weiIt seems that every day there is yet another story in the business pages about a significant data breach at a major company. Cybersecurity is an increasingly important topic for companies and their shareholders, and the problems with cybersecurity are an increasing concern in Washington as well. In the following guest post Paul A. Ferrillo and David J. Schwartz of the Weil Gotshal law firm take a look at the ways that various federal regulatory agencies are dealing with companies under their specific regulatory authority related to cyber security.

 

I would like to thank Paul and David for their willingness to publish their article on this blog. I welcome guest post contributions from responsible authors on topics of interest to this blog’s readers. If you are interested in submitting a guest post, please contact me directly. Here is Paul and David’s guest post.

 

*********************************

 

In our June 4, 2014 article on cyber security and cyber governance[i] we noted that for many reasons, boards of directors and executives of U.S. companies needed to reexamine how they protect (and respond to the successful hacking of) their most critical intellectual property and customer information. One of the reasons was that all signs out of Washington, D.C. pointed towards increasing federal regulation and oversight of cyber security for public and private companies, and particularly for those in the financial services sector. Further, we foresaw not only heightened scrutiny from regulators, but increasing class action litigation, with plaintiffs accusing boards and management of not taking the appropriate steps to protect company and client data. Our predictions were correct on all fronts.

 

Just six days after our article, Luis Aguilar, a Commissioner of the United States Securities and Exchange Commission (SEC), stated very clearly in a speech entitled “Cyber Risks in the Boardroom,”[ii] that,

 

[B]oards must take seriously their responsibility to ensure that management has implemented effective risk management protocols. Boards of directors are already responsible for overseeing the management of all types of risk, including credit risk, liquidity risk, and operational risk and there can be little doubt that cyber-risk also must be considered as part of board’s overall risk oversight. The recent announcement that a prominent proxy advisory firm [Institutional Shareholders Services (ISS)] is urging the ouster of most of the Target Corporation directors because of the perceived “failure…to ensure appropriate management of [the] risks” as to Target’s December 2013 cyber-attack is another driver that should put directors on notice to proactively address the risks associated with cyber-attacks.

 

Id. (alteration in original) (emphasis added) (footnotes omitted).

 

Without equivocation, Commissioner Aguilar stated that cyber security was a board responsibility. Likewise, ISS has signaled that directors could or should be held personally accountable for cyber security breaches if they fail to keep their eye on the ball.[iii] So too has the plaintiffs’ bar recognized that cyber security breaches may become a lucrative addition to their class action litigation practices.[iv]   

 

In response to this quickly evolving area of federal regulation and oversight of cyber security, and the ever-increasing scrutiny by multiple constituencies of boards of directors and public companies on cyber security issues, we provide this short, non-exclusive list of how the U.S. government and its agencies are dealing with companies under their specific regulatory authority related to cyber security.[v]

 

The SEC

Certainly the majority of the federal activity on cyber security issues has come from the SEC. The genesis of its involvement began on or about October 12, 2011, when the SEC issued guidance regarding the disclosure obligations of public companies relating to cyber security risks and cyber incidents. The focus of this guidance was on whether information concerning cyber security and cyber incidents rose to the level of a disclosure obligation either as a risk factor under Regulation S-K Item 503(c) or in the MD&A Section of a Company’s mandatory SEC disclosure. One of the critical determining factors for the SEC was whether:

 

[T]he costs or other consequences associated with one or more known incidents or the risk of potential incidents represent a material event, trend, or uncertainty that is reasonably likely to have a material effect on the registrant’s results of operations, liquidity, or financial condition or would cause reported financial information not to be necessarily indicative of future operating results or financial condition.[vi]

 

Id. (emphasis added). If the registrant does determine its cyber security risk or previous cyber incidents rise to the level of a disclosable event, the SEC guidance notes that such disclosure might contain information reflecting:

  •  Discussion of aspects of the registrant’s business or operations that give rise to material cybersecurity risks and the potential costs and consequences;
  • To the extent the registrant outsources functions that have material cybersecurity risks, description of those functions and how the registrant addresses those risks;
  • Description of cyber incidents experienced by the registrant that are individually, or in the aggregate, material, including a description of the costs and other consequences;
  • Risks related to cyber incidents that may remain undetected for an extended period; and
  • Description of relevant insurance coverage.

Id.

 

The SEC’s October 2011 cyber guidance was just that – guidance. The question of “materiality” is and was purely left within the discretion of the company. There was no discussion about when the risk of “potential incidents” rose to the level of disclosure. Fueled by continuing major cyber breaches, on March 26, 2014 the SEC organized a “cyber roundtable” among industry groups and public and private sector participants in order to consider, among other things, whether or not additional SEC guidance related to the level of disclosure in a company’s public filings was necessary. It will be interesting to see how events develop at the SEC, particularly as cyber breaches continue to increase in number and scope.

 

SEC Office of Compliance, Inspections and Examinations (OCIE)

On April 15, 2014, the OCIE issued a National Exam Program Risk Alert, entitled “OCIE Cybersecurity Initiative,” announcing it would conduct examinations of more than 50 registered broker-dealers and investment advisors “designed to assess cybersecurity preparedness in the securities industry and to obtain information about the industry’s recent experiences with certain types of cyber threats.”[vii] Importantly, this alert came with an extensive list of questions requiring registrants to respond to various areas of their cyber security preparedness. The list requires information such as the registrant’s adoption of any “published cybersecurity risk management process standards, such as those issued by the National Institute of Standards and Technology (NIST),”[viii] employee training, vendor management, the firm’s practices to detect “unauthorized activity on its networks and devices,” and specific information, if applicable, concerning any cyber breaches which the registrant experienced since January 1, 2013.

 

Financial Industry Regulatory Authority (FINRA)

In January 2014, FINRA announced a “sweep” program, similar to OCIE’s, whereby firms under FINRA’s authority would be receiving targeted examination letters requiring them to respond to questions relating in general to their cyber preparedness.[ix] FINRA’s targeted examination letters seek very similar information as the OCIE cybersecurity initiative.

 

Other Federal Regulations Related to Cyber Security

Gramm-Leach Bliley Act (GLBA)

Perhaps most famous for repealing part of the Glass-Steagall Act of 1933, the GLBA, also known as the Financial Services Modernization Act of 1999, has a cyber-data component and applies to “financial institutions,” i.e. “any institution engaged in the business of providing financial services to customers who maintain a credit, deposit, trust, or other financial account or relationship with the institution.” Under the GLBA, financial institutions are required to “establish appropriate standards” to safeguard a customer’s personal financial information, in order: “(1) to insure the security and confidentiality of customer records and information; (2) to protect against any anticipated threats or hazards to the security or integrity of such records; and (3) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.”[x] Under the GLBA, financial institutions, in actions brought by the Department of Justice only (there is no private right of action under GLBA), can be fined up to $100,000 for each violation, and directors and officers of financial institutions could be held personally liable for civil penalties of up to $10,000 for each violation.

 

Payment Card Industry Data Security Standard (PCI DSS)[xi]

The PCI DSS is not necessarily a “law” but a list of cyber security standards applied to any U.S. company that processes credit cards, such as a retailer or a financial institution. The list focuses on, among other general requirements, the need to “develop and maintain secure systems and applications,” and the need to “track and monitor all access to network resources and cardholder data.” These standards provide an “actionable framework for developing a robust payment card data security process – including prevention, detection and appropriate reaction to security incidents.”[xii] PCI DSS 3.0, adopted in November 2013, enlarges the scope of data security requirements upon retailers and financial institutions.[xiii] It will be interesting to see whether “3.0,” when implemented by retailers, will have any material effect on an industry sector that continues to experience major cyber security breaches along the lines of Target or Neiman Marcus.

 

Health Insurance Portability and Accountability Act of 1996 (HIPPA)

HIPPA requires, in general, the protection and confidentiality of all electronically protected healthcare information that is created, received, maintained or transmitted. Under HIPPA, a healthcare facility must protect against any reasonably anticipated threat or hazard to the security or integrity of such healthcare information. Under HIPPA, fines can range from $50,000 to $250,000 as well as civil litigation exposure.

 

Health Information Technology for Economic and Clinical Health Act (the HITECH Act)

The HITECH Act expands the scope of the institutions covered under HIPPA to now include any organization or individual who handles protected healthcare information, which could now include banks, businesses, schools and other organizations.[xiv]

 

Today and Tomorrow

Cyber security is the buzzword of the day, year, and maybe the decade. Well-publicized cyber breaches at major U.S. companies are now becoming the norm and have caused not only tremendous anxiety for executives, but reputational damage and material revenue loss for many companies.[xv] These breaches have not only caused both consumer and securities class and derivative actions, but have caught the eye of both federal and state regulators. And Congress will soon get in the game with additional legislation. 

 

In response to this ever changing landscape, directors and officers, and their companies’ CISOs and CIOs, must adapt daily, and continue daily discussions about how to improve their company’s cyber security procedures and detection/incident response plans of action. Adaptation means real discussion about allocating real physical and financial resources to protect the company’s most valuable IP and customer information. Adaptation means that companies and firms need to continue to adopt demonstrable processes and procedures which provide evidence to all constituencies that they are paying attention and responding to the cyber security threat with actionable measures, and not just talking points. Whether that means adopting the NIST cyber security framework or continuing to improve upon their own cyber security procedures in a demonstrable fashion, directors and officers must consider the consequences of failing to act. Even in the face of seemingly unimaginable technological threats (the recent hacking of JPMorgan Chase & Co. by Russian hackers as a possible retaliation for U.S. government sponsored sanctions comes to mind), directors and officers will likely be looked at with ever increasing scrutiny by regulators, customers, and investors.

 

[i] See here.

[ii] Available here.

[iii] See Paul Ziobro & Joann S. Lublin, ISS’s View on Target Directors Is a Signal on Cybersecurity, Wall St. J., May 28, 2014, available here.

[iv] See Jeffrey Roman, Supervalu Hit With Lawsuit After Breach, Bank Info Security (Aug. 20, 2014), available here; see also the following recently filed complaints in Davis v. Steinhafel, Case Nos. 14-cv-00203-PAM-JJK et seq., 2014 WL 3853976 (D. Minn. July 18, 2014) ; Diana v. Horizon Healthcare Servs., Inc., Case Nos. 2:13-CV-07418-CCC-MF, 2:14-cv-00584-CCC-MF, 2014 WL 3351730 (D.N.J. June 27, 2014).

[v] We leave for another day how various state agencies and authorities (e.g. the New York State Department of Financial Services) are simultaneously dealing with cyber security related issues. See, e.g., New York State Department of Financial Services’ Report on Cyber Security in the Banking Sector (2014), available here.

[vi] Securities and Exchange Commission, CF Disclosure Guidance: Topic No. 2 (Oct. 13, 2011), available here.

[vii] Office of Compliance Inspections and Examinations, 4 National Exam Program Risk Alert, no. 2, Apr. 15, 2014, available here.

[viii] Id.; see, e.g., this article.

[ix] See FINRA, Target Examination Letters re: Cybersecurity (Jan. 2014), available here.

[x]15 U.S.C. § 6827(4)(a); 15 U.S.C. § 6801(b)(1)-(3).

[xi] The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards. See this link.

[xii] PCI Security Standards Council, Navigating PCI DSS, Understanding the Intent of the Requirements, version 2.0 (Oct. 2010), available here; PCI Security Standards Council, PCI SSC Data Security Standards Overview, available here.

 

[xiii] Available here.

[xiv] It should also be noted that federal legislation concerning cyber security has been promulgated to protect government data. The Federal Information Security Management Act was enacted in 2002 namely to “enhance the management and promotion of electronic Government services and processes by establishing a Federal Chief Information Officer within the Office of Management and Budget, and by establishing a broad framework of measures that require using Internet-based information technology to enhance citizen access to Government information and services.” E–Government Act of 2002, Pub. L. No. 107–347, 116 Stat. 2899. 

 

[xv] For example, Brian Yarbrough, a research analyst with Edward Jones, predicted that after Target’s cyber breach, “Probably 5% to 10% of customers will never shop there again.” Hadley Malcolm, Target sees drop in customer visits after breach, USA Today, Mar. 11, 2014, available here.

radar2Every year just after Labor Day, I take a step back and survey the most important current trends and developments in the world of Directors’ and Officers’ liability and D&O insurance. This year’s survey is set out below. Once again, there are a host of things worth watching in the world of D&O.

 

What Will Happen With the Securities Cases on the U.S. Supreme Court’s Docket This Term?: For several months earlier this year, all eyes were on the U.S. Supreme Court as we awaited the outcome of the Halliburton case, which potentially could have been a game changer in the world of securities class action litigation. In the end, because the Supreme Court did not dump the “fraud on the market” theory, Halliburton will not have the disruptive effect that it might have. But even though the Halliburton case has been decided, there are still some good reasons to continue to keep an eye on the U.S. Supreme Court. The Court has two more securities cases on its docket for the upcoming term, and while neither has the disruptive potential that the Halliburton case had, they still could be significant.

 

First, as discussed here, in March 2014, the U.S. Supreme Court agreed to take up the Omnicare case, to determine whether or not it is sufficient to survive a dismissal motion for a plaintiff in a Section 11 case to allege that a statement of opinion was objectively false, or whether the plaintiff must also allege that the statement was subjectively false – that is, that the defendant did not believe the opinion at the time the statement was made.

 

The Supreme Court’s consideration of the Omnicare case will resolve a split in the circuits between those (such as the Second and Ninth Circuits) holding that in a Section 11 case allegations of knowledge of falsity are required; and those (such as the Sixth Circuit, in the Omnicare case) holding that allegations of knowledge of falsity are not required. The case is potentially important because the absence of allegations of knowledge of falsity is a frequent basis for dismissals of Section 11 suits in the Second and Ninth Circuits, where the vast preponderance of securities suits are filed. As it is, the current split would allow cases to go forward in the Sixth Circuit that would not survive in the Second and Ninth Circuits.

 

The defense bar has been sharply critical of the Sixth Circuit’s Omnicare opinion for overlooking the fact that as a matter of common sense a statement of opinion cannot be “false” unless the speaker truly did not hold the opinion. For a particularly good discussion of the defense perspective on the Sixth Circuit’s Omnicare decision and the issues it raises, please see Claire Loebs Davis’s August 12, 2013 post on the D&O Discourse blog (here)

 

Whatever the outcome, the Omnicare case will be important. The precedent in Second and Ninth Circuit’s holding that a Section 11 plaintiff must allege knowledge of falsity has been the basis of numerous dismissals in district courts in those circuits. If the Supreme Court were to hold that that Section 11 plaintiffs do not need to plead knowledge of falsity, many cases in those jurisdictions that are now dismissed would survive. However, it remains to be seen which view of Section 11 pleading will prevail.

 

Second, as discussed here, in Public Employees’ Retirement System of Mississippi, v. IndyMac MBS, the Supreme Court will consider whether the filing of a class action lawsuit tolls the statute of repose under the Securities Act (by operation of so-called “American Pipe” tolling) or whether the statute of repose operates as an absolute bar that cannot be tolled.

 

The statute of limitations for claims brought under the Securities Act of 1933, which is set out in Section 13 of the Act, provides that all claims under the Act must be brought within one year of the discovery of the violation or within the three years after the security involved was first offered to the public. Under the tolling doctrine established in the U.S. Supreme Court’s 1974 decision in American Pipe & Construction Co. v. Utah, the filing of a securities class action lawsuit tolls the running of the one-year statute of limitations. The question presented in the IndyMac MBS case is whether or not under American Pipe tolling the filing of a class action lawsuit tolls the three-year statute of repose.

 

Even though this case raises technical issues involving seemingly arcane legal doctrines, the case has potentially significant practical implications. If the filing of a class action lawsuit does not toll the statute of repose, current practices regarding class action opt-outs could be significantly affected. Institutional investors contend that they rely on class action claims filed by other claimants to prevent their claims from being time barred. They argue that if the statute of repose is an absolute bar, they would have to incur significantly higher litigation expenses as they would have to intervene earlier or otherwise act to protect their interests. They argue that they would have to become actively involved more frequently than they do now.

 

As discussed here, amicus briefs filed in the case argue that if the statute of repose is held to be an absolute bar not subject to tolling, class members in a large number of securities class actions would have to make wasteful “protective filings” in order to maintain their right to proceed independently and avoid being time-barred if class certification was subsequently denied.  These filings would drain judicial resources and impose costs on putative class members. Defense advocates contend that the statute of repose was intended to provide closure and finality to Securities Act claims as well as to spare the courts and litigants from the need to litigate stale claims.

 

One final issue that these cases raise is the underlying question of why the U.S. Supreme Court has proven to be so keen to take up securities cases. It used to be that years would pass between the U.S. Supreme Court’s consideration of a securities case. In more recent years, the Supreme Court has proven to be much more interested in securities cases, which has meant that these days potentially significant securities cases are on the Court’s docket every term. It will be interesting to see whether the Court continues this trend in the upcoming term and agrees to take on additional cases for this term and the term following.

 

Will Litigation Reform Bylaws Continue to Succeed in the Courts?: For years, defense advocates have sought to try to curb abusive ligation through reform legislation and other means, yet corporate and securities litigation has continued to vex companies and their executives. However, an interesting new initiative has recently emerged – the attempt to achieve litigation reform through amendments to corporate bylaws. So far these litigation reform bylaws have fared well in the courts, although it remains to be seen what the ultimate effect of these reform bylaws will be.

 

The first reform bylaw proposed and the one that seems to have gained the most widespread acceptance is the forum selection bylaw. As discussed here, in June 2013, the Delaware Chancery Court upheld the validity of a bylaw adopted by Chevron’s board that designated Delaware as the exclusive forum for adjudication of various shareholder disputes. An exclusive forum bylaw can discourage forum shopping by plaintiffs and the practice of litigating similar or identical claims in multiple jurisdictions. The bylaws remove the need to hire multiple counsel and to make filings in different jurisdictions. These provisions reduce the risk of inconsistent outcomes. And they allow companies to designate a court with particular expertise in corporate matters – for example, the Delaware Court of Chancery. The use of exclusive forum provisions has now become mainstream.  An increasingly large number of companies are adopting forum selection by laws and courts outside of the selected forum are showing a consistent willingness to enforce the provisions.

 

The next type of litigation reform bylaw that some companies have started to take up is the fee-shifting bylaw. This type of bylaw provides that an unsuccessful shareholder claimant in intra-corporate litigation would have to pay his or her adversaries’ cost of litigation. The Delaware Supreme Court stirred up quite a bit of controversy earlier this year in the ATP Tours, Inc. v. Deutscher Tennis Bund case when it upheld the facial validity of a fee-shifting by law. The controversy seemed headed for a swift resolution when the Delaware General Assembly quickly moved to act on a measure that would have limited the Supreme Court’s ruling to non-stock corporations (meaning that it wouldn’t apply to Delaware stock corporations). However, as discussed here, the legislature tabled the measure and now it will not be acted upon until at least January 2015.

 

While the continued validity of fee-shifting bylaws for Delaware stock corporations would seem to be in significant doubt, at least some companies are going ahead and incorporating these kinds of provisions in their bylaws, as discussed here. Interested parties and observers are busy debating whether or not under Delaware law stock corporations should (or should not) be allowed to adopt fee-shifting bylaws. For example, an August 27, 2014 Wall Street Journal op-ed piece (here) argued that companies should be allowed to adopt “loser pays” bylaws as a way to try to control costly shareholder litigation. It will be interesting to see how all of this ultimately plays out when the Delaware legislature takes up the tabled legislative measure in early 2015.

 

The most interesting and arguably most controversial proposal is the adoption of bylaws requiring shareholder disputes and claims to be resolved through binding arbitration. As discussed here, several courts have now upheld the validity of these types of bylaws, which may encourage other companies to consider adopting bylaws requiring shareholder disputes to be arbitrated. If mandatory arbitration bylaws barring class actions were enforceable, the likely outcome would be a decline in class actions, since the alleged existence of a class is a principal driver of attorneys’ fees.

 

However, as discussed here, there are a number of potential barriers to the widespread adoption of mandatory arbitration bylaws, including the policy of the Securities and Exchange Commission staff against allowing companies with arbitration provisions in their organizing documents to go public. Mandatory arbitration bylaws are also likely to attract significant negative stockholder sentiment, at least initially, particularly if they include a class action waiver.

 

Although these various proposed bylaws address different concerns, all of them represent a kind of litigation reform through bylaw revisions. There is obviously more of this story to be told before we can be certain what the ultimate impact of these provisions will be. It is interesting note the extent to which, as least so far, the validity of the reform bylaws has been upheld by the courts. These provisions potentially could have a significant impact on future corporate litigation, depending of course on the outcome of the pending measure in the Delaware legislature and the development of future court cases.

 

Is  Cybersecurity the Next Critical D&O Liability Issue?: The news at the end of August that J.P. Morgan and four other major U.S. banks had been hacked by overseas operatives was merely the latest incident highlighting how critical cybersecurity issues have become for all companies and their boards. These risks present significant privacy and network security concerns for just about every enterprise. Along with the reputational risks and operational integrity issues, cybersecurity also increasingly represents a potential liability exposure for corporate directors and officers, as highlighted by two sets of lawsuits filed this year.

 

First, as discussed here, in January 2014, shareholders filed two derivative lawsuits in the United States District Court for the District of Minnesota against certain officers and directors of Target Corp. The two complaints alleged that the defendants were aware of how important the security of private customer information is to customers and to the company, as well the risks to the company that that a data breach could present. The complaints allege that the company “failed to take reasonable steps to maintain its customers’ personal and financial information,” and specifically with respect to the possibility of a data breach that the defendants failed “to implement any internal controls at Target designed to detect and prevent such a data breach.”

 

Second, as discussed here, a shareholder for Wyndham Worldwide Corporation initiated a derivative lawsuit against certain directors and officers of the company, as well as against the company itself as nominal defendant, related to the three data breaches the company the company and its operating units sustained during the period April 2008 to January 2010. As noted here, the company is already the target of a Federal Trade Commission enforcement action in connection with the breaches. The plaintiff alleges that “in violation of their express promise to do so, and contrary to reasonable expectations,” the company and its subsidiaries “failed to take reasonable steps to maintain their customers’ personal and financial information in a secure manner.”

 

These two sets of lawsuits highlight the fact that the risks and exposures companies face in connection with cybersecurity issues include potential liability exposures for companies’ corporate boards. As discussed here,  SEC Commissioner Luis Aguilar underscored these potential liability exposures in a June 2014 speech which he stressed that “ensuring the adequacy of a company’s cybersecurity measures needs to be a part of a board of director’s risk oversight responsibilities.” He added the warning that “boards that choose to ignore, or minimize the importance of cybersecurity oversight responsibility, do so at their own peril.”

 

It remains to be seen how the plaintiffs in these actions fare. These cases may or may not prove to be successful for the plaintiffs. However, I think it is highly likely that we will continue to see more lawsuits of this type filed, particularly in connection with higher profile data breaches.

 

As these types of cases become more common, it will be interesting to see how the D&O insurance marketplace responds. At a minimum, it can be anticipated that carriers increasingly will include cybersecurity and cyber breach issues in the D&O insurance underwriting. Some carriers may even take more active steps to try to limit their exposures to cyber-related D&O exposures. At least one leading carrier has already started including privacy and network security exclusions on its management liability insurance policies issued to health care service companies. Other carriers may start to try to take defensive measures of this type.

 

At this point it seems that cyber breach-related issues are going to represent an increasingly important liability exposure for corporate directors and officers – and for their insurers.

 

Will Regulators Outside the U.S. Become Increasingly Active, and What Will the Impact Be?: One of the most distinctive aspects of the current global regulatory environment has been the increasing willingness of U.S. regulators to try to project U.S. enforcement authority outside the U.S. The cross-border assertion of U.S. regulatory authority has taken place across a broad range of regulatory and compliance issues, including, for example, antitrust, trade sanction, and taxation enforcement as discussed here.

 

In a series of developments that ultimately may prove be even more significant, regulators outside the Unites States have also recently become much more active. These regulators’ enforcement activities have significant implications within their respective home jurisdictions, but they may have important implications for all companies doing business in those countries, regardless of where the companies are domiciled. The developments may also have important D&O insurance implications as well.

 

One of the highest profile regulatory enforcement developments outside the U.S. in recent months was the July 2014 action by India’s securities regulator, the Securities and Exchange Board of India (SEBI), entered an order (here) against the founder and former executives of Satyam Computer Services to disgorge over $306 million in allegedly ill-gotten gains from their role in the scheme to falsify the company’s financial statements, as well as at least $201 million in interest. As commentator quoted in the Wall Street Journal article noted, “this order by itself is driving a message that SEBI is going to be aggressive in dealing with fraud in the Indian Capital Markets.” Indeed, in an August 27 2014 interview in the Financial Times (here), the head of SEBI is quoted as saying that India is “set to launch a fresh crackdown on securities fraud with a long-awaited revamp of insider trading rules and powers to boost investigation and enforcement.”

 

These developments in India are merely one part of the significant efforts by regulators around the world to ramp up their enforcement efforts. Authorities in a number of countries, including, among others, China and Brazil, have ramped up their anticorruption enforcement. China and the EU, among others, have also recently stepped up their antitrust enforcement.

 

This increase in regulatory activity can have significant implications for companies outside the regulators’ jurisdiction. To cite but one recent example, on July 24, 2014, the UK Serious Fraud Office announced that it had brought corruption charges against the UK subsidiary of Alstom in connection with transportation projects in India, Poland and Tunisia. The UK investigation commenced because of information provided to the SFO by the Office of the Attorney General of Switzerland. The company has already been fined for related activities by the Swiss government. Other recent examples of extensive cross border cooperation include the recent investigation of the alleged manipulation of the Libor benchmark interest rates.

 

It has been well-established that regulatory investigations in the U.S. can lead to follow on civil litigation, as discussed here.  The interesting recent development has been rise of follow-on civil litigation in the U.S. following regulatory activity outside the country. For example, as discussed here, in January 2014, Nu Skin Enterprises was hit with a securities class action lawsuit following news of an alleged investigation of the company’s allegedly fraudulent sales practices in China. Similarly, in June 2014, China Mobile Games and Entertainment Group was hit with a securities class action lawsuit following the news of an anti-bribery investigation in China involving company officials, as discussed here.  

 

These developments raise important issues about the liability exposures of the potentially affected companies as well as for their directors and officers. The liability exposures include not only the potential regulatory and enforcement risk but also the possibility of follow-on civil actions, brought by shareholders or others. The “others” that might bring claims include supervisory board members in those jurisdictions with the dual-board structure.

 

These issues in turn have important D&O insurance implications. The issues also present a particularly difficult challenge for D&O insurance underwriters involved in underwriting companies outside the U.S. as they must attempt to understand and anticipate these kinds of actions from regulators and how they may affect the companies under consideration.

 

Will Increased IPO Activity Mean Increased IPO-Related Litigation?: The number of companies completing initial public offerings is currently at the highest level in years. According to a recent study from Cornerstone Research (here), with the 112 IPOs in the first half of 2014, IPO activity is on pace to increase for the third consecutive year. IPO activity just in the first six months of 2014 equaled 71 percent of total IPO activity in 2013 and exceeded the full years 2009, 2010, 2011 and 2012. The favorable IPO environment has encouraged even more companies to move toward an IPO.

 

While the listing activity seems to bode well for the general economy as well as for the financial markets, the increased number of IPOs has also led to an uptick in IPO-related securities litigation. According to my unofficial and unaudited year-to-date securities class action litigation filing tally, through the end of August 2014, there were a total of 106 new securities class action lawsuits filed this year. (The year to date filing activity annualizes to a total of roughly 160 securities suit, more or less in line with the last couple of years).

 

Of the 106 securities suits so far this year, seven (or roughly five percent) were filed based on alleged misrepresentations in the company’s IPO documents. However, all but one of these suits involved companies that completed their IPOs in 2013. Lawsuits that may ultimately be filed against 2014 IPO companies are yet to emerge; given the increased level of IPO activity in 2014, it seems probable that when lawsuits against 2014 IPO companies develop, there will be more IPO-related lawsuits filed, simply because there were more IPOs.

 

Along with the likely increase in the number of IPO-related securities suits, an increase in the number of lawsuits involving pre-IPO companies – asserting, for example, failure to launch claims – also seems likely. When a company is on a trajectory toward an IPO, there is a natural tendency to focus on the liability exposures the company will face after it goes public. But the process leading up to the IPO often involves circumstances that can create their own set of risks and exposures. As a company readies itself to go public, it often restructures its operations, its accounting, its debt, or other corporate features. The company also makes pre-offering disclosures, for example, in road show statements. The process creates expectations that can create their own set of problems. All of these changes, disclosures and circumstances potentially can lead to claims, particularly if the offering does not go forward.

 

Often pre-IPO company management is reluctant to take the time to address D&O insurance issues at the appropriate time before the company is deep into the IPO process. But claims can and often do arise involving companies’ pre-IPO activities.

 

What Impact Will the JOBS Act Crowdfunding Provisions Have?:Among the factors contributing to the recent growth in the number of IPOs are the so-called IPO on-ramp procedures, which were enacted in 2012 as part of the Jumpstart our Business Startups (JOBS) Act, which among other things allowed  “Emerging Growth Companies” to file the registration statements confidentially. While some provisions of the JOBS Act, such as the IPO on-ramp provisions, are having an impact, other provisions are yet to go into effect. Most significantly, the SEC is yet to release the final regulations pertaining to crowdfunding.

 

The JOBS Act contained statutory provisions providing exemptions under the securities laws allowing certain kinds of start up ventures to raise equity financing from non-accredited investors using Internet fundraising platforms. The statutory provisions specified that the SEC was to provide implementing regulations. The SEC finally published proposed crowdfunding rules in October 2013 (as discussed here); however, the agency has yet to publish the final rules, and so the JOBS Act crowdfunding initiative is still  yet to take effect, a development for which the SEC is now facing considerable criticism from members of Congress

 

Eventually, the SEC will release the final crowdfunding rules and companies will be able to raise equity financing from non-accredited investors through online platforms. It is hard to know how significant a development this will turn out to be, since the JOBS Act imposes restrictive limitations on the amounts companies can raise through crowdfunding offerings. For example, companies may sell no more than $1 million of securities within any 12-month period and the amount sold to any one investor may not exceed specified per investor annual income and net worth limitations

 

Another issue that will be important to watch is the extent to which disappointed crowdfunding investors try to invoke the liability provisions Congress included in crowdfunding provisions. The Act expressly imposes liability on issuers and their directors and officers for material misrepresentations and omissions made to investors in connection with a crowdfunding offering. The companies likeliest to engage in crowdfunding will be smaller private companies, but just the same the crowdfunding liability provisions create the possibility for these companies of liabilities under the federal securities laws.

 

This combination of small private companies and potential federal securities law exposure represents a conundrum for the D&O insurance marketplace, which views the world as neatly divided between private and public companies. These crowdfunding provisions may blur the clarity of this division, a development that the D&O insurers are struggling to address. Responses from the carriers have ranged from, on the one hand, at least one carrier mandating the inclusion on all private companies of an endorsement precluding coverage  for liability arising from crowdfunding activities, while on other hand, another carrier recently introduced an endorsement expressly extending coverage under its private company policy to crowdfunding.
The D&O insurance marketplace’s adjustments to crowdfunding have so far all taken place in anticipation of the advent of equity financing through crowdfunding. Once the implementing regulations finally take effect, there undoubtedly will be further responses and adjustments in the marketplace, particularly as if become clear how significant the threat of crowdfunding liability will turn out to be. The private company D&O insurers will be watching these developments very closely.

 

How Will the Mass of Pending Failed Bank Litigation Play Out?: Even though the peak of the financial crisis is now several years past, banks have continued to fail. During 2014, a total of 14 banks have failed, although there were no bank closures at all during August. The number of bank failures is down significantly from recent years and it seems probable that the number of closures eventually will slow to no more than a trickle.

 

As reflected here, the FDIC has filed a total of 97 lawsuit against directors and officers of failed banks as part of the current bank failure wave. In addition, through July 24, 2014, the FDIC has authorized suits in connection with 145 failed institutions. But while the extent to which the number of authorized lawsuits exceeds the number of lawsuits filed would seem to imply a backlog of as yet unfilled litigation, the fact is that the pace of the agency’s lawsuit filing activity has slowed. The agency has not filed any new lawsuits since May 2014. It may be that as the bank failures wind down, the level of lawsuit activity will wind down as well. One likely contributing factor is the lapse of the three-year statute of limitations with respect to the bank closures during the second half of 2009 and the first six months of 2010, when the number of bank failures peaked.

 

According to the FDIC, of the 97 lawsuits it has filed, 26 have fully settled and one resulted in a favorable jury verdict. These numbers imply a significant number of pending and as yet unresolved lawsuits that will continue to work their way through the system. There are a number of important implications from this continuing litigation.

 

First, it seems likely that we will continue to see significant judicial decision-making on issues relating to the liabilities of directors and officers. The failed bank litigation has already led to a number of significant decisions on issues relating to D&O liability. For example, in July 2014, in connection with one of the failed bank cases pending in Georgia, the Georgia Supreme Court issued a landmark decision discussing the protections available under Georgia law to corporate directors and officers under the Business Judgment Rule, as discussed here. As the pending cases continue to work their way through the system we may see further judicial decisions affecting the liability exposures of directors and officers.

 

Second, in connection with insurance coverage litigation that has arisen in conjunction with the FDIC failed bank litigation, we will see further judicial decisions interpreting key D&O insurance policy provisions. For example, as discussed here, there have been a number of interesting decisions addressing the question of whether or not the insured vs. insured exclusion found in most D&O insurance policies precludes coverage for claims brought by the FDIC in its capacity as receiver of a failed bank. So far, the cases have reached differing conclusion on this question. But in any event, it seems likely there will be further judicial decisions interpreting D&O insurance policy language as the failed bank insurance coverage litigation unfolds.

 

Third, the pending litigation will continue to weigh on the D&O insurance carriers that are active in providing insurance to commercial banks. Even though the peak in the financial crisis is now well in the past, the ongoing litigation continues to produce adverse development in these carriers’ prior underwriting year results and to undermine their current calendar year results, a combination that is particularly painful in the current low interest rate environment (when there is less investment income with which to try and offset adverse claims experience).

 

The banking-related claims losses are continuing to accumulate at the same time that the overall universe of potential banking-related buyers continues to shrink, due to the combination of mergers and the dearth of new bank formations. As a result, the carriers are struggling to spread adverse loss experience across a shrinking portfolio. The accumulating losses from prior underwriting years and the shrinking customer pool means that it is harder for these carriers to show an underwriting profit on a current calendar year basis. The heightened loss experience and shrinking customer base suggests that these carriers will be facing pressure on their calendar year results – and therefore on premiums — for some time to come.

 

Will Environmental Liability and Climate Change Emerge as Important D&O Liability Issues?: During the financial crisis, many issues and concerns that previously had loomed large moved further down the agenda. Even though the recovery from the crisis is still uneven, some of the issues that fell by the wayside are moving back up the list of priorities. Environmental liability issues are among these concerns. Among other things, this has meant an uptick in D&O litigation arising from environmental issues.

 

In recent months, there have been a number of securities class action lawsuits filed based on alleged misrepresentations of the defendant company’s environmental compliance. On August 7, 2014, the securities suit filed against Exide Technologies and certain of its directors and officers based on the defendants’ allegedly misleading statements about the company’s compliance with environmental regulations became the latest environmental disclosure securities suits to overcome the initial pleading hurdles. A copy of Central District of California Judge Stephen V. Wilson’s August 7, 2014 order denying the defendants’ motion to dismiss can be found here

 

The survival of the environmental disclosure securities suit against Exide comes closely after the Second Circuit’s recent ruling in the JinkoSolar securities suit, discussed here, in which the appellate court reversed the lower court dismissal of the suit and concluded that the plaintiffs’ allegations concerning the alleged deficiencies of the defendant company’s environmental compliance disclosures were sufficient. While these are just two cases, it does seem as if the plaintiffs are getting some traction in securities suits based on environmental compliance disclosures. These cases underscore the fact that reporting companies’ environmental compliance disclosures are facing increasing scrutiny, making the quality of the environmental disclosures increasingly important.

 

As the derivative lawsuit filled earlier this year against the board of Duke Energy highlights, environmental issues apparently are becoming an area of increasing focus for plaintiffs’ lawyers. As cases like those filed against Exide and JinkoSolar prove to be viable, further cases based on environmental compliance and environmental disclosures may follow.

 

In addition to these issues arising from traditional environmental liability concerns, there may be reason to be concerned that D&O liability issues could arise from alarms over global climate change. As discussed here, in a series of letters sent to board members of various major energy companies and to a number of participants in the directors and officers liability insurance industry, three environmental groups contend that climate change denial by energy industry representatives presents a risk of personal liability to the individual energy company board members. The letters also contend that “the threat of future civil or criminal litigation could have major implications for D&O liability insurance coverage.” The letters were sent in late May by three environmental organizations – Greenpeace International, the World Wildlife Fund International and the Center for International Environmental Law – to board members at 32 energy companies and to 44 participants in the D&O insurance industry.

 

Even though the environmental groups’ letter writing campaign clearly was a publicity stunt, there could be some truth to the idea that there will be efforts to hold corporate board members personally liable for the costs associated with climate change. For that matter, it may even be these same environmental groups that bring these claims. Other claims could come from shareholders, regulators, property owners, municipalities and even insurers. Of course any claim of this type would face significant causation issues among many other hurdles. But just the same there may be some truth to the environmental groups’ suggestion that climate change-related claims against corporate boards could be coming.

 

While one might question the groups’ tactics and methods, it probably is in fact a worthwhile exercise for the D&O industry to think about whether or not climate change related claims might be coming and to think about how the industry should be preparing to respond. The list of items to be considered includes questions about how these possibilities should affect pricing, underwriting and risk selection. The issues also should include terms and conditions – such as, for example, whether the provisions of the typical pollution and environmental liability exclusion found in many policies needs to be revised.

 

What Does All of This Mean for the D&O Insurance Marketplace?: Because of the developments discussed above and numerous other issues and concerns, D&O insurers must operate in a dynamic and rapidly changing environment. In addition, as noted above, the insurers also must operate in a low interest rete environment, in which there will be little interest income to offset claims losses. Insurers face pressure to produce underwriting profit in an environment that makes profitable underwriting challenging.

 

Based on these concerns as well as ongoing claims results, primary public company D&O insurers and private company D&O insurers continue to push for rate increases, with at least some success. Even in an environment where new competitors continue to appear, the marketplace is continuing to support price increases, although to a lesser extent than in recent years and to a lesser extent for excess insurance. For some public company D&O buyers, increases in the premium for the primary D&O insurance continue to be offset at least in part by premium savings on their excess insurance.

 

The marketplace remains challenging for financially distressed risks or companies with adverse claims histories. In addition, certain risk classes – for example, developmental stage biotech companies, some commercial banks, and public non-traded REITS — continue to be viewed as higher risk and to pay higher premiums for their D&O insurance.

 

Despite all of the challenging circumstances, the D&O insurance marketplace continues to attract new players. The continued competition means that all of the trends toward a hardening market are blunted. For D&O insurance buyers outside the higher risk categories and with healthier financials, the marketplace remains generally favorable. By and large, policyholders continue to be able to obtain broad coverage; so far, the carriers have not significantly pulled back on terms and conditions.

 

Of all the things to watch in the months ahead in the world of D&O, one of the most interesting will be to see how the D&O insurers respond to the continuing challenges in a rapidly changing environment. 

 

Upcoming PLUS Event in London: On September 29, 2014, I will be in London to participate in the Professional Liability Underwriting Society (PLUS) regional symposium. The luncheon event, which is entitled “Dangers of Long Arm Enforcement in a World WIthout Borders” will take place at Gibson Hall. I will be making a presentation at the event on the topic of “The Dangerous Cross-Border Regulatory Environment.” The keynote speaker at the event will be the author and consultant David Berminham, who is best known as one of the NatWest Three, who will be presenting his own personal perspective on cross-border enforcement based on his extradition to the U.S. on charges related to the Enron scandal. Following the keynote address, Berminham and I will discuss the evolving challenges in an increasingly global regulatory environment.

 

Background details about the event, including registration information, can be found here. I have participated on a panel with David Bermingham in the past and I can assure everyone that this will be a lively and interesting event. I hope all of my UK readers and friends will plan on attending.

 

 

wywoI have no idea where summer went, but with the passage of Labor Day weekend there’s no denying that summer is over and that it is time to get back to work. For those of you who were fortunate enough to take some time off this summer or who maybe just found it a little harder to keep up during the warmer months, here’s a brief survey of what you missed while you were out.  

 

The biggest development this summer was the U.S. Supreme Court’s June 2014 decision in the Halliburton case, although it was not nearly as big of a deal as it would have been if the Supreme Court had dumped the “fraud on the market” theory. Because I suspect that at this point most readers are well aware of the Halliburton decision and because the Court’s decision has been thoroughly reviewed and discussed (on this blog and elsewhere), I won’t dwell on Halliburton here. Besides, there were a lot of other important things that also happened this summer. Here’s a quick summary of the other important developments, in no particular order.

 

U.S Supreme Court Rejects “Presumption of Prudence” for ESOP Fiduciaries: The U.S Supreme Court’s Halliburton decision may not have been the game changer that it might have been, but the Court did still stir things up quite a bit in its decision in another case.  On June 25, 2014, the U.S. Supreme Court held in Fifth Third Bank v. Dudenhoeffer that ESOP fiduciaries are not entitled to a “presumption of prudence” in connection with their decision to invest in or maintain investments in employer stock. In a unanimous opinion written by Justice Stephen Breyer, the Court held that ESOP fiduciaries are subject to the same duty of prudence that applies to ERISA fiduciaries in general, other than the duty to diversify plan assets. The court’s opinion can be found here.

 

In recent years, several of the Circuit courts had recognized the existence of a presumption of prudence for ESOP plan fiduciaries. Many ESOP plan fiduciaries had successfully relied on the presumption as the basis for a motion to dismiss claims filed against them under ERISA. The Supreme Court’s opinion could make it more difficult for ESOP fiduciaries to obtain dismissal in ERISA stock drop cases. However, the Court did recognize the importance of motions to dismiss in helping to weed out meritless suits. The Court laid out several guidelines for the lower courts to use in considering motions to dismiss in ERISA stock drop suits. The net effect of the Court’s opinion is that the environment for ERISA stock drop litigation has been substantially changed, as discussed here.

 

Delaware Legislature Tables Measure to Address Fee-Shifting ByLaws: The Delaware Supreme Court stirred up quite a bit of controversy earlier this year in the ATP Tours, Inc. v. Deutscher Tennis Bund case when it upheld the facial validity of a fee-shifting by law. The bylaw provided that an unsuccessful shareholder claimant in intra-corporate litigation would have to pay his or her adversaries’ cost of litigation. The controversy seemed headed for a swift resolution when the Delaware General Assembly quickly moved to act on a measure that would have limited the Supreme Court’s ruling to non-stock corporations (meaning that it wouldn’t apply to Delaware stock corporations). However, in late June, the legislature tabled the measure and now it will not be acted upon until at least January 2015.

 

In the meantime, interested parties and observers are busy debating whether or not under Delaware law stock corporations should (or should not) be allowed to adopt fee-shifting bylaws. For example, an August 27, 2014 Wall Street Journal op-ed piece (here) argued that companies should be allowed to adopt “loser pays” bylaws as a way to try to control costly shareholder litigation. In addition, even though it remain unclear whether or not fee-the Delaware legislature will ultimately pass legislation barring fee-shifting bylaws for stock corporations, some companies are going ahead and revising their bylaws to incorporate a fee-shifting provision, as discussed here.

 

SEC Commissioner Aguilar Addresses Cybersecurity Oversight Responsibilities of Corporate Boards: At least one SEC commissioner has made it clear that as far as the SEC is concerned cybersecurity is an important issue on which corporate boards should be engaged. In a June 10, 2014 speech entitled “Boards of Directors, Corporate Governance and Cyber-Risks: Sharpening the Focus” delivered at the New York Stock Exchange, SEC Commissioner Luis A. Aguilar stressed that “ensuring the adequacy of a company’s cybersecurity measures needs to be a part of a board of director’s risk oversight responsibilities.” He added the warning that “boards that choose to ignore, or minimize the importance of cybersecurity oversight responsibility, do so at their own peril.” A copy of Aguilar’s speech can be found here.

 

While Aguilar’s speech referred only to the efforts of shareholders to hold board members accountable through litigation, the fact is that – as his speech itself underscores – cybersecurity is an increasingly important issue to the SEC itself. A message implicit in his speech is that the Commission may hold boards accountable for their responsibilities as well. At a minimum, Aguilar’s speech underscores that cybersecurity is an issue on which the Commission is focused and about which the Commission is concerned.

 

Georgia Supreme Court Affirms, Elucidates Business Judgment Rule – and Its Limitations: A recurring issue in FDIC litigation against the former directors and officers of failed banks has been whether the business judgment rule insulates the defendants from claims of ordinary negligence. This question has been particularly important in Georgia, where there were more bank failures than any in other state and consequently more failed bank litigation. Several federal district courts, applying Georgia law, have ruled that individual defendants are entitled to have the FDIC’s negligence claims against them dismissed based on the business judgment rule (as discussed, for example, here).

 

On July 11, 2014, the Georgia Supreme Court ruled in Federal Deposit Insurance Corporation v Loudermilk (here) that the common law of Georgia recognizes the business judgment rule and that the rule has not been superseded by Georgia statutory law. But while the Court found that the rule insulates directors ad officers from claims of negligence concerning the wisdom of their judgment, it does not foreclose negligence claims against them alleging that their decision making was made without deliberation or the requisite diligence, or in bad faith.

 

The Georgia Supreme Court’s decision will have an immediate impact on the many FDIC lawsuits involving failed Georgia banks, as it will substantially affect the ability of the individual defendants to have the claims against them dismissed. The practical implication of the Georgia Supreme Court’s ruling is that many – perhaps even most — of the FDIC negligence claims against former directors and officers of Georgia banks will survive motions to dismiss.

 

The precedential authority of the Georgia Supreme Court’s decision is limited to cases to which the law of Georgia applies. However, the decision may have persuasive effect in cases to which other jurisdictions’ law applies. It is rare for any state’s Supreme Court to address these kinds of issues, and as the Georgia Supreme Court’s opinion is both a scholarly, thoughtful ruling and the rare pronouncement by a court of highest authority, it undoubtedly will be invoked by parties in other courts and considered by courts in other jurisdictions, as discussed in greater detail here.

 

Inversion Transactions and Corporate Liability: Among the developments dominating the business headlines in recent weeks has been the rising wave of so-called “inversion” transactions in which U.S. companies acquire foreign firms to avoid U.S. tax laws As discussed in a July 15, 2014 Wall Street Journal article (here), the Obama administration is calling for Congress to pass legislation to restrict U.S. companies’ ability to participate in inversion transactions. U.S. Treasury Secretary Jacob Lew sent a letter to Congressional leaders calling on them to “enact legislation immediately…to shut down this abuse of our tax system.”

 

While it is hardly surprising that inversion transactions are controversial in Washington, it would seem given the tax benefits that they would be popular with shareholders, and that the last thing that would happen would be for a company announcing an inversion transaction to get hit with a shareholder suit. However, in this country’s litigious environment, even a transaction seemingly as beneficial for a company as an inversion apparently can generate a shareholder suit.

 

According to a July 17, 2014 St. Paul Pioneer Press article (here), on July 2, 2014, a shareholder of Minnesota-based Medtronic has filed a class action lawsuit in Hennepin County District Court challenging the company’s planned $42.9 billion acquisition of Ireland-based Covidien, which will result in a new company to be called Medtronic PLC. The shareholder plaintiff contends that the transaction, in which Medtronic shareholders will receive shares in the new company in exchange for their existing Medtronic shares, will result in a “substantial loss” for Medtronic shareholders. The plaintiff alleges that the shareholders will have to pay taxes on any gains on their shares, but the transaction will not generate cash out of which to pay the taxes. According to the article, the lawsuit alleges that “Medtronic shareholders will be forced to pay taxes on any gains in Medtronic stock.”

 

India’s Securities Regulator Imposes Massive Penalties on Satyam’s Founder and Other Executives: As discussed here, Satyam was quickly dubbed the “Indian Enron” in early 2009 after the company’s founder, Ramalinga Raju, sent an extraordinary letter to the company’s board in which he admitted, among other things, that ”the company’s financial position had been massively inflated during the company’s expansion” from a handful of employees into an outsourcing giant with 53,000 employees and operations in 66 countries.

 

On July 16, 2014, India’s securities regulator, the Securities and Exchange Board of India (SEBI), entered an order (here) against the founder and former executives of Satyam Computer Services to disgorge over $306 million in allegedly ill-gotten gains from their role in the scheme to falsify the company’s financial statements, as well as at least $201 million in interest.

 

The size of the penalty against the individuals is clearly meant to make a statement. According to the Wall Street Journal, SEBI “has faced criticism from investors for a perceived lack of vigor” but “lately has seemed more assertive.” A commentator is quoted in the Journal article as stating that “this order by itself is driving a message that SEBI is going to be aggressive in dealing with fraud in the Indian Capital Markets.”

 

Outside the U.S., the aggressiveness of U.S. regulators is a frequent source of complaint. As this SEBI order demonstrates, U.S. regulators are not the only ones primed to impose large fines. Regulators everywhere, under pressure from the recent global financial crisis as well as because of the periodic outbreak of massive scandals like Satyam, increasingly are taking a more aggressive approach and increasingly are seeking to use regulatory tools to enforce their own laws and to impose penalties. These regulatory initiatives, which are emerging in countries around the world, have significant implications for companies, their executives, and their insurers. 

 

Dodd-Frank Anti-Retaliation Provisions Do Not Protect Overseas Whistleblowers: In the latest fiscal year report of the SEC Office of the Whistleblower, the agency reported that as of the end of the 2013 fiscal year it had received a total of 6,573 whistleblower reports since the Dodd-Frank whistleblower program’s inception. These figures include not only domestic U.S. whistleblower reports but also reports from a total of sixty-eight different countries. During fiscal year 2013, there were 404 whistleblower reports from outside the U.S. representing nearly 12% of all reports during the year. Clearly, whistleblower reports from non-U.S. countries have represented a significant part of the whistleblower program, and foreign whistleblowers have been drawn to the program.

 

However, based on a recent Second Circuit decision, prospective foreign whistleblowers thinking about making a whistleblower report had better be prepared to watch out for themselves, as according to the appellate court’s August 14, 2014 decision in Liu Meng-Lin v. Siemens AG (here), the Dodd-Frank Act’s whistleblower anti-retaliation protections do not apply extraterritorially — that is, they do not protect whistleblowers outside the U.S. This ruling obviously could dampen the interest of prospective foreign tipsters from making whistleblower reports.

 

The Second Circuit’s decision clearly will have an impact on prospective whistleblowers outside the United States.  Many may hesitate to make reports out of fear of retaliation. Just the same, the Second Circuit’s decision left many questions unanswered. The Second Circuit’s ruling gives no indication of what the impact on its ruling might have been if the whistleblower were a U.S. citizen or if the whistleblower report had involved a U.S. company operating overseas, or if any of the alleged misconduct had taken place inside the U.S. These issues will have to be addressed in future cases. In the meantime, it seems probable that the seeming enthusiasm for whistleblower reports from outside the U.S. will be dampened.

 

Securities Suits Hit Firms Allegedly Using Stock Promoters to Boost Share Price: On July 30, 2014, when a plaintiff shareholder filed a securities class action lawsuit against the firm and certain of its directors and officers, Galectin Therapeutics became the latest company to be hit with a securities suit following press reports that the company had used a stock promotion firm to try to boost its share price. There have already been several other companies against whom securities lawsuit have been filed this year that are similarly alleged to have used stock promotion firms.

 

As discussed here, the lawsuit against Galectin is merely the latest in series of suits that have been filed so far this year against companies alleged to have used stock promotion firms to try to boost their share price. Several of the firms that have been sued are alleged to have used a stock promotion firm known as The DreamTeam Group.  Lawsuits involving allegations that the defendant companies have been filed earlier this year against Galena Biopharama (here); CytRx Corporation (here); InterCloud Systems (here); and Provectus Biopharmaceuticals (here).

 

Whatever companies’ thought process is for using these kinds of services to promote their companies, it is clear that news about the companies’ use of the firms can have a negative impact on the company’s stock (which obviously is counter to the idea of using the promotional firms in the first place). As the lawsuits above underscore, the alleged use of these firms can also result in securities class action litigation.

 

The Pre-IPO Company and “Failure to Launch” Claims: Due to a combination of favorable circumstances, the number of companies completing initial public offerings is currently at the highest level in years. According to a recent study from Cornerstone Research (here), with the 112 IPOs in the first half of 2014, IPO activity is on pace to increase for the third consecutive year. IPO activity just in the first six months of 2014 equaled 71 percent of total IPO activity in 2013 and exceeded the full years 2009, 2010, 2011 and 2012. The favorable IPO environment has encouraged even more companies move toward an IPO. However, for a company starting down the road toward an IPO, there are a number of risks. Among other things, pre-IPO companies face increased risks of liability and claims, particularly when the planed IPO fails to launch.

 

A recent case filed in New York (New York County) Supreme Court illustrates the kinds of “failure to launch” claims that pre-IPO companies can face. According to the plaintiff’s August 1, 2014 complaint (which can be found here), defendant Westergaard.com is a Delaware corporation with its principal place of business in Fujian, China. In 2011, Westergaard completed a private placement that provided for “automatic redemption” of the units sold in the placement if the company failed to complete an IPO at an offering price of $3.00 or greater within two years of the private offering’s closing date. The redemption amount was specified as $3.00 per share. The complaint alleges that private placement transaction closed on October 24, 2011, but that the company did not complete an IPO within two years of that date nor has it yet completed an IPO. The plaintiff is assignee of investors who had purchased units in the private placement. The plaintiff filed the action as assignee to enforce the redemption provisions in the private placement agreement, as well as to recover its costs of collection.

 

While the particulars of this claim may reflect the specific circumstances of the company involved, the situation nevertheless does illustrate how a pre-IPO company’s failure to launch can lead to claims from disappointed investors. This case shows how pre-IPO activities can give rise to claims, and therefore underscores the importance of taking these kinds of risks into account when structuring the D&O insurance coverage for a Pre-IPO company. If IPO activity continues to pick up, that will not only increase the possibility of IPO-related claims, but it also increases the possibility of pre-IPO claims as well.

 

Second Circuit Says Domestic Securities Transaction Necessary But Not Sufficient to Invoke U.S. Securities Laws: In its 2010 decision in Morrison v National Australia Bank, the U.S. Supreme Court had, based on its determination Congress had not intended for the U.S. securities laws to apply extraterritorially, attempted to establish a bright line test to determine the applicability of U.S. securities laws. The Supreme Court said that the U.S. securities laws apply only to shares traded on the domestic securities exchanges and to “domestic transactions in other securities.”

 

On August 16, 2014, in a long-awaited decision that could fuel disputes in future cases, the Second Circuit affirmed the dismissal of the securities suits swap agreement purchasers had filed against Porsche and its executives. In an unsigned per curiam opinion (which can be found here), the Second Circuit — concerned the application of Morrison as the plaintiffs urged would result in the very kind of extraterritorial extension of U.S. securities laws Morrison had sought to avoid — said that while it is necessary for the U.S. securities laws to apply that a domestic transaction is involved, it is not sufficient. The court went on to say that the claims in this case are so “predominately foreign as to be impermissibly extraterritorial,” even though the swap transactions at issue allegedly had been completed in the U.S.

 

The difficulty with the Second Circuit’s extension is that it invites further disputes, particularly given the lengths to which the Court went to avoid any suggestion that it was laying down a bright-line rule. The Second Circuit provided little guidance about what may be “sufficient,” except to say that the U.S. securities laws are implicated when a domestic transaction is involved and the defendants “are alleged to have sufficiently subjected themselves to the statute.” The groundwork seems to be set for future disputes about whether a plaintiff’s allegations have established the elements that are both “necessary” and “sufficient” to warrant the application of the U.S. securities laws.

 

Foreign Affairs: I hope interested readers will take the time to read the summaries I recently published of my August visits to Singapore (here) and Mumbai (here).

 

Coming Attractions: If all goes according to plan, tomorrow, September 3, 2014, I will be publishing my annual “What to Watch in the World of D&O” post, in which I survey the hottest topics affecting the world of directors’ and officers’ liability.  

 

095aThe D&O Diary’s Asian tour continued last week with a stop in Mumbai, India’s most populous city and the country’s financial and commercial capital. I travelled to Mumbai for business meetings and for an industry event, as described below, but while there I also had a chance to encounter one of the world’s most distinctive cities. It is an experience I will not soon forget.

 

Mumbai is perched on the Arabian Sea, on India’s west coast. As a082a result of its seaside location and its rich cultural heritage, the city encompasses a broad range of beautiful sites, such as the lovely view from the top of Malabar Hill (pictured left), and well-known landmarks, like the iconic Gateway to India (a late colonial era archway of yellow basalt adjacent to the city’s harbor, pictured at the top of the post).

 

Mumbai is massive, in ways that are almost beyond description or even comprehension. Its population of over 12.5 million makes it the fifth-largest city in the world. Its metropolitan area population of more than 21 million is almost as large as that of the entire continent of Australia.

 

043aI was fortunate on my arrival day to have an insider’s tour of the city from my Mumbai host, Burzin Somandy. Burzin clearly enjoyed showing off his hometown, including the upscale hills of Juhu, where he grew up and where he also now lives –and, as he pointed out, where many of the Bollywood stars reside. We also visited Juhu Beach, a popular seaside area on the Arabian Sea, and we toured the Sri Sri Radharasabihari Temple, the marble headquarters of the Hare Krishna movement. We then visited the site of the ruined Portuguese colonial era Castella de Aguada fortifications, at Land’s End in the Bandra district. From the ruined fort’s ramparts, we could look across Mahim Bay to the  impressive skyline of the city’s financial district and the beautiful new Bandra-Worli Sea Link, a 3.5 mile long cable-stayed bridge that connects central Mumbai with the city’s western suburbs, as pictured above. 

 

The next day, I toured South Mumbai on my own, in a hired car. I 072avisited the Haji Ali Dargah, a fifteenth century mosque and tomb built off of the coast on a small island accessible only by a walkway that is submerged at high tide. I also toured Mani Bhavan, pictured right, the modest house where Mahatma Gandhi lived from 1917 to 1934 and from which he launched the Satyagraha movement as part of his efforts in support of Indian independence. Despite the wiltingly hot sunshine and steamy conditions, I joined  many family groups for a Sunday afternoon stroll in the lush gardens at the top of Malabar Hill and then visited many of the landmarks of the British colonial era, some of which are shown in the pictures at the end of this post.

 

While I was in Mumbai, I also had the chance to enjoy a sample of some of the many different kinds of cuisine available, including a memorable meal of spicy South Indian vegetarian food at a restaurant called Banana Leaf in the Western suburb of Bandar (first picture, below) and Gujarati food at Soam in Chowpatty District in Southern Mumbai (second picture). The range of tastes and textures was truly extraordinary.

 

011a

 

073a

 

There is much to be impressed with in Mumbai – such as the  luminous new airport; the beautiful Sea Link bridge; and the gleaming skyline of the city’s modern office buildings. Yet for all of the city’s evident dynamism and for all of its diversity and rich history, the most striking impression of Mumbai for first-time visitors may be the startling contrasts. Great wealth and extreme poverty sit side-by-side in Mumbai.

 

At the street level, Mumbai can be absolutely overwhelming. The first morning while I was there, I walked down the driveway of the Four Seasons Hotel where I was staying, with the idea of strolling around the surrounding neighborhood. The first picture below depicts the scene that greeted me immediately opposite the end of the driveway. As I walked south along the roadway, I saw people sleeping in improvised shelters along the footpath; crowds of pedestrians walking in the street; tradesmen pulling handcarts loaded with building materials; vendors with pushcarts full of baked sweet potatoes or corn; ranks of parked taxi cabs with their drivers wiping down their vehicles;, ramshackle buildings with laundry hung out to dry; motorcycle taxi cabs; makeshift food stands selling tea. Stray dogs wandered about, pools of stagnant water filled the many tire-destroying potholes, flocks of crows picked at random garbage tips in the roadway. This description doesn’t even come close to capturing the overwhelming kaleidoscope of sights and sounds and smells I encountered, and all of that just outside the hotel. 

 

056a

 

057a

 

060b

 

061a

 

062a

 

008a

 

When I had walked out of the hotel driveway, the security guards said nothing, but gave me a raised-eyebrow look of surprise. When I returned, they smiled and said good morning. They were clearly relieved to see me back. When I later told one of my Mumbai friends I had toured the neighborhood alone on foot, she paused before saying, “Well, that was adventurous.” I am not sure whether or not it really was adventurous – but on the other hand, I didn’t venture out alone on any more walks for the remainder of my visit. I only left the hotel grounds in an automobile.

 

Instead of a comprehensive picture of this massive city, I have only a series of impressions – for example, the predawn sound of the morning call to prayers at the local mosque, which awoke me even on an upper floor of my upscale hotel. At many intersections, beggars and street vendors would tap insistently at the car window, only relenting after the light changed and the car started to move. On the road to the upscale residential district of Malabar Hill, an old woman with a large metal urn balanced on her head led a cow by a tether. A man on a motorcycle sped past my taxi cab, his two small children and his wife dressed in a burqa crammed into a sidecar.

 

One particular incident stands out. When I was at the Gateway to India, a monk approached while I was attempting to take a picture.  I motioned him away, but a street vendor who saw what was happening came over and said, “No, no, no, please sir, do not drive him away, he will give you a blessing for the Ganesh festival, it will bring you good luck.” I shrugged my shoulders and allowed the monk to tie some colorful yarn around my wrist; he also handed me some small candies and he said a short prayer. The street vendor then said, “The blessing is free, but you can make a donation to the temple if you wish.” I became concerned the street vendor and the monk were working a scam together, a concern that was reinforced when the street vendor offered that if I gave 1,000 rupees (about $16), the monk could study and pray at the temple for a whole year. I turned to the monk and said, “A whole year for 1.000 rupees?” and the monk said, “Oh, yes, sir.” Somewhat surprised by the extreme austerity implied by this statement, I asked, “And what could you do with 2,000 rupees?” The monk said, “Please sir, do not give me 2,000 rupees. I need only 1,000 rupees. I do not need 2,000 rupees. 1,000 rupees would be a blessing, 2,000 rupees would be a curse.” I drew a 1,000 rupee note from my pocket and gave it to the monk. He tapped me lightly on the head, and then shook my hand and said, “God bless you, sir.” After the blessing, the monk set off in one direction, the street vendor in another. I stood blinking in the intense sunlight, the perspiration soaking through my shirt, a rivulet of sweat running down my spine. After a moment, I collected myself and  then recalled that I had meant to take a picture of the Gateway to India. The picture I took is the top of the post.  

 

Readers may recall that before visiting Mumbai, I had first travelled to Singapore, a city that is shiny and modern and very easy to understand and appreciate. Mumbai may be about as different from Singapore as a city could be. If Singapore is, as is often said, Asia for beginners, then Mumbai is the advanced level course. As attractive as Singapore is, it is also, by contrast to Mumbai at least, superficial. Mumbai may be chaotic and challenging, but it is also diverse and complex, full of many meanings and messages. I doubt any one person could every fully understand it. With my first visit, I have started the process of trying; I hope to be able to continue the process in the future. 

 

At the outset of my trip to Asia, I flew west in a large arc across Canada, and then along the eastern edge of the Asian landmass, before heading across Southeast Asia to Singapore. From Singapore, I flew across the Indian subcontinent to Mumbai. For my return home from Mumbai, I continued to head west, flying across the Middle East and on to Frankfurt, and then over the Atlantic Ocean, back to the United States. By the end of the journey, I had circumnavigated the globe. I had also traveled a very long way as well, literally and figuratively.  

 

*********

 

I am pleased to report that the industry event that was the primary reason for my visit to Mumbai was a great success. The event, which had been organized by a group of industty friends including Burzin Somandy (the Mumbai tour guide mentioned above) and my good friend Aruno Rajaratnam, was called Bima Gyaan, which means “insurance knowledge” in Sanskrit. The event drew a capacity crowd of over 120 people to an afternoon session at a banquet hall facing the Arabian Sea. I congratulate the committee (pictured below together with all of the speakers and panelists) for a very successful event.

 

I enjoyed the chance to meet so many industry colleagues and to make so many new friends. It was an honor and a pleasure to be a part of this excellent event.

 

001a

 

I was delighted to learn that many of the event attendees are regular readers of The D&O Diary, including in particular several readers who had traveled to Mumbai for the event from a variety of far- flung locations in India, such as Chennai, Hyderabad, and Pune. It never ceases to amaze me – I sit in my office in Cleveland and type up my little blog posts, and when I hit send people as far as away as Hyderabad and Chennai read and appreciate what I have written. The Internet is an amazing thing.

 

More Pictures of Mumbai:

The Haji Ali Mosque and Dargah

 068a

 

 

 

 

 

 

 

 

 

University of Mumbai, Clock Tower

114a

 

 

 

 

 

 

 

 

 

Sri Sri Radharasabihri Temple

014a

 

 

 

 

 

 

 

Shade Seeking Crowds Outside the Gateway to India

102a

 

 

 

 

 

 

 

Juhu Beach

021a 

 

 

 

 

 

 

 

 

 

The Taj Mahal Palace Hotel

taj

 

 

 

 

 

 

The Gateway at Night

047a

 

 

 

 

 

 

 

093aThe D&O Diary is on assignment in Asia this week, with the first stop in Singapore. I was very happy to be in Singapore this past week and not just because the Professional Liability Underwriting Society (PLUS) Regional Professional Liability Symposium I attended there was so very successful, as described below. I was glad to find myself in Singapore because, after my first visit to Singapore two years ago, I wanted a do-over. A bout of tendinitis in my knee during my prior visit had prevented me from really exploring the city. I was able to take much greater advantage this time around. As I discovered on this visit, Singapore is a very walkable city and tremendously rewarding to explore.

 

The prosperous city-state of Singapore is located about 60 miles north of022a the equator, with a warm, humid climate, and this time of year, frequent rain showers. The country is about the size of three District of Columbias and with a population of about 5.3 million (roughly the same as Colorado). The downtown business district is full of sleek steel and glass office towers, but the rest of the city has a leafy, upscale suburban feel. Singapore is a regional entrepôt and a something of a cross-roads, with a diverse population to match. Although I did meet several Singapore natives, so many others I met had come to Singapore from elsewhere.

 

The view across Marina Bay from the central business district where I stayed is dominated by the Marina Bay Sands Casino, which sort of looks like an enormous skateboard resting atop three giant clothes pins. Behind the casino, away from the central city, is a huge green space in the Marina City Park called the Gardens by the Bay, which is built on reclaimed land and former parking lots. The Gardens are dominated by groves of enormous steel and concrete tree sculptures covered with vines and flowers, called “Supertrees.”

 

062a

 

  083a

 

 The Singapore River flows into Marina Bay. In the past, the river was a gritty channel for industry and commerce, but following a massive 101areclamation project in the 70s and 80s, the river is now flanked with pleasant walkways. Just upstream from the mouth of the river on the southern shore is Boat Quay (pictured left), which has an incredible diversity of ethic restaurants, as well as pubs and bars, all built in preserved shop houses. A little further upstream on the opposite bank is Clarke Quay, another nightlife district lodged in restored warehouses re-built through a separate reclamation project that was only completed in the early 90s. On a warm evening (and I don’t think there is any other kind of evening in Singapore), Clarke Quay is hopping. However, anyone attempting a pub crawl there had better bring lots of cash. A pint of beer will set you back 17 Singapore Dollars (about $13.50).

 

130aJust a few block south of the river is Singapore’s Chinatown, which is a densely populated area full of shops selling an astonishing variety of trinkets, cloth and garments, herbal medicines and ointments, spices and herbs, as well as books, shoes, paintings, picture frames and much else besides. There are also many tailor shops, each with a talkative proprietor out front trying to lure passersby into their shops. For some reason, the various tailors seemed to assume I was British; they addressed me as a “fine looking chap” whose life would be immeasurably improved with the benefit of a hand sewn shirt or a bespoke suit.

 

The pedestrianized streets are also lined with restaurants. I visited133a Chinatown at lunch time and I actually was kind of hungry, but just the same I didn’t have the courage to attempt the more authentic looking eateries, which had the look of places where you would have to wonder what you were actually eating. I settled for a tofu stir fried at a more modern establishment on the main road.

 

Along the main road adjacent to Chinatown is Sri Mariamann Temple, a colorful Hindu temple with a history dating back to the early nineteenth120a century. I arrived while a devotional service was underway. A drummer and another musician playing a long woodwind instrument played fast-paced rhythmic music while another attendant rang a bell. In the front of the hall, others lit incense and chanted. I stood in the back of the hall, along with other tourists and passersby who looked on with expressions of curiosity mingled with confusion. I stayed for a while as it was cool inside the temple and sheltered from the hot sun.

 

One evening while I was in Singapore my dinner plans changed unexpectedly, and I found myself with a some unscheduled time, so I went out to Holland Village, a quiet neighborhood of restaurants and bars about a 15 minute cab ride from my hotel. I was there relatively early in the evening, so the bars were just starting to fill. Sitting at a sidewalk café and watching the crowd stroll by, it was very easy to forget that this place was located deep in Southeast Asia. It had more of a feel of an American college town during summer break. 

 

044a

 

While I was visiting Singapore, I had a chance to meet with many industry friends who are now based in Singapore. These friends come from very different backgrounds — one is Chinese who studied law in the U.S., another is a former Lloyd’s broker who came out from London for a career redirection, while another is a  U.S. lawyer who came out because his wife had an interesting career opportunity in the city. However, they were all in agreement that Singapore is a remarkably pleasant place to live and work. The city’s compact size makes life manageable and comfortable. They all find the eternal summer of the equatorial climate agreeable. They all mentioned how much they appreciated living in a clean, orderly, safe place. They also all mentioned the opportunities they had to be able to do business in interesting places; not just Malaysia, Indonesia and India, but places like Vietnam, Bangladesh, and Bhutan.

 

134a

 

I have to say that on a warm evening as I sat at the sidewalk café in Holland Village drinking a locally brewed Tiger Beer while darkness gathered, I could certainly see the appeal of living in a place like Singapore, which has all the comforts of a Western city but the diversity and exotic cultural richness of an Asian city. I have heard it said that Singapore is Asia for beginners; there may be some truth to that. All I know is that for the second visit to Singapore in a row, I found myself regretting that I had not brought one or more of my kids with me to see what’s going on there. It is a place where things are happening, in a way that things are not happening in many other places.

 

sccThe PLUS event, which was held on Thursday at the Singapore Cricket Club (pictured left), was a great success. The local event committee, chaired by my good friend Aruno Rajaratnam, did an excellent job planning and organizing the event. The overflow crowd of more than 100 industry professionals who attended the event was very convivial and it was a tremendous treat for me to find out that so many of them read The D&O Diary. The great success of an event like this one will help ensure that there will be many future events in Singapore and elsewhere in Asia, and that PLUS will continue to expand its international footprint. I know that for myself, I feel tremendously enriched by meeting so many industry colleagues and making so many new friends. I was also honored to be a part of this very successful event.

 

Here is a picture of me with the local Singapore committee. From left to right: Kevin Leung of Swiss Re; Bill Wharton of Catlin; Arati Varma of Chubb; me; Aruno Rajaratnam of Ince & Co.; Ronak Shah of JLT Asia; and David Ackerman of AAI Consulting.

 

005a 

One of the highlights of the evening for me took place when Ernest Heng, a financial lines underwriter with AIG, came up and introduced himself.. Ernest had brought his D&O Diary mug to the event, and so he was able to take a mug shot that featured both the mug and The D&O Diary guy (that, I learned, is how I am known there.)  We also got another great picture with the mug and a number of younger brokers and underwriters from Singapore.

ernest

 

singgroup

 

Loyal reader Jenny Wilhelm of Chubb (now of Singapore, previously fron Australia) wanted to take this picture with me, to send back to her former colleagues in Australia.

jenny

  

More pictures of Singapore:

099a

 

 

 

 

 

 

 

Clarke Quay

010a

 

 

 

 

 

 

 

Boat Quay on Friday Evening

015b

 

 

 

 

 

 

 

Fort Canning Park

007b

 

 

 

 

 

 

 

Singapore

021a

Nick_Lindsay[1]Because I am based in the United States and because my experience has been concentrated in the U.S., my focus in this blog has primarily been on issues and developments in the U.S. — although I do enjoy the occasional opportunity to write about developments elsewhere. Because I know that many of this blog’s readers are based outside the U.S., I welcome the chance to try to expand this site’s geographic scope when I can. For that reason, I am happy to be able to publish the following guest post about director duties and exposures in the U.K. This post was submitted by Nick Lindsay; a solicitor admitted in England and Wales and a governance professional at Elemental CoSec. He advises UK companies on legal, governance and compliance issues.

 

I would like to thank Nick for his willingness to publish his article on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. If you would like to submit a guest post, please contact me directly. Here is Nick’s guest post:

**********************************

 

In the modern international business, it is common practice to have subsidiaries spread across the globe. The local subsidiary poses many advantages; allowing the business to meet local compliance requirements; insulate the rest of the group from local risks; and efficiently structure the tax burden of the local operation. However, the local subsidiary can expose the directors to significant risks that differ from their local jurisdiction. These risks may well attach to them personally and may not always be mitigated by D&O insurance. It is therefore critical that the directors understand the jurisdiction they are acting in and don’t just assume that it is the same as home.

Here I have set out the D&O risks faced when setting up a UK subsidiary, although the principles will likely apply to numerous other jurisdictions as well. As the D&O Diary has a US focus, I will look at the example of a US incorporated company that has a UK subsidiary. The UK subsidiary could have solely US resident directors, solely UK resident directors or a mixture. All of these arrangements can be made to work depending on the commercial realities, but pose their own risks.

Director’s Duties in the UK

In the UK, every director of a company owes certain fiduciary duties to the company. It used to be thought that a non-executive director owed a lower standard of duty and could largely defer to the executive directors however, it is now clear from case law that all directors owe the same duties to the company.

The main duties are set out in sections 171-177 Companies Act 2006, though they are others contained in case law and certain specific legislative sections. The main duties on a UK director are (i) a duty to act within their powers, (ii) a duty to promote the success of the company, (iii) a duty to exercise independent judgement, (iv) a duty to exercise reasonable care, skill and diligence, (v) a duty to avoid conflicts of interest, (vi) a duty not to accept benefits from third parties, and (vii) a duty to disclose interests in a proposed transaction or arrangement.

These duties need to be exercised positively and it has been held by the courts that any director that ‘fetters’ their discretion by mindlessly following the direction of another (for example the decision of the head office) would be in breach of these duties.

Failure to comply with some of these duties is potentially a criminal offence (for example, failure to declare an interest in an existing transaction) and the penalties may fall on the director personally.

Shadow Directors

Under section 251 Companies Act 2006, a shadow director is a person in accordance with whose directions or instructions the directors of a company are accustomed to act. This definition could include a manager at the US head office, where the directors of a UK subsidiary blindly follow the manager’s instructions. It is also not uncommon to see subsidiary boards that ‘ratify’ the decisions of senior management at the parent company and, again, this would pose a risk that the US manager would be considered a shadow director.

A shadow director is largely subject to the same director’s duties as a de jure director, although this is only to the extent that the corresponding common law rules or equitable principles apply. A shadow director is also subject to a number of offences under the Insolvency Act 1986.

The large risk posed by the shadow director rules, is that the individual will generally not realise that they are a shadow director and that they are taking these risks. Therefore there may not be appropriate risk mitigation or insurance to protect them. As set out above, there is also the risk that the de jure directors will be failing in their duties to the company, by following the instructions of the shadow director rather than exercising their own independent judgement.

Company indemnities, D&O Insurance and their limitations

Like many jurisdictions, the UK has placed limits on what can be covered under a company indemnity (ie an indemnity from the company in favour of the directors). This is to stop directors escaping liability for their failures, simply by having the company meet the claim. It also helps to protect the creditors of a company where the directors have failed in their duties.

As set out in Chapter 7 of Companies Act 2006, a company may not generally exempt a director from, or indemnify him against, liability in connection with any negligence, default, breach of duty or breach of trust by him in relation to the company. As a result, the company cannot generally exempt or limit the liability of a director for breach of his duties as a director. However, the company can provide a ‘qualifying third party indemnity’ which is an indemnity against a liability incurred by the director to a person other than the company or an associated company provided that such liability is not a fine imposed in criminal proceedings or a sum payable to a regulatory authority by way of a penalty in respect of non-compliance. Further the indemnity cannot cover liability in defending any legal proceedings in which he loses.

The company may also provide a qualifying pension scheme indemnity, the details of which are set out in section 235 Companies Act 2006.

The limits of these indemnity provisions makes the terms and structure of any D&O insurance policy absolutely critical to ensure that the directors are still protected notwithstanding the above limitations.

This article is provided for general information only and no liability is accepted in respect of its contents. Specific advice should always be obtained if you are in any doubt as to your legal obligations.

caliIn recent months, there have been a number of securities class action lawsuits filed based on alleged misrepresentations of the defendant company’s environmental compliance. On August 7, 2014, the securities suit filed against Exide Technologies and certain of its directors and officers based on the defendants’ allegedly misleading statements about the company’s compliance with environmental regulations became the latest environmental disclosure securities suits to overcome the initial pleading hurdles. These cases underscore  the fact that reporting companies’ environmental compliance disclosures are facing increasing scrutiny, making the quality of the environmental disclosures increasingly important.

 

A copy of Central District of California Judge Stephen V. Wilson’s August 7, 2014 order denying the defendants’ motion to dismiss can be found here.

 

Exide is in the business of producing, recycling and distributing lead-acid batteries. The company maintains a large recycling plant in Vernon, California. The plaintiffs in the securities suit allege that the company experienced a series of problems and related regulatory compliance issues regarding the Vernon plant’s alleged emissions of arsenic into the air and regarding an allegedly non-compliant piping system that allegedly was leading hazardous materials into the groundwater. These problems allegedly were not publicly disclosed until the period March through May of 2013, while during the preceding months the defendants allegedly made a number of reassuring statements about the company’s environmental compliance.

 

Judge Wilson granted the defendants’ motion to dismiss the plaintiffs’ initial complaint without prejudice. In February 2013, the plaintiffs filed an amended complaint, and the defendants renewed their motion to dismiss.

 

In his August 7 Order, Judge Wilson denied the defendants’ renewed motion to dismiss. He found that amended complaint pled “allegations sufficient to present a question of fact as to whether Defendants omissions and misrepresentations regarding the Vernon plant’s environmental contamination issues made Defendants’ communications with investors misleading.”

 

In support of their motion to dismiss, the defendants had tried to argue that the company’s SEC filings were sufficient to disclose the company’s environmental risks. As quoted by Judge Wilson in his order, the company’s SEC filings stated that the company could not “be certain that it has been, or will at all time be, in complete compliance with all environmental requirements, or that the Company will not incur additional material costs or liabilities in connection with those requirements in exces of amounts it has reserved.”

 

Judge Wilson said that it is “an issue of fact whether a reasonable investor would consider this boilerplate disclosure sufficient enough that the disclosure of the actual environmental issues at Vernon during the class period would not have significantly altered the total mix of information made available about the company.” Judge Wilson went on to note that “if Defendants general environmental disclosures were sufficient to cover the existing environmental problems at Vernon as a matter of law at the pleading stage, it is difficult to see a logical stopping point to the ability of a company to ‘disclose’ serious environmental or other problems to investors through vague, general or boilerplate statements.”

 

In order to try to satisfy the requirements for pleading scienter, the plaintiffs relied on the allegations based on statements that confidential witnesses who alleged that Exide has a system in place for reporting environmental compliance issues, which the plaintiffs alleged were sufficient to show that individual defendants should have been aware of the Vernon plant’s issues. Taking a “holistic approach” to the scienter issue, including taking consideration of the seriousness of the problems at the Vernon plant and the importance of the Vernon plant to Exide’s operations, Judge Wilson found that the plaintiffs’ scienter allegations, taken in conjunction with the company’s environmental reporting system, “support a cogent inference that Defendants were aware of Vernon’s environmental issues.”

 

Discussion

The survival of the environmental disclosure  securities suit against Exide comes closely after the Secnd Circuit’s recent ruling in the JinkoSolar securities suit, discussed here, in which the appellate court reversed the lower court dismissal of the suit and concluded that the plaintiffs’ allegations concerning the alleged deficiencies of the defendant  company’s environmental compliance disclosures were sufficient. While these are just two cases, it does seem as if the plaintiffs are getting some traction in securities suits based on environmental compliance disclosures.

 

As the derivative lawsuit filled earlier this year against the board of Duke Energy highlights, environmental issues apparently are becoming an area of increasing focus for plaintiffs’ lawyers. As cases like those filed against Exide and JinkoSolar prove to be viable, further cases based on environmental compliance and environmental disclosures may follow.

 

At a minimum, it is clear that companies’ environmental disclosures will face increased scrutiny. In that respect, Judge Wilson’s comments about Exide’s environmental disclosures are interesting. From Judge Wilson’s perspective at least, mere “boilerplate” disclosures or “vague” or “general” statements will not be sufficient to protect companies from allegations that their environmental compliance disclosures were inadequate. The lesson is that it will be increasingly important for companies to ensure that their environmental disclosures avoid use of mere boilerplate and instead incorporate specific and detailed discussion of the circumstances surrounding their environmental compliance.

 

By the same token, D&O insurance underwriters considering companies whose operations may present environmental concerns will want to review the environmental disclosures in the companies’ periodic reports in order to assess the extent to which the disclosures provide  a specific and detailed picture of the company’s environmental compliance circumstances.

 

Finally, and as a I noted in  my recent post about the Second Circuit’s decision in the JinkoSolar case, it clearly is going to be important for policyholders to ensure that their D&O policy contains no pollution exclusion (as is the case in many current policies, which, rather than including a pollution exclusion simply carve out environmental remediation costs from the definition of covered loss), or, they have a pollution exclusion, that the exclusion contains a provision carving back coverage for derivative claims and securities suits.

porscheOn August 16, 2014, in a long-awaited decision that is sure to provoke comment and that could fuel disputes in future cases, the Second Circuit affirmed the dismissal of the securities suits hedge fund purchasers of certain swap agreements had filed against Porsche and its executives.

 

The plaintiffs contended that because they had completed the swap contracts transactions in the United States, the swap transactions represented “domestic transactions” within the meaning of the “second prong” of the Supreme Court’s holding in Morrison v. National Australia Bank, in which the Court had said that the U.S. securities laws apply to “domestic transactions in other securities.”

 

In an unsigned  per curiam opinion (which can be found here), the Second Circuit — concerned the application of Morrison as the plaintiffs urged would result in the very kind of extraterritorial extension of U.S. securities laws Morrison had sought to avoid — said that while it is necessary for the U.S. securities laws to apply that a domestic transaction is involved, it is not sufficient.  The court went on to say that the claims in this case are so “predominately foreign as to be impermissibly extraterritorial.” The court stressed that it was not attempting to establish a rule that would govern future cases, but instead emphasized that future courts would have to make determinations on a case by case basis based on the facts presented.

 

While the Second Circuit affirmed the district court’s dismissal of the case, the appellate court nevertheless remanded the case to the lower court for further proceedings to see whether or not the plaintiffs could amend their pleadings to try to satisfy the requirements the appellate court had specified.

 

Background

The plaintiff hedge funds had entered security based swap agreements that referenced the price of VW shares.  The referenced VW shares did not trade on any U.S. exchange. The swaps did not trade on any exchanges. The swap agreements generated gains for plaintiffs as VW’s shares decline and produced losses as the price of VW shares rose.

 

The plaintiffs allege that all of the steps necessary to transact the swap agreements took place in the United States. The swap agreements contain choice of law and forum selection provisions that designate New York law and a New York forum.

 

In the lawsuits, the hedge fund plaintiffs allege that the Porsche defendants had caused a dramatic rise in VW stock prices by buying nearly all of the few freely-traded shares as part of a secret plan to take over the company, while publicly denying that it sought to gain control. The plaintiffs allege that after months of denying that it sought to take over VW, Porsche on October 26, 2008 disclosed the extent of its accumulated holdings in VW stock, as a result of which the VW share price shot up, causing the plaintiffs massive losses on their swap agreements.

 

The defendants moved to dismiss in reliance on Morrison, on the grounds that the swap transactions were not within the ambit of Section 10(b) of the Securities Exchange Act of 1934. As discussed here, in a December 30. 2010 opinion, Southern District of New York Judge Harold Baer granted the defendants’ motion to dismiss, holding that the application of the U.S. securities laws to the swap transactions would be “inconsistent” with the Supreme Court’s intention to “curtail the extraterritorial application” of the U.S. securities laws. The plaintiffs appealed.

 

On March 1, 2012, as discussed here, while the plaintiffs appeal was pending, the Second Circuit issued its opinion in Absolute Activist Value Master Fund Limited v. Ficeto, in which the appellate court examined the requirements under Morrison’s second prong. The Second Circuit held that in order to establish the existence of a “domestic transaction in other securities,” a plaintiff “must allege facts suggesting that either irrevocable liability was incurred or title transferred within the Unites States.”

 

The August 15 Opinion 

On August 15, in a lengthy per curiam opinion, to which Judge Pierre Laval appended a concurring opinion, the Second Circuit affirmed the district court, while also remanding the case back to the district court for the court to determine whether or not the plaintiffs could amend their complaints sufficiently to meet the standards set by the appellate court.

 

The Second Circuit recognized that the plaintiffs had entered their swap transactions in the United States, which would therefore, based on the Absolute Activist decision, seem to suggest that the transactions met Morrison’s second prong. The problem with this conclusion is that “it would subject to U.S. securities laws conduct that occurred in a foreign country, concerning securities in a foreign company, traded entirely on foreign exchanges.” It would subject foreign defendants to potential liability under the U.S. securities laws based on nothing more than an entirely private transaction of which the defendant were entirely unaware.  This result would result in the very extraterritorial application of the U.S. securities laws that the Supreme Court sought to avoid in Morrison.

 

Accordingly, the Court said, adding its own gloss to Morrison, that while it is necessary for U.S. securities laws to apply that a domestic securities transaction is involved, it is not sufficient. The Court said that it need not even determine whether or not the Absolute Activist standards had been met here, because “we think it is clear that the claims in this case are so predominately foreign as to be impermissibly extraterritorial.”

 

The Court stressed that its holding in no way forecloses the application of the U.S. securities laws to govern swap transactions where “the transactions are domestic and where the defendants are alleged to have sufficiently subjected themselves to the statute.” The Court warned that its conclusion in this case cannot be “perfunctorily applied to other cases based on the perceived authority of a few facts.” Rather, courts will have to “carefully make their way with careful attention to the facts of each case.” The Court also suggested that it would be better left to the SEC or to Congress to provide a more comprehensive rule.

 

Discussion 

As the Second Circuit said, this case “illustrates the problem with treating the location of a transaction as the definitive factor in the extraterritorial inquiry.” If the mere fact that the swap transactions –between private parties and entered without  Porsche’s involvement or knowledge — were completed in the U.S. were sufficient to subject Porsche and its executives to potential liability under the U.S. securities laws, it “would seriously undermine Morrison’s insistence that Section 10(b) has no extraterritorial application.”

 

Just the same, it could be argued that the Second Circuit ranged beyond the strict confines of Morrison and extended entirely new guidelines when it stated that it was necessary but not sufficient that a domestic transaction was involved in order for the U.S. securities laws to apply.

 

The difficulty with the Second Circuit’s extension is that it invites further disputes, particularly given the lengths to which the Court went to avoid any suggestion that it was laying down a bright-line rule. (Indeed, Judge Leval’s concurrence was written in defense of the fact that the Second Circuit has taken the Supreme Court’s single-factor “domestic transaction” test and turned it into a multi-factor formulation.) While the Morrison court laid down what is “necessary,” the Second Circuit arguably has now begged the question of what is “sufficient” for U.S. securities laws to apply.

 

The Second Circuit provided little guidance about what may be “sufficient,” except to say that the U.S. securities laws are implicated when a domestic transaction is involved and the defendants “are alleged to have sufficiently subjected themselves to the statute.” But what activities are relevant in consideration of the question whether the defendants have “subjected” themselves to the U.S. securities laws – and doesn’t risk getting courts back into the “conduct” part of the old “conduct and effects” test that the Supreme Court rejected in Morrison? And what degree of activity is enough to say that defendants have “sufficiently subjected” themselves to the U.S. securities laws? Obviously, the Second Circuit standard leaves much for subsequent courts to fill in, which seems to put us back on the slippery slope toward the inconsistent case law the Supreme Court sought to eliminate when it rejected the “conduct and effects” test.

 

By the same token, defendants will now seek to resist the application of the U.S. securities laws by attempting to argue that the transaction in question was “predominately foreign.” Which of course begs the question of what factors establish that something is “foreign” rather than “domestic,” and what degree of showing is required to establish that something is predominately foreign.

 

Perhaps these disputes can be avoided. The Second Circuit’s focus on the fundamental importance of avoiding extraterritorial application of the U.S. securities laws may prove a sufficient guiding principle that many line-drawing disputes can be avoided. Nevertheless, the groundwork seems to be set for future disputes about whether a plaintiff’s allegations have established the elements that are both “necessary” and “sufficient” to warrant the application of the U.S. securities laws.

 

An interesting final question is what the plaintiffs will do next. On the one hand, they could just go back to the district court and try their luck at amending their pleading to try to satisfy the Second Circuit’s standard. The Second Circuit’s opinion states that after the dust settled following Porsche’s disclosure that it was well on the way to acquiring control of VW, short sellers lost a total of $38.1 billion. The plaintiffs, whose losses constitute a part of that $38.1 billion, seem to have substantial financial incentives to try to take their fight to the U.S. Supreme Court. Given the U.S. Supreme Court’s propensity to take up securities cases in recent years, and given the magnitude of the changes that the Second Circuit’s formulation works on Morrison, the Supreme Court might well want to take up this case.

 

The Porsche case presented difficult issues. Based on Morrison, the Second Circuit was correctly concerned about the possible extraterritorial application of the U.S. securities laws. Nevertheless, the basis of its decision could provide fodder for protracted battles as other courts struggle to determine what factors are “sufficient” to warrant the application of the U.S. securities laws.

 

Interruption in the Publication Schedule: Due to my overseas business travel obligations, there will be an interruption in The D&O Diary’s publication schedule over the next several days. The regular publication schedule will resume upon my return at the end of next week. 

 

secondsealIn the latest fiscal year report of the SEC Office of the Whistleblower, the agency reported that as of the end of the 2013 fiscal year it had received  a total of 6,573 whistleblower reports since the the Dodd-Frank whistleblower program’s inception. These figures include not only domestic whistleblower reports but also reports from a total of sixty-eight different countries. During fiscal year 2013, there were 404 whistleblower reports from outside the U.S. representing nearly 12% of all reports during the year. Clearly, whistleblower reports from non-U.S. countries have represented a significant part of the whistleblower program, and foreign whistleblowers have been drawn to the program.

 

However, based on a recent Second Circuit decision, prospective foreign whistleblowers thinking about making a whistleblower report had better be prepared to watch out for themselves, as according to the appellate court’s August 14, 2014 decision in Liu Meng-Lin v. Siemens AG (here), the Dodd-Frank Act’s whistleblower anti-retaliation protections do not apply extraterritorially — that is, they do not protect whistleblowers outside the U.S. This ruling obviously could dampen the interest of prospective foreign tipsters from making whistleblower reports.

 

In this action, a Taiwanese former compliance officer of Siemen’s Chinese healthcare subsidiary alleged that he had been retaliated against for making a whistleblower report. The claimant filed the claim in reliance on provisions of the Dodd-Frank Act that prohibit employers from retaliating against whistleblower employees who make reports protected by the Act. The plaintiff allegedly had discovered that employees of the Chinese subsidiary were making improper payments to officials in North Korea and China in connection with medical equipment sales in those countries. The plaintiff alleged that after reporting this conduct to superiors through internal company procedures, he was demoted and ultimately fired. Two months after being fired, the plaintiff reported the allegedly corrupt conduct to the SEC.

 

The plaintiff filed an action alleging that the employment actions taken against him violated the Dodd-Frank Act’s anti-retaliation provisions. Siemens moved to dismiss the plaintiff’s action, arguing that the anti-retaliation provisions do not apply extraterritorially and that all of the key actions involved here had taken place outside the United States. The district court granted the defendant’s motion to dismiss and the plaintiff appealed.

 

In an August 14, 2014 opinion written by Judge Gerard E. Lynch, a three-judge panel of the Second Circuit affirmed the district court’s dismissal of the action. The Court said, in reliance on the U.S. Supreme Court’s Morrison decision, that in the absence of clear congressional intent to the contrary a statute is presumed, to apply only domestically, and “because there is no evidence that the anti-retaliation provision is intended to have extraterritorial reach, we conclude that that provision does not apply extraterritorially.” The Court said further that because the plaintiff “was a non-citizen employed abroad by a foreign company, and that all events allegedly giving rise to liability occurred outside the United States, applying the anti-retaliation provisions to these facts would constitute an extraterritorial application.”

 

The Court did not reach the question whether or not the protections of the anti-retaliation provisions apply to protect whistleblowers that make their reports internally. There has been a split among various courts on the question of whether or not the provisions protect internal whistleblowers. (For example, in July 2013, the Fifth Circuit held that the anti-retaliation provisions only protect those that make reports directly to the SEC.) The appellate court said only that it “need not reach” that question given its ruling on extraterritoriality.

 

The Second Circuit’s decision clearly will have an impact on prospective whistleblowers outside the United States.  Many may hesitate to make reports out of fear of retaliation.

 

Just the same, the Second Circuit’s decision left many questions unanswered, as discussed in an August 14, 2014 Law 360 article entitled “2nd Circ. Ruling on Overseas Tipsters Dodges Big Issues” (here, subscription required). This case arguably was straightforward, since every aspect of the case took place outside   the U.S. and there were no U.S. connections involved. The Second Circuit’s ruling gives no indication of what the impact on its ruling might have been if the whistleblower were a U.S. citizen or if the whistleblower report had involved a U.S. company operating overseas, or if any of the alleged misconduct had taken place inside the U.S.  These issues will have to be addressed in future cases. In the meantime, it seems probable that the seeming enthusiasm for whistleblower reports from outside the U.S. will be dampened

 

I will say that as I have traveled overseas in recent years, I have heard concerns about the extent of whistleblower reports from  outside the U.S. and the extent to which this whistleblowing activity might lead to enforcement action or claims against the companies involved  in their home countries. These concerns may be relieved to a certain extent by the Second Circuit’s ruling. If prospective overseas whistleblowers know they will not have the benefit of anti-retaliation provisions, there likely will be fewer whistleblower reports, reducing the  risk of the feared possible enforcement action or follow-on claim activity in other jurisdictions.

 

Another concern I have heard as I have travelled around the world is that observers in other countries are alarmed by the extent to which U.S. regulators are willing to try to assert their regulatory authority outside of the U.S. border, a phenomenon about which I recently wrote here. However, this case, and in the Second Circuit’s recent opinion in the Porsche case, about which I commented in an accompanying blog post, seem to reflect the U.S. courts straining to avoid the extraterritorial application of the U.S. laws. While there may be very good reasons for concern about U.S. regulators’ cross-border assertion of their authority, there are also important cross-currents working against the extraterritorial assertion of U.S. laws.

 

bankboardA recurring question is whether bank directors should be held to a more stringent fiduciary duty than are the directors of other kinds of companies. The question has been raised in the current wave of failed bank litigation, as the FDIC has tried to argue, for example, that bank directors are not entitled to the same protections of the business judgment rule as are directors of other companies. A recent speech by a Federal Reserve Board governor has once again raised the issue of whether bank boards should face “broadened” fiduciary duties, a suggestion that has provoked a sharp critical response.

 

In a lengthy June 9, 2014 speech (here), Federal Reserve Board Governor Daniel K. Tarullo raised the question whether the fiduciary duties of boards of regulated financial firms should be expanded because of the systemic risks embedded in banking sector.  Gov. Tarullo specifically referred to a “provocative recent paper” by Oxford University Law Professor John Armour and Columbia Law Professor Jeffrey N. Gordon  entitled “Systemic Harm and Shareholder Value” (here), in which the two professors propose board-level oversight responsibility for institutional risk-taking, in order to better align investor interest with societal interest in banking sector stability that could be disrupted by excessive risk-taking.  In their paper, the professors specifically propose that the directors be held liable for losses resulting from breaches of their risk management oversight.

 

As summarized by Gov. Tarullo, the professors argue that bank directors’ duties should be expanded “precisely because diversified shareholders have a strong interest avoiding risk decisions by these institutions that increase systemic risk.” The broadened fiduciary duties that the professors recommend would apply only to “systemically important financial institutions. “

 

These proposals were sharply criticized in an August 7, 2014 American Banker article by John Gorman of the Luse Gorman Pomerenk & Schick law firm entitled “Beware of Expanded Board Duties” (here). Among other things, Gorman notes that broadening bank directors’ fiduciary duties for institutional risk-management would “expose a board to liability for good faith judgments” and would “require boards to function in a management capacity.” These developments would be both “expensive and inefficient” and “would undoubtedly discourage capable persons from serving on bank boards.”

 

According to Gorman, altering bank boards’ fiduciary duties to require directors to take ownership for risk management issues “would merely provide a prima facie basis for the filing of a lawsuit against many boards.” Bank boards are “already significantly exposed to litigation and potential liability to both regulators and shareholders.” Any expansion of boards’ fiduciary duties with respect to risk management “would be a dangerous development for directors of all banks.”

 

The two professors’ recent article to which I linked above is hardly the first instance where it has been argued that, owing to their organizations’ unique roles in the financial system, bank directors should face a heightened standard of liability than do directors of other organizations. Indeed, in his recent speech Gov. Tarullo also cited to earlier academic articles where similar proposals had been suggested.

 

However, it is important to note that the idea that bank directors should face a different standard than directors of other companies has not been confined just to academic articles. Similar arguments have made their way into the current round of bank failure litigation, where, for example, the FDIC has argued that bank directors are not entitled to the same protection of the business judgment rule as are directors of other companies.

 

As noted here, Northern District of Georgia Judge Tom Thrash Jr. raised that very question in an FDIC lawsuit involving the failed Buckhead Community Bank. Among other things, Judge Thrash observed that “there is every reason to treat bank officers and directors differently from general corporate officers and directors.” Ultimately, rather than answer the question of whether bank directors are entitled to the same protection of the business judgment rule as other directors, Judge Thrash certified the question to the Georgia Supreme Court.

 

As discussed here, the Georgia Supreme Court’s answer was not exactly what the bank directors and officers had been hoping for; that is, the Court agreed in the end that the business judgment rule protects bank directors and officers and directors and officers of other corporations in the same way, but that in neither case are directors and officers entitled to absolute immunity from negligence claims. Just the same, Judge Thrash’s question show that it is not just academics and regulators that are struggling with the issue of whether or not different standards should apply to bank directors.

 

It should be emphasized that the academics’ proposal to hold bank directors to a higher standard was limited just to directors of systemically important financial institutions. I share the concerns John Gorman expressed in his American Banker article about this proposal. However, I have additional concerns, which is that there are already theories floating around that bank directors should be held to a different standard than directors of other companies, as shown by Judge Thrash’s remarks in the Buckhead Community Bank case. My concern is that if the idea were accepted that directors of systemically important banks should be held to have expanded fiduciary duties, the idea would quickly expand beyond just systemically important institutions and be applied to many , most, or even all bank directors, without regard to whether or not their institution is systemically important.

 

There undoubtedly are meritorious lawsuits filed against bank directors, particularly where there is evidence of self-dealing or complete abdication of responsibility. Just the same, the overall level of litigation aimed at bank directors is both excessive and socially inefficient, particularly with respect to the litigation that so often follows after banks’ failures. So often the failed bank lawsuit allegations consist of little more than scapegoating and hindsight second-guessing. Creating a liability regime that would encourage further litigation and expand the potential liabilities of bank directors would accomplish little except enlarging the litigation burden that prospective directors would have to consider before accepting a seat on a bank board.

 

I fully recognize that I am stepping into an issue on which there is already a spirited debate and I understand that reasonable minds could have a different view. I encourage those who see these issues differently to add their thoughts to this post using the blog’s comment feature.

 

Special thanks to a loyal reader for sending me a link to the American Banker article.