As a result of a host of recent developments – including the War in Ukraine, trade tensions with China, and growing issues involving digital assets – several long-standing regulatory regimes have become increasingly important for companies and their executives. These regulatory regimes include U.S. sanctions, export controls, anti-money laundering (AML) and anti-bribery and corruption laws. According to a recent memo from the Skadden law firm entitled “Why Directors and Executives Need to Pay Attention to Sanctions, Money Laundering, and Export Rules” (here), boards and senior management need to be especially vigilant with respect to these laws as the company officials can become targets of enforcement actions – indeed, directors and officer have been named personally in both civil and criminal enforcement actions involving these laws and regulations.
According to the law firm memo, agencies tasked with enforcing these regulatory regimes are “increasingly focused on how senior management oversees and manages compliance risks.” Even inadvertent violations of sanctions, AML, and anti-bribery laws “can expose executives and officers to liability if they fail to take steps to ensure compliance” and willful violations “can lead to criminal prosecutions.”
By way of illustration, the memo notes that enforcement actions brought by the Department of Commerce’s Bureau of Industry Security, the primary agency responsible for administering and enforcing U.S. export control laws, have resulted in “criminal convictions for 50 individuals and companies,” many of them involving significant prison time for the individuals involved.
As the law firm memo notes, “enforcement agencies expect boards and senior managements to ensure their companies’ compliance with these rules, which are viewed as key instruments of U.S. foreign policy.”
Significantly, the several federal agencies responsible for enforcing these laws often cooperate and may bring parallel civil enforcement actions alleging violations of multiple laws, and, where there is evidence of willful violations, any one of these agencies can refer cases to the U.S. Department of Justice.
With respect to the potential liability of corporate directors and officers, it is important to consider that, as the memo notes, “disclosure of violations, or even of an investigation of potential violations, often is quickly followed by securities class actions litigation and derivative lawsuits claiming that directors failed in their duties to appropriately oversee these risks.”
The memo’s key takeaways are that “boards and senior management play a critical role by instilling a culture of compliance, ensuring that compliance functions are adequately resourced and providing continuous and meaningful oversight.”
In prior posts on this site, I have noted the phenomenon, noted in the law firm memo, of the possibility of corporate or securities litigation following on in the wake of the revelation of enforcement actions involving alleged trade sanctions, export controls, AML, and anti-bribery laws.
For example, as I noted here, in March 2020, a U.S. semiconductor company was hit with a securities class action lawsuit after disclosing that it was under investigation from the U.S. Department of Justice regarding the company’s compliance with export controls relating to business transactions with the Chinese technology company Huawei.
Similarly, in 2015, the software firm Vasco Data Security was sued in a securities class action lawsuit after the company disclosed that it had self-reported a possible violation of federal prohibitions against sales of goods to parties in Iran, as discussed here.
By the same token, in numerous prior posts (for example, here), I have noted the frequency of securities class action litigation following in the wake of the announcement of an FCPA investigation or other anti-bribery enforcement action.
In an example of a shareholder derivative lawsuit arising out of these issues, as discussed here, a shareholder of J.P. Morgan Chase has filed a derivative lawsuit against the company, as nominal defendant, and certain of its directors and officers alleging breaches of fiduciary duty in connection with the company’s $88.3 settlement with the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC).
While the possibilities for this type of litigation following on in the wake of the disclosure of a regulatory investigation are substantial, that is not to say that this type of litigation is always successful. For example, as noted here, in the securities suit pending against oil drilling company Seadrill relating to the company’s loss of business loss business with a Russian oil company subject to international sanctions following Russia’s invasion and annexation of Crimea, the court granted the defendants’ motion to dismiss. Similarly, at the same time as I have noted on this site the frequency of FCPA-follow on litigation, I have also noted that these kinds of lawsuits often face formidable obstacles (as discussed for example, here).
The risk for companies and their D&O insurers includes not only the possibility of follow-on civil lawsuits. The risk includes the possibility of the underlying regulatory investigation, which entails its own significant costs. These cost in turn raise the question of whether or not the company can get D&O insurance coverage for the cost incurred in responding to a trade regulation investigation. In a prior post (here), I discussed at length this issues involved with the question of the possibility of D&O insurance coverage for trade sanction violation investigations.