcement actions in countries as diverse as Brazil, Japan, German, Ireland, India, and Britain, as well as actions by the European Commission. In these and many other jurisdictions, “policing and penalties have grown harsher.” For example, in the U.S. the maximum corporate fine has increased tenfold, while the European Commission can fine companies up to 10% of turnover..

 

Perhaps most significantly, the various countries’ competition authorities are sharing information and acting in tandem. As a result, “in the biggest cases, offenders can be hit with suits in a dozen countries.” More difficultly for the defendant companies, “jurisdictions often co-ordinate their actions but they do not have to take account of each other’s fines, and do not always agree.”

 

In addition to the actions of regulatory authorities, “price-fixers have to worry about the growth of civil litigation, which almost always follows action by competition authorities.” According to the article, “private suits in America generated awards and settlements of $33 billion – four times the level of official fines – between 1990 and 2008.” Although class action lawsuits are most frequently filed in American courts, the article notes that “class actions are less common but [are] on the rise in Europe, with Britain, German and the Netherlands leading the way.”

 

One reason for the increased regulatory attention to cartel busting is that price-fixing companies have huge incentives to self-report. Over 50 countries have now adopted regulatory programs providing that a company that self-reports will receive substantial leniency credits in connection with sentencing and fines, while at the same time, a company that hangs back and is not forthcoming may face more punitive fines and penalties.

 

Perhaps the most interesting point in the article I that notwithstanding all of this regulatory and enforcement activity, cartels continue to form, basically because, as an academic study cited in the article put it, “crime pays.” The study showed that cartels typically can raise prices 20%, which at the same time the chances of getting caught remain relatively low.

 

In other words, we have a set of business behaviors for which there are strong economic incentives, meaning that companies will continue to be drawn toward this type of conduct notwithstanding the increasing regulatory focus. As a result, there would seem to be a strong likelihood that we will continue to see significant regulatory attention to this area.

 

Accordingly, while there may be economic incentives that continue to draw companies toward anticompetitive behavior, this area represents a significant liability exposure for companies and their boards. The exposure consists not only of potential civil liability to regulators or even to consumers or other civil claimants; in many jurisdictions, the tools available to competition enforcement authorities include the ability to bring criminal actions as well. As the article notes, “America leads in putting price-fixers behind bars,” adding that the average jail term has rise, from eight months in the 1990s to more than two years now. Criminal penalties can be imposed in Ireland and Britain as well.

 

For all of these reasons, it is hardly surprising that cartel enforcement is, as the article says, a hot topic for corporate boards. It may also be of increasing concern to their D&O insurers as well, although antitrust and competition claims may represent something of an awkward fit for many D&O insurance policies.

 

In many antitrust enforcement actions and in many civil antitrust lawsuits, the main target or one of the main targets is going to be the company itself. However, public company D&O policies typically provide insurance coverage for securities claims only. Because an antitrust enforcement action or follow on civil action typically will not include an alleged violation of the securities laws, the typical public company D&O insurance policy will not provide coverage for the antitrust enforcement actions or even the follow on civil actions (except as noted below).

 

The coverage for the corporate entity afforded in private company D&O insurance policies is broader; it typically is not limited to securities claims only. However, many private company policies include an antitrust exclusion in their base policy forms. (As discussed here, the preclusive effect of the typical private company D&O insurance policy antitrust exclusion is usually much broader than just antitrust claims but also includes many other kinds of unfair and deceptive trade practices claims as well.). Some – but not all – carriers will agree to remove this exclusion upon request, while others will provide defense cost only protection for antitrust claims, or otherwise restrict the coverage available for antitrust claims through sublimits or coinsurance provisions. In other words, even under private company D&O insurance policies, the extent of coverage available for antitrust claims against the corporate entity often may be limited at best, and in other cases nonexistent.

 

It is a different story with respect to antitrust claims against individuals. Subject only to the preclusive effect of any antitrust exclusions and any other potentially applicable exclusions, the typical D&O insurance policy would provide coverage for individual defendants in antitrust enforcement actions or follow on civil actions.

 

As noted above, the article states that consumer civil actions often follow in the wake of the regulatory enforcement action. In addition, there is another type of civil action that may also follow after the regulatory action. Shareholder suits may also follow after the regulatory action.

 

For example, as discussed here, in April 2013, shareholders initiated a securities class action lawsuit in the U.S. against Sweden-base auto parts firm Autoliv and certain of its directors and officers, relating to the company’s announcements in early 2011 that the DoJ and the European Commission were investigating units of the company for anti-competitive practices and antitrust violations. The investigation resulted in the company’s June 2012 agreement to plead guilty to price-fixing for certain auto parts.

 

Similarly, as discussed here, Russia-based Mechel OAO and certain of its directors and officers were hit with a securities class action lawsuit in the U.S. after Russian authorities found guilty of breaking competition laws; discriminating against Russian consumers; and maintaining a monopoly in the coal market.

 

Other examples of cases where securities class action lawsuit followed in the wake of antitrust enforcement activity include the  securities suit filed against Reddy Ice Holding and certain of its directors and officers (about which refer here), as well as the securities suit filed against Horizon Lines and certain of its directors and officers (refer here). More recently, the Libor-scandal related securities suit filed in the U.S. against Barclays and certain of its former executives followed after the company had reached a regulatory settlement with regulators in the U.S and the U.S. of an enforcement action that included alleged violations of the antitrust laws.

 

While the typical antitrust enforcement action would not trigger the entity coverage under a public company D&O policy because it does not involve an alleged violation of the securities laws, these securities lawsuits following on in the wake of antitrust enforcement actions which do involve alleged violations of the securities laws typically would trigger the entity coverage in the public company D&O policy.

 

In other words, because of the type and scale of litigation activity that can follow in the wake of antitrust enforcement activity, the current regulatory enthusiasm for cartel busting not only represents an important liability exposure for companies and their boards, this trend may also represent a significant exposure for their D&O insurers as well, even if only in the form of the follow on securities litigation.

 

More generally, these antitrust enforcement trends and related civil litigation represent just one specific example of a larger phenomenon that I have noted frequently in recent months, which is increasing levels of regulatory enforcement action in general as well as of the rise in related civil litigation following in the wake of the enforcement actions ( about which refer here).

First Circuit: D&O Insurer Must Advance Failed Bank Directors and Officers’ Defense Expenses

Posted in D & O Insurance

prIn an interesting March 31, 2014 opinion (here), the Unites States Court of Appeals for the First Circuit, applying Puerto Rico law, affirmed a district court’s ruling that the D&O insurer for the failed Westernbank of Mayaguez, Puerto Rico must advance the bank’s former directors’ and officers’ expenses incurred in defending the FDIC’s suit against them in its capacity as the failed bank’s receiver. Though the case ultimately involves an interpretation of Puerto Rican statutory principles dictating when an insurer must advance defense expenses, it also includes an interesting angle on the recurring issue of whether or not an action against a failed bank’s directors and officer by the FDIC in its capacity as receiver for the bank is precluded from coverage under the “Insured vs. Insured” exclusion found in most D&O insurance policies.

 

Background

 

Regulators closed Westernbank on April 30, 2010, which according to the FDIC cost the insurance fund $4.25 billion. In October 2011, certain of the former Westernbank directors and officers sued the bank’s primary D&O insurer in state court in Puerto Rico, seeking a judicial declaration that the insurer must defend that against claims the FDIC had asserted against them  (about which refer here). The FDIC as receiver for Westernbank moved to intervene in the state court action, and on December 30, 2011, removed the state court action to the District of Puerto Rico. On January 20, 2012, the FDIC filed its amended complaint in intervention, in which it named as defendants certain additional directors and officers, and, in reliance on Puerto Rico’s direct action statute, the various D&O insurers in the bank’s D&O insurance program. A copy of the FDIC’s amended complaint can be found here.

 

In its complaint, the FDIC, as Westernbank’s receiver, seeks recovery of over $176 million in damages from the former bank’s directors and officers as well as their conjugal partners, based on twenty-one alleged grossly negligent commercial real estate, construction and asset-based loans approved and administered from January 28, 2004 through November 19, 2009. In its complaint in intervention in the directors and officers coverage action against the bank’s D&O insurers, the FDIC seeks a judicial declaration that its claims against the directors and officers are covered under the policies. All of the defendants moved to dismiss the respective claims against them.

 

As discussed here, on October 12, 2012, Judge Gustavo Gelpi, denied all of the motions to dismiss. A copy of the court’s October 23, 2012 decision can be found here. Among other things, Judge Gelpi ruled that the insured vs. insured exclusion did not preclude coverage for the FDIC’s liability action against the former directors and officers, in part because at least in this case the FDIC not only sought to enforce the rights of the failed bank to which it succeeded as the failed bank’s receiver, but also because the FDIC also sought to enforce the rights of “depositors, account holders, and a depleted insurance fund.”

 

In addition, and of the greatest significance for purposes of the appeal,  Judge Gelpi ruled that the D&O insurer must advance the individuals defendants defense expenses, noting that Puerto Rican statutory law requires liability insurers to advance defense expenses “if there is even a remote possibility that a claim ultimately will be covered.” He also noted that his advancement ruling “is without prejudice” to the insurer’s “eventually being entitled to repayment.”

 

The insurer sought to appeal the advancement ruling to the First Circuit.

 

The March 31 Opinion

 

In a March 31, 2014 opinion written by Judge Ojetta Rogeriee Thompson, a unanimous three-judge panel of the First Circuit affirmed the lower court’s ruling that the D&O insurer must advance the individual directors’ and officers’ defense expenses.  The appellate court emphasized that the Puerto Rican statute requiring advancement if there is even a “remote possibility” of coverage, and that any doubts about an insurer’s advancement obligation “must be resolved in the insured’s favor.”

 

The insurer had sought to argue that there was not even a remote possibility of coverage, because the FDIC’s action against the individuals depended on the rights to which it succeeded as receiver for the failed bank. Because the FDIC as receiver stepped into the shoes of the failed bank, the insurer argued,  its action is just as precluded under the insured vs. insured exclusion as the action would have been had it been brought by the bank itself. In arguing that there was at least a remote possibility of coverage, the individuals and the FDIC cited to various cases that have held that the insured vs. insured exclusion does not preclude coverage for a D&O lawsuit brought in its capacity as receiver for a failed bank.

 

The appellate court noted specifically that, while the insurer argued that the FDIC was proceeding only its capacity as receiver, the FDIC for its part alleged more than that it had succeeded to the rights of the failed bank. It also alleges under FIRREA that it has succeeded to the rights of Westernbank’s depositors and account holders, and also that it was suing to recover “money the insurance fund had shelled out” after the bank failed. The Court said that “we think that these allegations make it likely possible – even if only remotely so – that the FDIC is suing on these non-insureds’ behalf. “

 

Noting that the parties’ arguments make this “a classic battle of dueling caselaw” with “no controlling authority” and with an obligation to resolve any doubts in the insured’s favor, the D&O insurer’s “suggestion that there is zero likelihood of a remote possibility of coverage falls flat.” The court ruled that the district court’s advancement ruling should stand, while emphasizing that “having lost the likelihood-of-success skirmish,” the D&O insurer “may still ‘win’ the coverage war at a succeeding trial on the merits.”

 

Discussion

 

It bears emphasizing that the First Circuit’s ruling does not represent an appellate affirmation of the district court’s coverage ruling on the insured vs. insured exclusion, but rather represents only an appellate ruling on the question of whether or not the lower court correctly applied the Puerto Rican statute requiring liability insurer’s to advance defense costs when coverage is disputed.

 

Nevertheless, the appellate court’s determination of the advancement issue does provide some interesting perspective on the ultimate merits of the disputed coverage issue. First, the appellate court did note (in footnote 2) that the D&O insurance policy at issue, by contrast to other policies that the same insurer has issued, does not contain a so-called “regulatory exclusion” expressly excluding coverage for claims brought by regulatory authorities.

 

Second, the appellate court considered it relevant and significant that in asserting its claims, the FDIC expressly sought to assert rights beyond those to which it succeeded as receiver of the failed bank, asserting in addition its rights under FIRREA to assert the claims of depositors and account holders, as well as on behalf of the deposit insurance fund.  These are the claims with respect to which the district court had concluded that the FDIC was also proceeding in a non-insured capacity and therefore that its claims were not precluded from coverage by the insured vs. insured exclusion.

 

Because the appellate court’s ruling involved the merits only of the advancement issue and did not involve an appellate consideration of the merits of the coverage dispute under the insured vs. insured exclusion, it will have no preclusive effect even in the First Circuit of the continuing dispute as to whether or not the FDIC’s assertion of claims in its capacity as receiver of a failed bank against the bank’s former directors and officers are precluded under the insured vs. insured exclusion.

 

Accordingly, this ongoing coverage dispute, which has also arisen in numerous other coverage actions associate with failed bank D&O lawsuits, will continue. The carriers, for their part, will try to rely on the rulings, such as the Northern District of Georgia Judge Richard W. Story’s August 2013 opinion (discussed here) that the insured vs. insured exclusion does preclude coverage for an FDIC lawsuit against a failed bank’s directors and officers, while the directors and officers will try to rely on rulings such as Northern District of Georgia Judge Robert Vining’s January 2013 ruling, discussed here, that the insured vs. insured exclusion doesn’t preclude coverage.  

 

I do note the following with respect to the question of the relevance to the coverage determination of the question as to whether or not the FDIC is proceeding against the directors and officers in a capacity other than as the receiver for the failed bank. The insurers will likely contend that even if the FDIC is acting on behalf of other constituencies in bringing the suit, it is first and foremost bringing the suit in its capacity as receiver for the failed bank, as that is the basis upon which it has any right to bring the claims in the first place. The insurers will further argue that the sole basis on which the FDIC has any right to assert the claims is because, by operation of the receivership, it is acting “in the right of” the failed bank, and therefore the preclusive language of the exclusion applies, notwithstanding the fact that the FDIC may have other purposes and motivations in bringing the action. The policy’s exclusion does not require, in order for the exclusion to apply, that the action be brought “solely” or “only” “in the right of” the Organization. The insurers will argue that because the action was brought “in the right of” the Organization, the exclusion applies notwithstanding the fact that in bringing the claim the FDIC was also action on behalf of other constituencies.

 

One final aspect of the First Circuit’s opinion here is worthy of comment. In her opinion for the court, Judge Thompson adopted a rather light-hearted tone, using phrases such as saying that the directors and officers “find themselves in the cross-hairs” or in its intervention the FDIC was “jumping in with gusto” or that “without missing a beat” the directors and officers sought coverage under the D&O policy. There is much more of the same in the opinion. Some may find this approach to judicial writing amusing; I do not. I am not sure what Judge Thompson sought to achieve by this approach, but personally I find this jaunty tone to be grating. I don’t think she intended to communicate that the parties’ dispute was unimportant, but I know for sure I were a party to this dispute I would have found her “isn’t this all so very amusing” tone to be extremely annoying.

 

Very special thanks to Evan Shapiro of the Boundas Skarzynski Walsh & Black law firm for sending me a copy of the First Circuit’s opinion.

 

Joe Monteleone’s take on the First Circuit’s opinion in an April 3, 2014 post on his D&O E&O Monitor blog can be found here.