Every year after Labor Day, I take a step back and review the most important current trends and developments in the world of Directors’ and Officers’ liability and D&O insurance. This year’s review is set out below. Once again, there are a multitude of things worth watching in the world of D&O.
Will the Heightened Pace of Securities Class Action Lawsuit Filings Continue?
The recent heightened pace of securities class action lawsuit filings remains a significant concern. 2017 was a record-setting year for securities class action lawsuit filings, when there were a total of 412 federal court securities suit filings during the year. The torrid pace of securities suit filings continued in 2018, with a total of 403 federal court securities suit filings.
The amplified pace of securities class action litigation filing activity continued into the first half of 2019, when there were 199 federal court securities class action lawsuit filings. The 199 securities suit filings during the year’s first half projects to a year-end total of 398 securities suits, which, while slightly below the 2017 and 2018 year-end totals, would significantly exceed the 1997-2017 annual average number of securities class action lawsuits of 203.
As has been the case for the past several years, the total number of securities suit filings in the year’s first sixth months was significantly increased by the number of federal court class action merger objection lawsuit filings, in which violations of the federal securities laws were alleged. Of the 199 federal court securities class action lawsuits filed in the first six months of 2019, 73 (about 37%) were merger objection lawsuits.
Though a significant number of the first half filings are attributable to merger objection lawsuits, the number of traditional securities class action lawsuit filings during the year’s first half was also well above historical levels. 126 of the 199 securities suits in the year’s first half were traditional lawsuits. The 126 traditional securities class action lawsuits filed in the first half of 2019 implies a year-end total of 252 traditional lawsuits, which is by historical standards an extraordinary number of securities lawsuit filings. 252 traditional lawsuits would be higher than the annual total number of securities suit filings in any year during the period 2003 and 2015. In other words, even if the merger objection lawsuits are disregarded, there are still an extraordinary number of federal court securities class action lawsuits being filed.
While it is interesting to look at the absolute number of securities lawsuits filed, the more interesting way to assess securities litigation activity is to consider the rate of litigation – that is, the number of securities lawsuits filed relative to the number of publicly traded companies. The litigation rate has increased significantly in recent years as the number of lawsuit filings has increased while the number of publicly traded companies has decreased (due to mergers, bankruptcies, etc.). According to Cornerstone Research’s mid-year 2019 review of securities class action filing activity, the annualized litigation rate during the first six months of 2019 was 8.4%, which would match the historically high litigation rates seen in 2017 and 2018.
Even if the merger objection lawsuits are disregarded, the projected 2019 litigation rate is well above historical norms. The full-year projected 2019 total of traditional lawsuits (calculated after backing out the actual and projected lawsuits against non-listed defendants) of 232 implies a litigation rate of traditional securities lawsuit filings of 5.2%, which is about 80% above the 1996-2017 litigation rate for traditional securities suits of 2.9%.
In other words, the chance of a U.S.-listed company getting hit with a securities lawsuit is as high as it has ever been.
All of the foregoing discussion relates only to securities class action lawsuits filed in federal court. State court securities class action lawsuit filings must also be taken into account. In March 2018, the U.S. Supreme Court held in the Cyan case that state courts retain concurrent jurisdiction for liability actions filed under The Securities Act of 1933. As a result, since Cyan, plaintiffs’ lawyers have been filing a number of securities class action lawsuits in state court, as discussed further below. These state court suits sometimes also have parallel federal court lawsuits, but sometimes the defendant companies are sued in state court only. When the standalone state court securities lawsuits are taken into account, the overall current pace of securities litigation activity and the rate of litigation are even greater than when federal court lawsuits alone are considered.
Now that we are in our third year of heightened levels of securities litigation filing activity, it is apparent that the increased pace of securities suit filings represents the new normal. The increased risk of a securities class action lawsuit is a problem both for all U.S.-listed companies and for their insurers, and the increased securities litigation activity during the last three years is one of the significant factors contributing to the current increases in pricing for D&O insurance.
What Next for Federal Court Merger Objection Lawsuits?
As noted above, merger objection lawsuits have been a significant factor in the increased number of securities class action lawsuit filings in recent years. But while the merger objection lawsuit filings unquestionably were a significant factor in the overall number of federal court securities suit filings in the first half of 2019, both the number of merger objection lawsuit filings and the percentage of all federal court securities suit filings that the merger objection lawsuits represent have been declining.
In 2017, 198 of the 412 federal court securities suit filings were merger objection lawsuits, representing 48% of all securities suit filings during the year. In 2018, of the 403 total federal court securities suit filings, 182, or 45%, were merger objection suits. Of the 398 projected year-end 2019 securities suit filings, the projected number of year-end merger objection suit filings is 154, representing about 38% of the projected total. In other words, both the number of merger objection suit filings has decreased and the percentage of the total number of securities suit filings that the merger objection lawsuits represent has decreased.
To be sure, the plaintiffs’ lawyers are continuing to file federal court merger objection lawsuits in significant numbers. But the measurable decrease in the number of merger suit filings is also significant. Many factors may be contributing to this decrease; one possible factor is the hostility that some federal court judges have shown to these kinds of lawsuits. For example, Seventh Circuit Judge Richard Posner famously described these kinds of lawsuits, which frequently end in disclosure-only settlements in which the plaintiff recovers no cash for the class but agrees to dismiss the suit in exchange for an agreement to add additional proxy statement disclosures and to pay the plaintiffs’ attorney’s fees, as “no better than a racket.”
More recently, the merger objection lawsuit game has changed. As the disclosure-only settlement approach has faced some judicial disfavor, the plaintiffs’ lawyers are trying a different tack. The plaintiffs’ lawyers are still filing merger objection lawsuits in connection with a majority of merger transactions, but instead of aiming for disclosure-only settlements, the plaintiffs’ lawyers increasingly agree to dismiss their suit in exchange for the defendant’s agreement to add additional disclosures and to pay the plaintiff’s counsel a so-called mootness fee. As discussed in a recent academic paper, prior to 2016, very few cases involved the payment of a mootness fee; in 2018, not only were 100% of all merger objection cases involving completed deals dismissed, but 63% involved the payment to the plaintiffs’ counsel of a mootness fee.
While the mootness fee approach has to this point been successful for the plaintiffs’ lawyers, courts have begun to scrutinize the mootness fee dismissal process. As discussed here, in June 2019, Northern District of Illinois Judge Thomas M. Durkin, exercising his “inherent authority” and acting at the urging of an objecting shareholder, has “abrogated” the settlement of the litigation arising out of the acquisition of Akorn , Inc. by Frensenius Kabi AG, and ordered the plaintiffs’ lawyers to return to Akorn their $322,000 mootness fee, ruling that the additional disclosures to which the company agreed were “worthless to shareholders” and that the underlying lawsuits should have been “dismissed out of hand.” Judge Durkin added that the “racket” that Judge Posner had previously described “must end.”
What Judge Durkin said of the process and disclosures in the Akorn case could be said for most if not all of the other merger objection lawsuits. The whole game is indeed a shameful racket that is all the more regrettable because the plaintiffs’ lawyers are using the threat of judicial process to extract a “go away” payment so that the underlying transaction can be completed. But if the same that was said of this case could be said of so many of the other merger objection lawsuits, will other courts follow Judge Durkin’s lead and consider whether settlements that result in the payment of mootness fees should be set aside?
If one judge can be persuaded to take scrutinize the mootness fee game, maybe others can be persuaded to do so as well. It could take some time, but if enough mootness fee settlements are reviewed, maybe this abusive litigation racket can be ended. Every who cares about our judicial system certainly hopes so.
What Next for State Court Securities Litigation?
As noted above, in March 2018, the U.S. Supreme Court in the Cyan case confirmed that state courts retain concurrent jurisdiction for liability actions under the Securities Act of 1933 and that ’33 Act suits filed in state court cannot be removed to federal court. Since the Supreme Court handed down the Cyan decision, the number of state court securities suits filings has increased.
In the first six months of 2019, there were 19 state court securities class action lawsuit filings, of which 7 had a parallel federal court filings, and 12 of which were standalone. The 19 first-half state court filings projects to a year-end state court securities suit total of 38, with 24 year-end projected standalone state court suits. The projected 38 state court securities suit filing total would be the highest ever annual number of state court securities suit filings.
If the standalone state court suits are taken into account, the overall projected number of 2019 year-end filings (including both state and federal court filings) increases to 436, which would be the highest number ever, above the equivalent year-end total for 2018 of 423.
The state court securities class action lawsuits that do have parallel federal counterparts are not without their own significance. The presence of these state court suits means that the defendant companies involved will face the increased cost and complexity involved with having to fight a multi-front war.
Among the issues that the state courts have had to face in dealing with this kind of litigation is whether or not the federal court securities litigation discovery stay applies to securities suits filed in state court. It is emblematic of the mess that can result from this type of state court securities litigation that, to this point, two different courts in the New York court system have reached exact opposite conclusions about whether or not the discovery stay applies while a motion to dismiss is pending – as discussed here, while one New York state court judge recently concluded that the discovery stay does apply, another judge in the same courthouse concluded that it does not.
The fact that companies have to deal with this kind of confusion and needless duplication is a very strong reason why the current effort to reform the securities laws – and in particular to undo the impact of the Cyan decision –is something that everyone in the D&O insurance industry should support, as discussed further in the next section.
In the meantime, defendants must continue to battle these kinds of securities suits. One concern about these kinds of securities lawsuits is that state court judges will be less likely to grant defendants’ motions to dismiss. There is academic research that supports the conclusion that state court suits are dismissed significantly less frequently than their federal court counterparts. Indeed, the academic paper suggests that one of the reasons that plaintiffs’ lawyers may be drawn to file their suits in state court is the anticipation of a lower likelihood of dismissal.
However, there have been some recent state court decisions that might provide hope that cases that would be dismissed in federal court might not survive in state court. For example, as discussed here, a New York state court judge recently granted the defendant’s motion to dismiss in a state court securities suit, and as discussed here, a Texas state court judge granted the dismissal motion in another state court case.
We can hope that the New York and Texas courts’ rulings may help send a message that the plaintiffs’ lawyers may need to reconsider whatever perceived advantages they may think they have in proceeding in state court rather than federal court. Ultimately, we can hope that Congress will fix the problem that Cyan created; it makes no sense to have a system that permits parallel or duplicative litigation and that has a multitude of state courts enforcing and applying the federal securities laws. However, unless or until Congress gets around to amending the ’33 Act’s jurisdictional provision, plaintiffs’ lawyers will have the option of filing their suits in state court. One can only hope that decisions like those in New York and Texas will help persuade the plaintiffs’ lawyers to stick with the federal court forum.
Will the Calls for Another Round of Securities Litigation Reform Succeed?
As noted above, securities class action litigation filing activity has been at near-record levels for now several years. Among other factors driving this litigation activity are regrettable developments such as the rise of federal court merger objection lawsuits and of state court securities class action lawsuits. In light of these recent events, it is little surprise that there have been calls for another round of securities class action litigation reform.
The U.S. Chamber of Commerce has been among the organizations leading the call for securities class action litigation reform. As discussed here, in February 2019 the Chamber hosted an event in Washington, D.C. in which it sounded the call for reform. The Chamber has also published a number of papers on the topic of securities litigation reform.
More recently, Chubb, a leading global insurer, has added its voice to the calls for reform. As discussed here, in an interesting June 11, 2019 paper entitled “From Nuisance to Menace: The Rising Tide of Securities Class Action Litigation” (here), the company describes the extent of the current securities litigation mess and sets out a number of proposals for securities litigation reform.
The report opens with a useful — if also distressing — summary of the current U.S. securities class action litigation filing trends. These litigation filing trends imply significant costs, although the extent of the costs is not always fully appreciated. Because of Chubb’s significant involvement in the management liability insurance arena, the company has relevant data with which to assess the costs associated with securities litigation. A particularly interesting aspect of the Chubb report is that it details the full panoply of costs – including in particular the defense expenses, a factor that is not always taken into account when discussing securities litigation costs, because the defense cost information typically is not publicly available.
According the report, over the last five years, the total cost of securities litigation, including settlements and attorneys’ fees, is $23 billion. Of that astonishing total, half of the amount has gone to the attorneys (plaintiff and defense).
In the face of these alarming trends, the report advocates a number of reforms. First and foremost, the report advocates Congressional enactment of legislation overturning Cyan. Companies, the study notes, “should not have to incur the risk and costs of defending themselves in two or more different courts simultaneously.” Congress, the report suggests, should adopt legislation designating federal courts as the exclusive forum for litigation securities class action lawsuits under the federal securities laws.
The study also details a number of other reform proposals. Among other things, the report adopts prior calls by academics and the U.S. Chamber of Commerce to increase the amount of judicial scrutiny of over plaintiffs’ attorneys’ fees, to ensure that fees paid to lawyers are reasonable and proportional. The study also adopts some of the reform proposals from the U.S. Chamber’s prior report on securities litigation reform, including requiring greater plaintiff involvement in the securities litigation; requiring plaintiffs’ counsel to disclose any relationship (including in particular any referral fees paid or to be paid); and allowing fast-track interlocutory appeals of motions to dismiss denials.
It remains to be seen whether securities litigation reform is a realistic objective in the current divided Congress. Given the political division in Washington, the best approach may be to focus on specific achievable objective, such as revision the ’33 Act’s jurisdictional provision to eliminate concurrent state court jurisdiction for ’33 Act liability lawsuits. The more ambitious and more arcane reform proposals may have to await another day.
What Next for Cybersecurity-Related D&O Lawsuits?
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. One of the most recent of these cases, a securities class action lawsuit filed in June 2019 against FedEx, shows how these kinds of cases have evolved and what we might expect from this type of litigation in the future.
As discussed here, plaintiffs’ lawyers filed a securities lawsuit against FedEx and certain of its directors alleging that the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. The malware attack took place at the former operations of TNT Express, which FedEx had acquired in June 2016. TNT operations were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The complaint alleges that in the first post-attack disclosure and in subsequent disclosures during the class period, FedEx provided reassurances that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The complaint alleges that notwithstanding the company’s reassurances, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The FedEx cybersecurity-related lawsuit shares a number of features with the circumstances involved in other cybersecurity-related securities suits. For example, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
In addition, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that in the FedEx lawsuit the allegation is not that the report of the incident itself was not disclosed in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global malware attack raises some interesting issues. FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. Dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits. The fact is that cybersecurity-related incidents could represent an aggregation of losses risk for the D&O insurance industry.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing data breaches, but also for companies involved in privacy violations or that get hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment. Moreover, it is clear that the specific allegations raised in these kinds of lawsuits will continue to evolve as cybersecurity threats change, as well.
Will Privacy Continue to Emerge as a Critical Corporate Risk Exposure?
For some time now, I have been clamoring that privacy-related issues represent a significant area of emerging corporate risk. Among other factors supporting this assertion is the May 2018 implementation of the EU’s General Data Protection Regulation (GDPR). Indeed, there have already been GDPR-related securities class action lawsuits filed against Facebook (as noted here), and against Nielsen Holdings (discussed here).
The possibility that privacy represents a significant and growing area of corporate risk was substantially increased by a series of developments in July. First, as discussed here, in early July, the U.K.’s Information Commissioner’s Office (ICO) announced massive proposed GDPR fines against British Airways and Marriott International. The British Airways fine amounted to £183.39 million ($230 million) and the Marriott International fine amounted to £99.2 ($124 million). The British Airways cyber incident involved the diversion of user traffic from the company’s website to a fraudulent site. The ICO concluded that the personal data of approximately 500,000 customers was compromised. The proposed Marriott fine related to the high-profile breach involving the company’s Starwood Customer loyalty program website. (The Starwood breach also has been the subject of regulatory investigations and securities litigation in the U.S., as well).
The GDPR-related fines were dwarfed by the fines announced a few days later involving Facebook. As discussed here, on July 24, 2019, the Federal Trade Commission (FTC) announced that Facebook will pay a record-breaking $5 billion penalty and submit to new restrictions and a modified corporate structure. In a related development, the Securities and Exchange Commission (SEC) also announced that Facebook had agreed to a $100 million settlement to resolve the agency’s allegations that the company misled investors regarding the risk of misuse of Facebook user data. Both agency actions followed the March 2018 revelations that data analytics firm Cambridge Analytica had obtained access to user data of millions of Facebook users.
These massive fines, and in particular Facebook’s massive FTC settlement, dramatically underscore how significant privacy-related issues now are as a potential source of corporate risk. The sheer size of the fines in and of themselves highlights the significance of the risk.
There are several other aspects of these regulatory actions that emphasize the growing significance of privacy as a source of potential corporate liability exposure. First, Facebook’s settlement with the SEC, while far smaller than the FTC fine, shows both that privacy-related disclosures can be a source of liability under the federal securities laws and that the SEC is scrutinizing privacy-related disclosures. The SEC’s enforcement action against Facebook represents yet another example of the ways in which privacy-related issues potentially can lead to D&O lawsuits.
Second, there were several other important features of Facebook’s settlement with the FTC. Among other things, the settlement requires the company to set up a separate board committee to focus on and supervise privacy issues. This mechanism was put in place as a remedial measure for a company that the FTC contends violated a prior regulatory settlement agreement. However, the step also provides a significant message about the role of the corporate board in supervising privacy issues. The implication is that it is the board’s responsibility to ensure that privacy issues are managed and controlled appropriately.
Third, there is an aspect of the recent proposed GDPR fines that should not be overlooked. That is, the U.K. ICO proposed a fine against Marriott International even though the company is not based in the EU. To be sure, the record shows that the Starwood customer database breach resulted in the exposure of the records of millions of customers living in Europe. Just the same, the fact that a massive fine has been proposed against Marriott highlights the extent to which non-E.U. companies, including even companies based in the U.S., are potentially subject to the GDPR’s massive fines. GDPR is intended to protect the “personal data” of EU residents, which means that a company in possession of this kind of information (which GDPR defines extraordinarily broadly) potentially is subject to GDPR regulatory action, even if it has no offices or employees within the EU.
Finally, as is implicit in these developments, it is clear that regulators are primed to take an active approach to privacy-related enforcement.
The bottom line is that is that going forward privacy may represent one of the most significant areas of potential corporate risk exposure. This risk includes not only the possibility of the massive regulatory fines that the GDPR permits, but it also includes the possibility of follow-on D&O claims, when shareholders claim that company management failed to take appropriate steps to prevent the regulatory fines or that management failed to fully inform investors of the regulatory risks that the company faces.
How Serious is the Threat of Direct Personal Liability to Corporate Executives?
One of most distinctive features of corporate executive liability is that it is personal to the individuals – that is, corporate officials can be held personally liable for wrongful actions or omissions they undertake in their corporate capacity. Theoretically, the individuals are putting their personal assets at risk as a result of their corporate service. This potential liability is substantially ameliorated by the protections provided by indemnity and insurance. In the vast majority of instances, because of the protection of indemnity and insurance, corporate executives do not have to resort to their personal assets to resolve claims against them. Every now and then, however, a situation will come along that underscores that corporate executives can be held personally liable and that indemnification and insurance may not be enough to protect them.
The most recent example highlighting corporate executives’ personal liability exposure relates to the adversarial litigation filed in the Chicago Tribune bankruptcy proceeding. The adversarial action related to the 2007 LBO transaction in which billionaire Sam Zell and other Tribune executives took the Tribune company private. The transaction was highly leveraged. It was also poorly timed, as the global financial crisis emerged soon after the transaction closed. Within a year of the LBO, the company filed for bankruptcy.
In 2010, the bankruptcy trustee initiated an adversarial proceeding against former Tribune CEO Dennis FitzSimmons, Zell, and, eventually, a total of approximately 50 other former Tribune executives. The trustee’s complaint sought damages from the defendants for a variety of alleged legal violations, including for alleged breaches of fiduciary duty; alleged unjust enrichment claims, to recover payments made to certain of the defendants in connection with the LBO as well as incentive compensation payments allegedly made to certain of the executives; alleged illegal dividends; as well as liability for certain other alleged preferences and fraudulent conveyances.
As discussed here, in early 2019, after years of litigation, and mediation, the parties ultimately were able to settle the adversarial proceeding. According to the bankruptcy trustee’s May 2019 motion for settlement approval, the company’s D&O insurers and the individual defendants agreed to settle the adversarial claims for a total of $200 million. According to the motion, “the total Settlement Payment is significantly in excess of the available insurance.” According to the settlement agreement, “The Settling Defendants will be responsible for allocating individual responsibility for the Settlement Payment between and among the D&O Insurers and between and among the Settling Defendants.” There is nothing in the settlement agreement specifying how much the D&O insurers (collectively or individually) will contribute to the settlement, or how much the individuals (collectively or individually) will contribute.
The bankruptcy and the adversarial litigation resulted from what clearly was a disastrous transaction. The ultimate settlement of the adversarial proceeding is noteworthy in a number of respects, not least simply because of its massive size. Any D&O claims settlements that reaches nine figures is noteworthy, but this one is particularly noteworthy – very few (if any) bankruptcy trustee claims that have reached this level.
But the most noteworthy aspect is that as part of this settlement is that the individual defendants are being called upon to contribute toward the settlement out of their own assets. It isn’t clear from publicly available settlement documents how much the individuals are contributing. And whatever the individuals are contributing collectively, the aggregate amount is going to be split up among quite a number of people (including Zell, who is after all a billionaire). Just the same, the settlement documents do make it clear that the $200 million settlement amount “significantly” exceeds the remaining amount of insurance. It does not take too much imagination to suppose that some of the individuals’ contributions likely will put a significant dent in their lifetime savings.
There is another aspect of this settlement that is worth thinking about. That has to do with the amount of insurance that was remaining at the end to try to settle this case. It is not as if the Tribune Company did not buy a lot of insurance. The list of insurers on the exhibit to the Settlement Agreement suggests that the company purchased a very significant amount of insurance. However, there can be little doubt that one of the reasons the $200 million settlement so “significantly” exceeded the remaining amount of insurance is that years of litigating what undoubtedly was complex litigation substantially depleted the amount of insurance that was available at the outset. While defending complex D&O suits will always deplete the available insurance, the practical consequence of mounting a vigorous defense is particularly noteworthy where, as here, the depletion of the insurance in the end leads to the individuals having to contribute to toward settlement of the claim out of their own personal assets.
There are a number of cautionary tales for directors and officers, their insurance advisors, and their insurers from this sequence of events. One clear lesson has to do with the perennial question about limits adequacy – that is, how much insurance is enough insurance? So many corporate executives don’t want to listen to warnings that their companies should be buying more insurance. The executives might feel very differently about the additional limits question if they were to consider that the alternative to buying more insurance is their having to contribute toward a claims settlement out of their own assets.
The fact is, as the Tribune case clearly shows, the liability that D&O insurance protects against is personal liability. If there isn’t enough insurance to defend and settle a serious claim, company executives could find themselves having no choice but to fund these amounts out of their own pocket.
Are Private Companies Exposed to Potential Liability Under the Federal Securities Laws?
It is little noticed and less understood, but the fact is that private companies are not immune from potential liability under the federal securities laws. The highest profile example of a private company getting caught up in an SEC enforcement action is the March 2018 action the SEC brought against the now-infamous blood testing startup, Theranos, and two of its executives. However, the SEC has shown that its willingness to enforce the securities laws against private companies is not just limited to high-flying companies like Theranos; it has pursued enforcement actions against much lower-profile companies, as well.
As discussed here, in February 2019, the SEC brought an enforcement action against two former executives of a defunct Indiana-based plastics and polymers manufacturing company, Lucent Polymers. The two executives allegedly concealed the company’s fraudulent financial reporting practices and made misrepresentations in connection with the sale of Lucent to Citadel Plastics Holdings. The two individuals profited substantially in the sale. The two individuals were also separately indicted by a federal grand jury in connection with the same incidents.
The DOJ’s press release about the indictments quotes an agency official as saying “Corporate officials who put deviousness over good faith degrade the integrity of our markets and impugn the reputation of American industry. This office will continue to prioritize the investigation and prosecution of corrupt corporate executives who enrich themselves through fraud and deception.” The DOJ statement says nothing about the fact that Lucent was a private company, nor in making its statements about the agency’s investigative priorities, the agency said nothing about differentiating between public and private companies.
As the Fenwick & West law firm noted in its February 22, 2019 memo about the SEC’s and the DOJ’s actions (here), “The government’s aggressive action here is a reminder that securities regulators and law enforcement agencies are increasingly scrutinizing statements made by private companies, especially statements that create investor fervor and lead to inflated share valuations.”
The enforcement action and criminal indictments against the Lucent executives were not the only recent proceeding involving a private company. As discussed here, on April 2, 2019, the SEC announced that it has settled an enforcement action the agency brought against the founder and chief executive of Jumio, Inc., a private mobile payments company. In its complaint against the former CEO, Daniel Mattes, the SEC alleged that Mattes “defrauded investors by providing them with materially misstated financial statements that purported to show that Jumio had earned significantly more revenue and profits than it actually did.” Mattes profited significantly from sales of his personal holdings in the company’s stock allegedly made based on the false financial statements.
Without admitting or denying the allegations, Mattes agreed to be enjoined from future similar violations and barred from being an officer or director of a publicly traded company in the U.S., and agreed to pay more than $16 million in disgorgement and prejudgment interest plus a $640,000 penalty.
The SEC’s action against Mattes serves as yet another reminder that the SEC will pursue company executives for securities law violations, even if the executives work for a private company. Indeed, in its press release announcing the negotiated resolution of the Jumio enforcement action, the SEC included a statement from the regional director of the SEC’s San Francisco office as saying “Company executives must provide investors with accurate information irrespective of whether their companies are publicly or privately traded.”
In an April 11, 2019 memo about the SEC’s enforcement actions against Mattes, the Proskauer law firm noted that the action is “a reminder that privately negotiated securities transactions and private, VC-funded companies are not exempt from regulatory scrutiny.”
The SEC’s latest actions private companies clearly have important risk management implications for private companies. It is critically important that private companies and their executives recognize that they face potential liability exposure under the federal securities laws for alleged misrepresentations to prospective investors and others.
The potential federal securities law liability exposures for private company executives have important D&O insurance implications, as well. However these implications may not always be taken into account. The D&O community tends to divide the world between public and private companies and to proceed on the assumption that potential liability under the federal securities laws is strictly a concern for public companies. As these cases highlight, this division between public and private companies when it comes to liabilities under the federal securities laws is not nearly as strict as the common presumption typically assumes.
A private company executive caught up in an SEC enforcement proceeding clearly would want to look to their company’s D&O insurance to provide their defense. However, whether or not the private company’s D&O insurance policy would respond will depend significantly on the policy’s actual wording, including, among other things, the wording of the policy’s securities exclusion. This exclusion is intended to preclude coverage under the private company policy for liabilities incurred in connection with taking the company public – the insurer did not undertake to insure a public company and so excludes public company liabilities under the policy.
The wordings of these exclusions vary widely, and in some versions the exclusion is written sufficiently broadly that the insurer might seek to rely on the exclusion to preclude coverage for the kinds of actions that were brought here against private company executives. Ideally, the exclusion would not even go into effect unless the insured company has completed a public offering; however, not all exclusions are so limited.
The bottom line is that it is important in connection with the placement even of private company D&O insurance for the possibility of an SEC enforcement action against the company or its executives is taken into account. In particular, it will be important for private company executives worried about the availability of policy coverage in the event of an SEC enforcement action to review their policy with their insurance advisor to ensure that the policy’s securities exclusion would not preclude coverage in the event of an SEC proceeding.
What’s Next in the D&O Insurance Marketplace?
As a result of the heightened level of securities litigation and other claims activity, the D&O insurers have a massive volume of claims in their claims pipelines. The insurers also report that they have experienced significant deterioration in their prior accident year results. These adverse claims developments have arisen at the same time as the insurers are struggling to grapple with emerging developments such as the rise of state court securities litigation, and the continuing evolution of new risk exposures such as cybersecurity and privacy-related risk. In addition, all of these things are happening after a several year period in which D&O pricing steadily declined.
Inevitably the adverse liability trends and the decreased pricing has led poor underwriting results for the D&O insurers. The poor underwriting results in turn have meant that the D&O insurance marketplace has entered one of its periodic cyclical pricing correction phases.
For the last 12 to 18 months, the D&O insurers have sought and largely succeeded in obtaining pricing increases for most of their policyholders. This trend has been particularly pronounced for public company policyholders. Almost all public companies have seen an increase in their D&O insurance premiums at their most recent renewal.
For some companies, the increases are in the 10-20% range, but for many other companies the increases are substantially higher, as much as 50% or more. IPO companies, life sciences companies, high tech companies, financially troubled companies, and companies with adverse claims experience are seeing the largest increases. In addition to pricing increases, some insurers on some accounts are also seeking increases in the self-insured retention. In addition, on many accounts, some insurers are seeking to reduce their capacity exposed (for example, by reducing their limits exposed from $10 million to $5 million).
The bottom line is that for many insurance buyers their D&O insurance renewal transaction is now considerably more complicated and more expensive than it has been for many years. Moreover, many of these marketplace trends have been accelerating as the year has progressed. For example, during the course of the year, the D&O insurance pricing, say, for a developmental stage biotechnology IPO company has continued to increase. All of these trends have made the D&O insurance placement process harder to predict and more time-consuming.
For now all signs are that the D&O insurance pricing correction will continue. There are no immediate signs of significant new capacity coming into the marketplace. The kind of marketplace competition that leads to quoted premiums getting undercut is for now scarce. It remains to be seen how long this hardening face will continue. At some point, competition will return, as new capacity comes into the marketplace and as the incumbent players’ results improve, and that will undercut the current increasing pricing trends. Until that happens, D&O insurance buyers will face a disrupted and unpredictable marketplace characterized for most buyers by rising prices, increased retentions, and reduced insurer capacity.