galecOn July 30, 2014, when a plaintiff shareholder filed a securities class action lawsuit against the company and certain of its directors and officers, Galectin Therapeutics became the latest company to be hit with a securities suit following press reports that the company had used a stock promotion firm to try to boost its share price. There have already been several other companies against whom securities lawsuit have been filed this year that are similarly alleged to have used stock promotion firms.

 

According to their July 30, 2014 press release (here), the plaintiff’s lawyers filed the lawsuit against Galectin in the District of Nevada after press reports that the company was using stock promoters “in a misleading brand awareness campaign aimed at boosting its stock price.” The complaint, which can be here, specifically refers to a July 28, 2014 article by Adam Feuerstein on TheStreet.com (here) which said that Emerging Growth Corp., through its parent company TDM Financial, a penny-stock promotions firm, was the investor relations and marketing company Galectin was paying for misleading promotional campaigns to entice investors to buy its stock.

 

Among other things, the stock promotion firm is alleged to have distributed press  release saying that Galectin was “nipping at [the] heels” of its competitors and “actually may be closer than what first appears with a Phase 1 trial because of the potential to treat fatty liver disease even once it has progressed.”  According to the complaint, Galectin’s share price fell 81% of news of the company’s use of the stock promotion firm.

 

The lawsuit against Galectin is merely the latest in series of suits that have been filed so far this year against companies alleged to have used stock promotion firms to try to boost their share price. Several of the firms that have been sued are alleged to have used a stock promotion firm known as The DreamTeam Group. 

 

The first of these DreamTeam related lawsuits was filed on March 5, 2014 against Galena Biopharma, as discussed here. The complaint (here) alleges that on February 12, 2014, an article on TheStreet.com  (here) claimed Galena was engaging in a misleading brand awareness campaign aimed at boosting its stock price. Additionally, the article stated that Galena paid investor relations firm The DreamTeam Group to publish articles under aliases promoting the Company’s stock without disclosing who paid for them. On this news, Galena’s stock price dropped 16%. Then, on February 14, 2014, Galena issued a letter to its shareholders acknowledging that the Company had engaged DreamTeam. On this news, Galena’s stock price dropped another 14%.

 

The Galena lawsuit was followed on March 14, 2014 by a lawsuit filed against CytRx Corporation in the Central District of California, as discussed here. The complaint alleges that the company employed the services of stock promotion firms DTG and MissionIR to create and distribute articles about the company which were published without any disclosure that they had been created by a promotional firm employed by the company. (DTG is The DreamTeam Group). The company’s share price declined after online reports about the company’s use of the promotional firm.

 

On March 22, 2014, shareholders filed yet another lawsuit against a company that allegedly used The DreamTeam Group’s services. As discussed here, the shareholders filed their lawsuit against InterCloud Systems and certain of its directors and officers in the District of New Jersey alleging that the company misrepresented or failed to disclose that it had hired  The DreamTeam Group to tout InterCloud stock without disclosing that it was paid by the Company to promote the stock. The complaint alleges that the promoter had posted misleading articles on behalf of the Company without disclosing its paid marketing relationship

 

In addition, on May 22, 2014, plaintiffs filed a lawsuit against Provectus Biopharmaceuticals and certain of its directors and officers in the Middle District of Tennessee, as discussed here. The complaint alleges that the defendants had misled investors about the prospects for its developmental stage skin cancer treatment. The complaint also quotes an article from Seeking Alpha in which the author alleged that the company had used a stock promotion firm called Small-Cap Street LLC, noting that the SEC had recently halted trading in several of the stocks that the firm had promoted.

 

Altogether That makes at least five securities class action lawsuit that have been filed this year against companies that allegedly used the services of various stock promotion firms, including three lawsuits against companies that allegedly used the services of The DreamTeam Group. Whatever the thought process is for companies using these kinds of firms to promote their companies, it is clear that news about the companies’ use of the firms can have a negative impact on the company’s stock (which obviously is counter to the idea of using the promotional firms in the first place). As the lawsuits above underscore, the alleged use of these firms can also result in securities class action litigation.

 

It is interesting that four of the five companies involved in these lawsuits are developmental stage biotech firms. The shares of these types of companies often languish as the companies work their way through the stages of the clinical trial process. On the other hand, the share prices can be very sensitive to key developments, either positive or negative. These conditions create a set of circumstances where it is may seem important to the companies to get their stories out, so that investors are aware of their companies’ bright prospects. There is of course nothing wrong with getting the story out, as long as the story is accurate. And as these cases show, as long as the story gets out in a forthright way, rather than allegedly through sponsored articles with undisclosed connections to paid stock promoters.

 

Back in the day when I was on the underwriting side, I would have duly noted the problems associated with companies’ use of these kinds of stock promotion firms, and I would have made it my business to find out if an applicant was using one of these firms and if so for what kinds of services. Just a thought.

 

Dark Pool Clients File Lawsuit Against Barclays: Last week when I wrote about the securities class action lawsuit that Barclays ADS holders had filed against the company based on the company’s alleged misrepresentations about its dark pool trading venue, I noted that I hadn’t seen any lawsuits filed by clients that had traded shares in the dark pool venue. However, it now looks as if some clients have now filed a lawsuit against Barclays.

 

As discussed in an August 1, 2014 Bloomberg article (here), late last week a client of Barclays sued the company alleging that the bank gave high-frequency traders unfair advantages in its operation of the dark pool. The identity of predatory traders and the volume of their trading in the dark pool allegedly was hidden from clients. The plaintiff filed the lawsuit on behalf of Barclays dark pool clients who used the pool starting in 2011. The complaint alleges concealment, unfair competition, and false advertising claims against Barclays for making false statements to and concealing material information from clients about its dark pool. A copy of the complaint can be found here.

 

The Latest Scandal-Driven Litigation Against Financial Services Companies: Let’s see … after the financial crisis, we had the Libor scandal, the foreign exchange trading scandal, the high frequency trading scandal and the dark pool trading scandal. Each one of these has led to its own set of follow-on civil lawsuits. As of all of there were not enough, we now have the silver futures manipulation scandal. And of course a follow-on lawsuit.

 

Earlier this year, there were several articles in the press raising questions about the way that gold and silver futures trading are set (refer for example here). The London Silver fix, which has been in place for 95 years and was participated in by a small number of banks, is now due for an overhaul as a result of the questions. In addition, on July 31, 2014, a plaintiff filed a class action lawsuit against the banks in the Eastern District of New York. The complaint, which can be found here, is filed against Deutsche Bank, HSBC, and the Bank of Nova Scotia, the members of the London Silver Market Fixing Limited. The complaint, which purports to be filed on behalf of everyone that transacted in silver futures since January 1, 2007, seeks damages for alleged violations of the Sherman Antitrust Act and the Commodity Exchange Act.

 

Another day, another scandal, another scandal=driven follow-on lawsuit against a group of financial institutions.

 

 

seclogoOne of the noteworthy features of the Sarbanes-Oxley Act was the legislation’s creation of the requirement for reporting companies to provide a certification from management regarding the company’s internal controls. This requirement has not been the focus of a great deal of attention since the legislation was enacted in 2002. However if the administrative actions filed against two corporate officials last week are any indication, these requirements could be the source of a significant attention in the months ahead.

 

By way of background, Section 404 of Sarbanes-Oxley Act requires company management to file n internal control report with the company’s annual report. The report must describe management’s responsibilities to establish and maintain a system of internal controls over the company’s financial reporting and management’s conclusion regarding the effectiveness of the internal controls at year-end. The report must also confirm that the company’s has attested to and reported on the company’s internal controls. The company’s CEO and CFO must sign certifications confirming they have disclosed all significant deficiencies to the outside auditors, reviewed the annual report, and attest to its accuracy.

 

The internal control reporting requirement was one of the more controversial parts of the legislation and it has proven difficult for the management of many companies to implement. But by and large it has not been the focus of regulatory enforcement action. That may be about to change.

 

As reflected in its press release about the action (here), on July 30, 2014 the SEC instituted administrative proceedings against the CEO and former CFO of QSGI for misrepresenting to external auditors and the investing public the state of its internal controls over financial reporting. The administrative cease desist orders against the two individuals can be found here and here.

 

The SEC alleges that in the company’s 2008 annual report, the CEO attested that they had assessed the company’s internal controls. However, the SEC alleges that Sherman did not actually participate in assessing the controls. The SEC also alleges that the CEO and CFO certified that they had disclosed all significant deficiencies to outside auditors, but that they failed to tell the auditors about inadequate controls over inventory in the company’s Minnesota operations.

 

The SEC alleges that the CEO and CFO also withheld from auditors and investors that the CEO was directing and the CFO was participating in a series of maneuvers to accelerate the recognition of inventory and accounts receivables in QSGI’s books and records by up to a week at a time.  The allegedly improper accounting maneuvers, which rendered QSGI’s books and records inaccurate, allegedly were performed in order to maximize the amount of money that QSGI could borrow from its chief creditor. The company ultimately filed for bankruptcy in 2009. It later reorganized and emerged from bankruptcy in 2011.

 

The CFO has agreed to settle the case without admitting or denying the charges. (In an administrative proceeding, no court approval is required, so the recent judicial aversion to SEC settlements in which the defendant neither admits nor denies the charges is not a factor here.) The CFO agreed to pay a $23,000 penalty and also agreed to a five year ban from practicing as an accountant before the SEC or serving as the officer or director of a public company.  The CEO reportedly intends to fight the charges.

 

In a July 30, 2014 article about the administrative cases (here), Reuters reports that earlier this year the SEC’s enforcement director had said that the agency’s investigators “were planning to pursue some internal control-related cases,” noting that it is an area that “has been less scrutinized in the past.” The SEC’s enforcement action on this issue is also consistent with SEC Chair Mary Jo White’s vow to focus more effort and attention on bringing accounting-related enforcement actions, an area that has seen less activity in recent years.

 

The SEC’s press release quotes the deputy head of the enforcement division as saying that ““Corporate executives have an obligation to take the Sarbanes-Oxley disclosure and certification requirements very seriously.” The CEO and CFO, the individual said, “flouted these regulatory requirements and misled investors and external auditors in the process.

 

At a minimum, this enforcement actions raise the possibility that the Sarbanes=Oxley internal control reporting and certification requirements may be the source of increased scrutiny in the months ahead. If this case is just the first of many enforcement actions focusing on these requirements, senior company officials could be facing increased regulatory scrutiny and possible enforcement liability.

 

An increased regulatory focus on these issues could prove helpful for the plaintiffs bar as well. The SEC allegations not just that the reporting requirements were violated but that the shortcomings led to or facilitated financial reporting violations could help plaintiffs to craft allegations to serve as the basis of damages claims. The kinds of allegation raised here suggest the possibility that these kinds of enforcement actions could lead to follow-on civil litigation.

 

These kind of internal control reporting deficiencies have not been a major focus of attention for the plaintiffs’ bar, but to the extent the SEC does become more active on this issue, the follow-on civil lawsuits could trail along behind  as well

boeWhen Congress passed the Dodd-Frank Act four years ago, one of the legislation’s signature features was the creation of potentially massive bounties for whistleblowers that reported financial fraud to the SEC. The possibility of recovering a bounty, which could range from ten to thirty percent of recoveries over $1 million, seems to have encouraged whistleblowers to come forward.  The SEC reported at the end of its last fiscal year that since the program’s inception in 2011, the agency had received over 6,500 whistleblower reports. Mary Jo White, the S.E.C. chairwoman, said last year that the program “has rapidly become a tremendously effective force-multiplier, generating high quality tips and, in some cases, virtual blueprints laying out an entire enterprise, directing us to the heart of an alleged fraud.”

 

So the Dodd-Frank whistleblower program is the kind of initiative that securities regulators in other countries would want to copy, right? Apparently not, at least if the recent analysis of UK regulators is any indication.

 

A July 2014 joint report of the UK Financial Conduct Authority (FCA) and the Bank of England Prudential Regulation Authority entitled “Financial Incentives for Whistleblowers” reports the agencies’ conclusion that “providing financial incentives to whistleblowers will not encourage whistleblowing or significantly increase integrity and transparency in financial markets.”

 

The UK regulatory agencies had undertaken a review of the possibility of providing financial incentives for whistleblowers at the request of the Parliamentary Committee on Banking Standards. Among other things, the agencies undertook a joint visit with several different U.S. regulatory agencies including the SEC and the Commodities Futures Trading Commission (CFTC), as well as the U.S. Department of Justice. The agencies also seconded staff to the U.S. regulators to observe the U.S. program in action.

 

Based on this review of the U.S. program, the UK regulators reached a number of interesting conclusions about providing financial incentives for whistleblowers. Among other things, the UK regulators concluded that because of the Dodd-Frank whistleblower bounty’s requirement that the whistleblower report must result in a successful enforcement action in order for the whistleblower to be eligible of the bounty, only a very small number of whistleblowers actually receive payments. The report notes in that regard that only 1% of whistleblower cases lead to financial penalties, suggesting that even the possibility of a bounty payment will arise only for a very small number of whistleblowers. The report concludes that the bounty schemes “reward a few individuals very significantly, but provide little or no protection to whistleblowers whose information does not lead to an enforcement outcome.”

 

Perhaps even more concerning, the UK agencies also reported their conclusion that none of the U.S. agencies “has seen a significant increase in either the number or the quality of reports from whistleblowers.”

 

The report also notes the UK agencies concern that the introduction of financial incentives in the U.S. has resulted in the creation of a “complex, and therefore costly, governance structure,” as well as the “imposition of significant legal fees for both whistleblowers and firms” (although the report does also note that many whistleblowers are represented by counsel on a contingent fee). Finally, the report also noted its concern that the introduction of financial incentives could “undermine the introduction and maintenance by firms of effective internal whistleblowing mechanisms,” which both the UK agencies and the Parliamentary committee want to foster.

 

The report also sets out what it describes as the “moral and other hazards” they perceive to be associated with providing financial incentives for whistleblowers: first,  financial incentives could result in “malicious reporting” from “opportunistic and uninformed parties passing on speculative rumors” which could result in “innocent parties” being “unfairly damaged as a result”; second, some market participants might seek to ‘entrap’ others in order to be able to blow the whistle and benefit financially; third, if the whistleblower’s report resulted in a criminal prosecution, the reliability of the whistleblower’s testimony could be challenged because the witness stands to benefit financially.

 

Finally, the report noted the agencies’ concerns about the public perception of large whistleblower payments. “Handing over large sums,” the report said, “would be a substantial shift in UK policy norms, which are very different from those of the US.” The report added that “paying significant sums to high-income individuals for fulfilling a public duty could reinforce perceptions that the financial sector is at odds with the rest of society.”

 

The report does acknowledge the important role whistleblowers can play in helping to bring financial fraud to light and recognizes the need for the agencies to do more to facilitate whistleblowers’ reports. The report lays out a number of mechanisms the agencies propose to institute to facilitate whistleblower reporting and also states that the agencies plan “to press ahead with the regulatory changes necessary to require firms to have effective whistleblowing procedures.”

 

Discussion 

I think the agencies’ report is correct to note the cultural differences between the UK and the U.S. when it comes to providing large financial incentives. Even before the Dodd-Frank Act created the whistleblower bounty program, there were several longstanding U.S. programs that provided for payment to those who reported fraud: for example, the False Claims Act has for many years provided for the possibility of those reporting the existence of fraud against the government to participate financially in the government’s recovery, and the IRS has for many years maintained a program providing for payment to those reporting tax fraud. These programs’ histories make the Dodd-Frank program seem much more acceptable in the U.S. than a similar program might be perceived to be in the UK.

 

What is more concerning is the report’s conclusion that among other reasons to reject the adoption of financial incentives for whistleblowers is that the incentives don’t work – that is, the existence of the bounty program has not resulted in “a significant increase in either the number or the quality of reports from whistleblowers.” This conclusion seems at odds with the many statements of representatives from the SEC about its whistleblower program. It is a serious enough assertion that it seems to me that the SEC really ought to respond.

 

It is even more concerning that the UK agencies concluded that the financial incentives for whistleblowers do not “significantly increase integrity and transparency in financial markets.” If existence of the financial incentives doesn’t materially improve market integrity and transparency, you really do have to question the point of having the whistleblower bounty program.

 

That said, I do think it is important to note that the UK agencies started their review of the question of providing whistleblowers with financial incentives with a bias against making such payments. If you read the report as a whole, it is pretty clear that from the very beginning the authors thought the idea of providing bounty payments is a bad idea. A cynical interpretation of this report is that it is the result of a process that was designed to confirm the authors’ starting assumptions and preexisting bias against providing financial payments.

 

On the other hand, it is a fair question to ask whether or not the provision of jackpot level bounty payments for a very small number of whistleblowers really is a good idea. Many other observers have asked before whether the existence of the whistleblower program (with the potential rewards going to those who report first) undermines the existence of companies’ internal reporting mechanisms and frustrates companies’ ability to address problems internally.

 

All in all, I think the UK report raises some serious questions about the whistleblower bounty program that the SEC and other agencies should not disregard. The US agencies have no choice about implementing and enforcing the Dodd Frank Act’s requirements but just the same it is fair to ask those agencies to respond to the concerns that the UK agencies have raised.

 

Time for Nominations to the ABA Journal’s Annual Blawg 100: It is once again time for nominations to the ABA Journal’s annual list of the top 100 law blogs. Everyone should take a moment to nominate their favorite law blogs for inclusion in the list. I would be humbled and grateful if any reader would be willing to nominate my blog. Nominations can be made here. Don’t delay, nominations are due by 5:00 pm EDT on Friday August 8, 2014.

jinkoIn an interesting July 31, 2014 opinion (here), the Second Circuit vacated the dismissal of the securities class action lawsuit that had been filed against JinkoSolar Holdings Co. Ltd, and certain of its directors and officers, as well as against its offering underwriters. This ruling will be of interest to many readers because it involves a U.S.-listed Chinese company, but it is also of interest because the allegations involve alleged misrepresentations regarding the company’s environmental compliance.

 

Background

JinkoSolar is a manufacturer of solar technology products with operations based in China. In May 2010, the company conducted an Initial Public Offering of American Depositary Shares on the New York Stock Exchange. In November 2010, the company completed a secondary offering. The company raised a total of $84.19 million in the two offerings.

 

In April and May 2011, the company had a series of communications with the Chinese environmental authorities regarding hazardous waste disposal issues at its Zhenjian plant. The company did not disclose these communications to its shareholders. In August and September 2011, residents living near the plant became concerned about a large scale fish-kill near the plant. In mid-September, the media began reporting on locals’ demonstrations outside the company’s plants. In two press releases in late September, the company announced that it had suspended operations at the plant and also revealed the earlier communications with the environmental authorities. As the news came out, the price of the company’s ADSs declined 41%

 

In October 2011, holders of the company’s ADSs filed a securities class action lawsuit in the Southern District of New York against the company, eight directors and officers of the company; and the company’s offering underwriters. The plaintiffs’ complaint asserted claims under both the ’33 Act and the ’34 Act. In support of their allegations, the plaintiffs relied on statements in the company’s offering prospectuses in which the company explained its environmental compliance efforts and the consequences to the company if it were found to be in violation of the applicable environmental requirements. The defendants moved to dismiss.

 

As discussed here, in a January 22, 2013 ruling, Southern District of New York Judge J. Paul Oetken granted the defendants’ motion to dismiss. Judge Oetken held that the defendants’ statements regarding the company’s storage of hazardous chemicals, about the Chinese and local environmental regulation and about the costs of environmental compliance were not misleading. However, Judge Oetken found the paragraph in the company’s prospectuses about its pollution abatement equipment and its 24-hour environmental monitoring team “a more complicated matter” and a “close call.” Because he concluded that the investors would not read these statements as guaranteeing compliance, Judge Oetken concluded that the statements were not materially misleading. The plaintiffs appealed.

 

The July 31, 2014 Opinion

In a July 31, 2014 opinion written by Judge Ralph K. Winter, Jr. for a unanimous three-judge panel, the Second Circuit vacated the dismissal based on its finding that JinkoSolar’s “failure to disclose ongoing serious pollution problems rendered misleading statements describing measures taken to comply with Chinese environmental regulations.”

 

The appellate court said that though the statements in JinkoSolar’s prospectuses that the company is subject to a wide variety of environmental compliance and about the high cost of compliance are not misstatements, “they are relevant to materiality of the prospectuses’ description of JinkoSolar’s potential to cause serious pollution problems and the steps it was taking to avoid these problems.” 

 

Regarding the description in the prospectuses of the steps the company said it was taking, the appellate court said, “we believe the complaint sufficiently alleges that the failure to disclose that the prophylactic steps were then failing to prevent serious ongoing pollution problems rendered that description misleading.”

 

Specifically, the court said that the prospectuses’ description of pollution-preventing equipment and 24-hour monitoring teams “gave comfort to investors that reasonably effective steps were being taken to comply with the applicable environmental regulations.” However, the court said, “investors would be misled” by these statements “if in fact the equipment and 24-hour team were then failing to prevent substantial violations of the Chinese regulations.”

 

In that regard, the appellate court noted that in June 2010, JinkoSolar had submitted a report to Chinese environmental authorities about “existing problems.” The report describes problems of a nature that is “sufficient, if proven, to allow a trier of fact, absent contrary evidence, to draw the inference that the problems ‘existing’ as of June 8, 2010, were both present and substantial at the time of the May13, 2010 offering.”

 

The Court said that “at the time the statements regarding pollution presentation and compliance measures were made, a reasonable investor could conclude that a substantial non-compliance would constitute a substantial threat to earnings, if not to the entire venture. Indeed, the prospectus said as much.”  The court concluded by saying that “a trier of fact could find that the existence of ongoing and substantial pollution problems – here the omitted facts – was of substantial importance to investors.”

 

Discussion

This case is one of the many securities class action lawsuits that were filed against U.S.-listed Chinese companies in 2011. However, unlike many of the other Chinese companies that were hit with securities suits then, which had obtained their U.S. listings through reverse merger transactions, this company obtained its U.S. listing through a full-blown IPO, meaning that it had been required to file a detailed prospectus as part of its offering process.

 

The company’s prospectus contained detailed disclosures regarding the company’s environmental compliance challenges. Indeed, in his opinion, Judge Oetkin had referred to what he called the “disquieting frankness of the company’s disclosures regarding its environmental compliance risks.” He also noted “how cautious” the company was in its environmental compliance risk factors in its prospectuses.

 

Notwithstanding this acknowledged caution and frankness, the appellate court still concluded that the company’s statements about its environmental compliance efforts were materially misleading. It is interesting to me that in reaching this conclusion, the court was willing to make the logical jump that statements about “existing problems” made in a June 8, 2010 report to Chinese regulators could be read by a finder of fact to infer that the problems existed at the time of May 13, 2010 offering.

 

I can easily imagine a different court concluding that the in order to support a jump like this, the plaintiffs are required to plead facts to show that the problems in the June report were in fact existing at the time of the May offering. Instead, the Second Circuit found the allegations sufficient for a trier of fact to conclude that the problems existed at the time of the offering based only on an “inference.”  

 

For many readers, the most interesting thing about this case will be that it involves a U.S.-listed Chinese company defendant.  However, for me, the most interesting thing about this case is that it involves alleged misrepresentations with respect to environmental compliance. As I have previously noted on this blog (refer, for example, here), these kinds of cases, involving alleged misrepresentation of environmental issues, do arise periodically.

 

The possibility of this kind of claim is often a key concern at the time of D&O insurance policy placement, as the question often arises whether the standard policy’s pollution exclusion will preclude coverage for a securities claim based on environmentally-related disclosures. The typical D&O liability insurance policy will contain an exclusion for loss arising from claims for pollution and environmental liabilities. However, many of these exclusions also contain a provision carving back coverage for shareholder claims. This case shows the importance of this kind of coverage carve back. The carve back ensures that directors and officers hit with this kind of shareholder suit filed in wake of an environmental incident are able to rely on their  D&O insurance to defend themselves against the shareholder suit.

 

In recent years, a number of D&O insurance carriers have introduced policy forms that eliminate the pollution exclusion altogether but that also incorporate into the policy’s definition of “Loss” a provision stating that Loss will not include environmental remediation or cleanup costs. Unless the insured company’s primary D&O insurance policy omits the environmental exclusion in this way, it will be indispensable for the standard environmental liability exclusion be revised in order to preserve coverage for securities claims and derivative claims based on alleged misrepresentations or misconduct relating to environmental issues. These considerations are likely to become increasingly important as environmental disclosure issues become of greater regulatory concern (about which refer here).

 

With all of that said about the environmental disclosure issues, there is a sense in which it is particularly noteworthy that this case involves a Chinese company, in that this is the relatively unusual securities suit involving a U.S.-listed Chinese company where the plaintiffs have managed to make much headway. Although some of the U.S. securities suits have managed to survive motions to dismiss, many others have not. Even the cases that have survived motions to dismiss have proved challenging for plaintiffs as they have faced numerous procedural hurdles (refer for example here). In addition, in other cases involving U.S.-listed Chinese companies that have reached the settlement stage, the settlement amounts have proved to be modest.

 

(On the other hand, as noted here, E&Y did recently agree to settle a Canadian securities case relating to Sino-Forest, and a Hong Kong arbitration panel did just make a more than $70 million award based on its determination that China MediaExpress Holdings is a “fraudulent enterprise.” Notably, and arguably ironically, neither of these big recoveries involved one the many U.S.-based securities suits filed against Chinese companies.)

 

One final note. This case is yet another example of a phenomenon I have frequently noted on this blog, which is how often securities class action litigation follows in the wake of regulatory or investigative activity. Indeed, this lawsuit reflects a particular aspect of this phenomenon, which is the increasing incidence of U.S.-based securities litigation arising in the wake of regulatory action outside the U.S. As I noted in a prior post, and as both U.S. and non-U.S. regulators focus increased regulatory scrutiny on operations outside the U.S., the likelihood is that regulatory investigative and enforcement actions will continue to increase. As these regulatory and investigative actions increase, the likelihood is that the follow-on civil litigation will continue to increase as well.

 

Very special thanks to Stanley Bernstein of the Bernstein Liebhard law firm for sending me a copy of the Second Circuit’s opinion. The Bernstein LIebhard firm represents the plaintiffs in the JinkoSolar securities class action lawsuit. 

 

 

declineThe purchase of reps and warranties insurance is an increasingly common part of mergers and acquisitions transactions. However, a frequently recurring question with respect to this type of insurance is how it will respond if a claim arises based on an allegation that a seller has breached a financial statement warranty and the buyer is claiming damages because the deal price was based on a multiple of the allegedly misrepresented financial item.

 

By way of background, in an M&A transaction, either the buyer or seller can purchase reps and warranties insurance, although typically it is the buyer that purchases the policy. If the buyer purchases the policy, the insurance company agrees to insure the buyer against loss arising from breaches of the representations that the sellers have made in the transaction documents.

 

As discussed in a prior post (here), the acquisition price in many M&A transactions are based on multiples of items in the target company’s financial statement. A misrepresentation regarding the financial statement items could result in a faulty transaction valuation – and for the buyer, the misrepresentation could mean overpayment for the acquisition.

 

According to a July 25, 2014 memo from the Kirkland & Ellis law firm (here) , a “long-standing concern” of dealmakers considering buying reps and warranties insurance is “whether these policies will in fact pay out in the event of claims, and more specifically, whether in appropriate circumstances the policies will pay out on a ‘multiple,’ ‘diminution in value,’ or similar basis.” (In my prior post to which I linked above, I described a settlement last year in which the reps and warranties insurer agreed to a payout based on a calculation that largely reflected a multiple-based calculation of damages for a breach of a financial statement representation that had affected the deal valuation.)

 

The law firm memo discusses a recent decision in the High Court, Queen’s Bench Division, in England, which the memo describes as the “first publicly available evidence that a properly drafted M&A insurance policy can protect a buyer from diminution in value of the target where inaccurate facts, that the seller had warranted, were used in the buyer’s financial model to determine price.” The July 4, 2014 decision in the Ageas v. Kwik-Fix case to which the law firm memo refers is summarized here. A copy of the court’s opinion can be found here.

 

The case arose out of Ageas’s acquisition of Kwik-Fix, in connection with which Ageas purchased a buyer’s side warranty and indemnity insurance policy. The parties agreed that subsequent to the merger transaction the seller had breached the financial statement representations and warranties with respect to bad debt reserves on its balance sheet. The insurer conceded that its policy covered the difference between the actual purchase price and the price the buyer would have paid had the correct bad debt reserve information been reported on the target’s balance sheet and used in the discounted cash flow analysis on which the deal price had been based. Ageas and the insurer agreed that the attachment point of the policy – the seller’s £5 million indemnification cap – had been exceeded. However, Aeges and the insurer disagreed with assumptions to be used in the cash flow analysis to determine the corrected valuation and sale price.

 

According to the case summary, the buyer contended that proper value of the warranty claim was £17.635 million, supporting a claim under the policy of £12.635. The insurer contended that the proper value of the warranty claim was £8.792 million, supporting a warranty claim under the policy of £3.792. The insurer argued that the methodology the buyer urged the court to adopt would have resulted in a “windfall” to the buyer. However, the court stated that the insurer has “simply not shown that the conventional prospective approach of assessment at the breach date offends the compensatory principle or results in a windfall to Ageas,” The Court held that the buyer’s claim against the insurer was “entitled to succeed in the principal sum of £12.63 million.”

 

The law firm memo says about this ruling that it is “further evidence that damages based on an EBITDA-multiple or other diminution in value – under a carefully crafted and marginally more expensive insurance policy and the appropriate circumstances – are available to compensate a buyer for a loss caused by the seller’s breach of representations and warranties.” 

 

With respect to its reference to the marginal additional expense, the law firm memo notes that “some underwriters — for a higher premium than charged for off-the-rack  policies – will not exclude certain types of damages such as consequential, special or multiple damages, which are regularly excluded a seller-friendly purchase agreement with traditional indemnity provisions. “

 

One other interesting comment in the law firm memo is its statement, with respect to dealmakers’ increasing acceptance of reps and warranties insurance, that there are “some auction processes where the failure to largely replace the traditional survival/indemnity/escrow package with a policy …can place a bidder at a significant disadvantage.”

 

In a prior post (here), I reviewed additional reasons that the participants in an M&A transaction may want to consider reps and warranties insurance.

 

Thinking About K&R: While I am on the topic of insurance coverage ancillary to D&O insurance, I thought it might be worth calling readers’ attention to the front page article that appeared in today’s New York Times entitled “Paying Ransoms, Europe Bankrolls Qaeda Terror” (here). The article describes an all-too-well established pattern that has emerged in which terrorists affiliated with the Al Qaeda network are now routinely taking Europeans hostage for ransom – as a means of fundraising for the group’s terrorist activities.

 

According to the article, “Al Qaeda and its direct affiliates have taken in at least $125 million in revenue from kidnappings since 2008, of which $66 million was paid just last year.” The United States Treasury Department has cited ransom amounts that, taken together, put the total at around $165 million over the same period. The article states further that “counterterrorism officials now believe the group finances the bulk of its recruitment, training and arms purchases from ransoms paid to free Europeans.”

 

The article reports that these ransom payments largely were made by European governments. The story is a harsh reminder that it is a dangerous world out there. And a reminder that kidnap and ransom (K&R) insurance potentially could be an extremely important part of the insurance program for companies whose operatives travel in and near the danger zones.

barclays1On July 28, 2014, in the latest securities suit to be filed in the wake of high-profile concerns about ‘high frequency trading,” a plaintiff shareholder filed a securities class action lawsuit in the Southern District of New York against Barclays and certain of its officers relating to the company’s operation of and alleged statements about its “dark pool” private securities trading venue.

 

The new securities suit follows in the wake of a lawsuit filed last month by the New York Attorney General alleging that Barclays had marketed its dark pool trading venue “through a series of misleading false statements to clients and the investing public about how, and for whose benefit, Barclays operates its dark pool.” The Barclays securities class action lawsuit also follows after an earlier securities lawsuit that was filed regarding high frequency trading more generally.

 

Background

A “dark pool” is a privately owned and operated securities trading venue. By contrast to public stock exchanges, where securities trading orders are generally visible to the marketplace participants and executions are posted immediately, when buy and sell orders are matched in a dark pool, the trading orders are not displayed publicly. This approach allow large blocks of shares to be traded anonymously without informing the market until the completion of the trade, in order to minimize the risk of price movement to the disadvantage of the trader. Although there is some disagreement about the magnitude, it is generally agreed that dark pool trading now accounts for a significant percentage of U.S. stock trading volume.  

 

On June 25, 2014, New York Attorney General Eric T. Schneiderman announced (here) that his office had initiated a lawsuit in the New York (New York County) Supreme Court against Barclays and a related Barclays entity, in which the Attorney General alleged that Barclays had “dramatically increased the market share  of its dark pool through a series of false statements to its clients and investors about how, and for whose benefit, Barclays operated the dark pool.” In his complaint, a copy of which can be found here, the Attorney General alleges that contrary to reassurances the bank provided its clients that it had created special safeguards to protect them from “predatory” high-frequency traders, the bank instead operated its dark pool “to favor high-frequency traders.” The complaint, which alleges violation of New York’s Martin Act, accuses Barclays of engaging in a pattern of “fraud and deceit.”

 

Among other things, the Attorney General’s complaint alleges that Barclays favored the high-frequency traders over others trading in the Barclays dark pool trading venue. The complaint also alleges that the bank falsified marketing materials by inaccurately portraying the concentration of high-frequency trading in the dark pool. The complaint alleges that internally the bank recognized a higher concentration of aggressive trading than it advertised. The complaint cites alleged internal Barclays communications in which Barclays employees allegedly acknowledge the “liberties” taken in marketing the dark pools.

 

According to a July 24, 2014 New York Times article (here), Barclays has moved to dismiss the Attorney General’s lawsuit, arguing, among other things, that the Attorney General had overstepped his authority in bringing the action against Barclays under the Martin Act. According to the article, Barclays apparently also argued that its customers “were sophisticated enough to understand that ‘glossy’ marketing brochures about the private market, known as a dark pool, did not reflect its actual composition.” Barclays asserted that its customers were “highly sophisticated traders and asset managers” who used “extensive data” and not just marketing materials to make decisions.

 

The Securities Class Action Complaint

According to their July 28, 2014 press release (here), plaintiff’s lawyers filed a securities class action lawsuit in the Southern District of New York against Barclays and three of its officers seeking damages under the federal securities laws based on Barclays alleged misrepresentations regarding its dark pool trading venue. The plaintiff’s complaint, a copy of which can be found here, alleges that Barclays engaged in a “scheme and wrongful course of business whereby Barclays provided sophisticated high-frequency trading (or ‘HFT’) firms with material, non-public information so that market participants could use the informational advantage obtained in a manner that was designed to and did manipulate trading” within the dark pool (which is known as Barclays LX), “to the detriment of Barclays’ own institutional clients.”

 

The complaint purports to be filed on behalf of a class of investors who purchase Barclays American Depositary Shares between August 2, 2011 and June 25, 2014. It alleges that during the class period the defendants misled these investors by making false or misleading statement or failing to disclose that

 

(i) Barclays engaged in a “systematic pattern of fraud and deceit” by using its dark pool to favor high-frequency traders over its other clients; (ii) the pools were promoted as offering investors protection from predatory traders, while Barclays instead courted HFT firms by charging them lower rates; (iii) Barclays falsely understated the percentage of aggressive HFT activity in its dark pool; (iv) Barclays failed to provide monitoring services it promised to investors which would protect the dark pool from aggressive, predatory HFTs; (v) Barclays routed a disproportionately high percentage of client orders to its own dark pool while falsely representing that it routed client orders in a manner that did not favor Barclays LX; (vi) Barclays secretly gave HFT firms informational and other advantages over other clients trading in the dark pool; (vii) Barclays’ practices subjected it to regulatory scrutiny and significant reputational harm; (viii) and as a result of the above, the Company’s financial statements were materially false and misleading at all relevant times.

 

The class action complaint relies heavily on the New York Attorney General’s complaint and the complaint also quotes the Attorney General’s press release almost in its entirety. The class action complaint alleges violations of Sections 10(b) and 20(a) of the ’34 Act and seeks to recover alleged damages on behalf of the investor class.

 

Discussion

This new securities class action complaint against Barclays follows after the massive, sprawling high frequency trading securities class action lawsuit filed against basically the entire global financial system in April of this year, following the publication of Michael Lewis’s book Flash Boys, as I discussed in a detailed blog post at the time (here). Barclays was in fact one of the many financial institutions named as a defendant in that earlier suit. However, the allegations in the earlier lawsuit did not specifically refer (at least not in detail) to the dark pool allegations raised in the Attorney General’s lawsuit and in the subsequent securities class action complaint.

 

Based on the latest news coverage, the New York Attorney General’s investigation of trading in dark pool trading venues has moved on to other banks. According to a July 29, 2014 New York Times article (here), the New York Attorney General’s office “appears to be stretching further into Europe.” The article reports that UBS disclosed that they are facing inquires about their own dark pool practices from the New York Attorney General, as well as from the SEC and “other regulators as part of an industry wide inquiry.”  Deutsche Bank also reported that it has received inquiries but did not identify the regulators making the inquiries. Both UBS and Deutsche Bank were named as defendants in the earlier Flash Boys securities class action lawsuit.

 

Obviously, it is too early to predict whether these latest two banks to announce that they are facing investigative scrutiny will also face civil enforcement actions from the New York Attorney General (or other regulators). However, it does seem likely that if the New York Attorney General were to pursue an action against these or any other banks of the kind his office filed against Barclays that there would soon be follow-on securities litigation filed on behalf of U.S. investors in the target institutions.

 

It is interesting to me that at least so far (so far as I know) no litigation has been filed against Barclays or any of the other banks by clients of the banks that participated in the trading in a dark pool venue (although, to be sure, it might be argued that the earlier Flash Boys litigation was broad enough to encompass these dark pool clients within the putative class on whose behalf the gargantuan lawsuit was filed). On the one hand, I suppose the absence of this type of litigation on behalf of the dark pool traders who were supposedly misled or abused might suggest that the traders do not feel aggrieved or at least not aggrieved enough to file a lawsuit. On the other hand, it is possible that the harmed traders have many reasons for not stepping forward – the whole reason they were trading in the dark pool was to be able to trade anonymously and out of the glare of the public marketplace.

 

Barclays’ response to the New York Attorney General’s complaint certainly seems to suggest Barclays’ belief that the dark pool traders were sophisticated enough to fend for themselves (and by inference can have no gripes). Wayne State Law School Professor Peter Henning had a good column on this topic in a July 28, 2014 post on the New York Times Dealbook blog (here). In his column, which is entitled “Whether ‘Sophisticated’ Clients of Wall Street Can Also Get Duped,” he examines the argument, raised frequently by Wall Street, in effect that sophisticated investors know what is going on so can’t be misled because the investors don’t really believe what firms say.

 

Among other things, Henning quotes District of Connecticut Judge Janet Hall, who at the recent fraud conviction sentencing of Jeffries & Company managing director Jeffrey Litvak (who had also tried to raise the sophisticated client defense) told Litvak “You lied. Maybe that’s what people do every day on Wall Street. That doesn’t make it legal.”

 

Whether or not we will ever see any action taken directly by the dark pool traders themselves, I suspect we are going to see a lot more from regulators on this topic. At least in recent times, there is a history of the occupant of the New York Attorney General’s office sinking his teeth into a topic and then shaking it down for all it is worth, to significant political effect. To the extent the NYAG — or others—press ahead on these issues, we likely will see the securities class action bar following closely in their wake (at least to the extent that the target companies have securities trading on U.S. securities exchanges).

 

Barclays has of course had its share of scandal-driven securities litigation. Barclays was targeted by a securities class action lawsuit after it had reached a settlement with regulators regarding alleged manipulation of the Libor benchmark interest rate. Although that lawsuit was initially dismissed, in April 2014, the Second Circuit reversed the dismissal in part and the case was remanded to the district court for further proceedings, as discussed at length here.

 

weipwcAs I have noted frequently on this blog (most recently here), it is becoming increasingly clear that cybersecurity is viewed as a board level issue. At the same time that many boards have taken up the concerns surrounding cybersecurity issues, their companies increasingly are becoming dependent on cloud computing – which potentially could make their companies even more vulnerable to data breaches.

 

In the following guest post, Paul Ferrillo  of the Weil Gotshal law firm and Dave Burg and Aaron Phillip of PricewaterhouseCoopers take a look at these seemingly conflicting issues and review the steps that companies can take to try to avoid the problems associated with these conflicts.

 

I would like to thank Paul, Dave and Aaron for the willingness to publish their article on my site. I welcome guest post contributions from responsible authors on topics of interest to readers of this blog. Please contact me directly if you are interested in submitting a guest post. Here is Paul, Dave and Aaron’s guest post.  

 

*******************************

 

There are four competing business propositions affecting most American businesses today.  Think of them as four freight trains on different tracks headed for a four-way stop signal at fiber optic speed.

 

First, with a significant potential for cost savings, American business has adopted cloud computing as an efficient and effective way to manage countless bytes of data from remote locations at costs that would be unheard of if they were forced to store their data on hard servers. According to one report, “In September 2013, International Data Corporation predicted that, between 2013 and 2017, spending on public IT cloud computing will experience a compound annual growth of 23.5%.”[i]  Another report noted, “By 2014, cloud computing is expected to become a $150 billion industry. And for good reason – whether users are on a desktop computer or mobile device, the cloud provides instant access to data anytime, anywhere there is an Internet connection.”[ii] 

 

The second freight train is data security.  Making your enterprise’s information easier for you to access and analyze also potentially makes it easier for others to do, too.  2013 and 2014 have been the years of “the big data breach,” with millions of personal data and information records stolen by hackers. Respondents to the 2014 Global State of Information Security® Survey reported a 25% increase in detected security incidents over 2012 and a 45% increase compared to 2011.[iii]  Though larger breaches at global retailers are extremely well known, what is less known is that cloud providers are not immune from attack.  Witness the cyber breach against a file sharing cloud provider that was perpetrated by lax password security and which caused a spam attack on its customers. “The message is that cyber criminals, just like legitimate companies, are seeing the “business benefits” of cloud services.  Thus, they’re signing up for accounts and reaching sensitive files through these accounts. For the cyber criminals this only takes a run-of-the-mill knowledge level … This is the next step in a new trend … and it will only continue.”[iv]

 

The third freight train is the plaintiff’s litigation bar.  Following cyber breach after cyber breach, they are viewing the corporate horizon as rich with opportunities to sue previously unsuspecting companies caught in the middle of a cyber disaster, with no clear way out.  They see companies scrambling to contend with major breaches, investor relation delays, and loss of brand and reputation. 

 

The last freight train running towards the intersection of cloud computing and data security is the topic of cyber governance – i.e., what directors should be doing or thinking about to protect their firm’s most critical and valuable IP assets.  In our previous article,[v] we noted that though directors are not supposed to be able to predict all potential issues when it comes to cyber security issues, they do have a basic fiduciary duty to oversee the risk management of the enterprise, which includes securing its intellectual property and trade secrets.  The purpose of this article is to help directors and officers potentially avoid a freight train collision by helping the “cyber governance train” control the path and destiny of the company.  We will discuss basic cloud security principles, and basic questions directors should ask when considering whether or not the data their management desires to run on a cloud-based architecture will be as safe from attack as possible.  As usual when dealing with cyber security issues, there are no 100% foolproof answers.  Even cloud experts disagree on cloud-based data security practices and their effectiveness.[vi]  There are only good questions a board can ask to make sure it is fulfilling its duties to shareholders to protect the company’s valuable IP assets.

 

What is Cloud Computing/What Are Its Basic Platforms

“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services).  Cloud computing is a disruptive technology that has the potential to enhance collaboration, agility, scaling, and availability, and provides the opportunities for cost reduction through optimized and efficient computing.  The cloud model envisages a world where components can be rapidly orchestrated, provisioned, implemented and decommissioned, and scaled up or down to provide an on-demand utility-like model of allocation and consumption.”[vii]

 

Cloud computing is generally based upon three separate and distinct architectures that matter when considering the security of the data sitting in the particular cloud environment:

 

  •         Infrastructure as a Service (IaaS) – think of this as a basic foundation of all cloud-based services.  It includes everything from the hardware facilities to the and software that reside in them.  All computer services under IaaS are fully outsourced.  An IaaS user will need to manage several components.  In addition to applications and data, this includes middleware, application run time and operating systems.  The ability to manipulate data within the cloud comes with the downside that such data can be compromised.
  •         Platform as a Service (PaaS) – is the delivery of a computing platform and a solution stack as a service.  It allows a buyer to deploy applications without the cost and complexity of buying and managing the underlying hardware and software.
  •         Software as a Service (SaaS) – is a self-contained, software delivery platform that sits above IasS and PaaS, and delivers the entire user experience, including content and presentation.  The SaaS vendor manages all aspects of service delivery, and client downloads and installations are kept to a minimum. The consumer doesn’t generally manage any aspect of the infrastructure.  In most cases, the SaaS vendor is also generally responsible for security.[viii]

 

Now, if the above discussion of the types of cloud platforms isn’t confusing enough, data security issues on the cloud are equally complicated.  But they can be boiled down into several concepts that can be easily understood:

 

  •         Data Migration to and from the Cloud – Managing data is always a challenge in a highly developed organization.  It gets even more interesting with the cloud and even further interesting with the advent of mobile devices.  Cloud-based systems should be able to alert the consumer to situations where there is unapproved data moving to the cloud, and data moving within the cloud or to other cloud-based providers.
  •         Geographic and Regulatory Considerations – The type of information that is considered third party or personally identifiable information varies greatly from world region to world region.  Making sure that the data stays in the proper region and under the right regulatory regime and doesn’t cross geographic boundaries in violation of the applicable laws is a primary concern in cloud.
  •         Data Encryption – Data is first encrypted (e.g., encoded) from the endpoint to the cloud so that it is not intercepted and stolen in transit.  There are many types of encryption techniques available depending upon the type and volume of data stored.
  •         Continuous Monitoring – Probably one of the most important aspects of cloud security is the ability of the cloud-based provider to monitor in real time all database activity, across multiple database platforms.
  •         Incident Response and Data Recovery – A last key element of any cloud-based provider is its ability to quickly respond to an incident and provide instant notification to the consumer that an attack has been attempted.  Additionally, any cloud-based provider should have a ready-to-go, battled tested, disaster data recovery plan.

 

We note that there are highly secure cloud providers that employ cutting edge security architecture as well as cybersecurity analytic capability that may make future risk decisions related to migrating the cloud not only more efficient, but more cost effective with reduced (not increased) risk.

 

Cloud Cyber Governance

As shown above, what is commonly referred to as the cloud actually can mean many different things depending on the context and use.  Using SaaS to manage a customer base has a vastly different set of governance criteria to using IaaS as a development environment.  As such, there are very few accepted standards for properly monitoring/administering a cloud-based environment.  There are many IT consultants in the cloud-based computing environment that can be consulted in that regard.  Our view, however, is that directors are ultimately responsible for enterprise risk management, and that includes cyber security, a subset of which is cloud-based cyber-security.  Thus it is important for directors to have a basic understanding of the risks involved in cloud-based data storage systems, and with cloud-based storage providers.  Below are a few basic questions that come to mind that a director could pose to management, and the company’s CISO and CIO:

 

  1.       Where will your data be stored geographically (which may determine which laws apply to the protection of the company’s data), and in what data centers?
  2.       Is there any type of customer data co-mingling that could potentially expose the company data to competitors or other parties?
  3.       What sort of encryption does the cloud-based provider use?
  4.       What is the vendor’s backup and disaster recovery plan?
  5.       What is the vendor’s incident response and notification plan?[ix]
  6.       What kind of access will you have to security information on your data stored in the cloud in the event the company needs to respond to a regulatory request or internal investigation?
  7.       How transparent is the cloud provider’s own security posture?  What sort of access can your company get to the cloud provider’s data center and personnel to make sure it is receiving what it is paying for?
  8.       What is the cloud servicer’s responsibility to update its security systems as technology and sophistication evolves?
  9.       What is the cloud provider’s ability to timely detect (i.e. continuously monitor) and respond to a security incident, and what sort of logging information is kept in order to potentially detect anomalous activity?[x]
  10.    Are there any third party requirements (such as HITECH/HIPAA) that the provider needs to conform to for your industry?
  11.    Is the cloud service provider that is being considered already approved under the government’s FedRamp authorization process, which pre-approves cloud service providers and their security controls?[xi]
  12.    Finally, does the company’s cyber insurance liability policy cover cloud-based Losses assuming there is a breach and customer records are stolen or otherwise compromised?[xii]  This is a very important question to ask, especially if the company involved is going to use a cyber-insurance policy as a risk transfer mechanism.  When in doubt, a knowledgeable cyber-insurance broker should be consulted to make sure cloud-based Losses are covered.

 

High-profile breaches have proven conclusively that cybersecurity is a board issue first and foremost.  Being a board member is tough work.  Board members have a lot on their plate, including, first and foremost, financial reporting issues.  But as high-profile breaches have shown, major cyber breaches have almost the same effect as a high profile accounting problem or restatement.  They cause havoc with investors, stock prices, vendors, branding, corporate reputation and consumers.  Directors should be ready to ask tough questions regarding cyber security and cloud-based security issues so they do not find themselves on the wrong end of a major data breach, either on the ground or in the cloud.

 

[i] See “Cloud Security Report – Spring 2014,” AlertLogic, 2014.

[ii] See “8 Reasons to Fear Cloud Computing,” BusinessNewsDaily, October 2013.

[iii] PwC, CSO magazine, CIO magazine, The Global State of Information Security® Survey 2014, September 2013.

[vi] See “Data Breach: the Cloud Multiplier Effect,” Ponemon Institute, June 2014.

[viii] Note that regardless of the architecture framework, service level, security, governance and liability issues are normally address in a service level agreement (SLA) which is offered to the customer.  Those should be thoroughly reviewed by legal counsel in additional to the CIO/CISO review of the particular cloud environment.

[ix] Proper Security Incident Management is built upon knowledge of the tactics, technologies, principles, and processes to protect, analyze, prioritize, and handle incidents. See http://cloud.cio.gov/topics/security-incident-management.

[xi] See here. The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

[xii] See “In Cloud We Trust Our Data: Can you Trust Your Cyber Insurance Policy?,” Data Breach Insurance, May 30, 2014.

 

texasIn a July 24, 2014 opinion (here), an intermediate Texas appellate court, applying Texas law, affirmed the trial court’s dismissal on forum non conveniens grounds of the Deepwater Horizon disaster-related shareholder derivative suit filed against Switzerland-domiciled Transocean Limited. The court’s ruling is interesting in and of itself, but it may be even more interesting in light of the recent efforts of a number of U.S. companies to relocate their headquarters and tax domicile overseas through the increasingly controversial transaction known as a corporate inversion (for more background about which refer here).

 

Transocean had been founded as a U.S. company but it had after many decades of doing business in the U.S. moved its domicile overseas. It is now headquartered in Switzerland. In the shareholder derivative suit, the trial court dismissed the case, concluding that Switzerland was the more convenient forum for the plaintiff’s derivative claims. The appellate court concluded that the trial court had not abused its discretion in dismissing the case on forum non conveniens grounds.

 

If the Texas courts’ rulings in the Transocean Deepwater Horizon derivative suit are any indication, the many U.S. companies now moving their headquarters overseas through inversion transactions may not only realize significant taxation benefits but they may also succeed in reducing their susceptibility to shareholder derivative litigation in U.S. courts.

 

Background

Transocean owned and operated the Deepwater Horizon drilling rig, located in the Gulf of Mexico. In April 2010, the rig exploded and ultimately sunk, resulting in the deaths of eleven workers as well as in a massive oil spill.

 

Transocean was founded in 1953 as a Delaware corporation headquartered in Houston. In 1999, the company became a Cayman Islands corporation, and in 2008 it reincorporated in Switzerland. Its stock continues to trade on American exchanges as well as on Swiss exchanges. The company’s U.S. subsidiary, which is headquartered in Houston, has thousands of U.S. employees. Of the parent company’s twelve directors, five live in Texas, three live in other U.S. states, one lives in Canada, and three in Europe. Only one of the European directors resides in Switzerland.

 

Margaret Richardson, a California resident, filed a derivative lawsuit against the Transocean board in Harris County (Texas) District Court. She alleged that the directors’ actions had harmed the company by causing it to incur substantial costs, liability and reputational harm. She alleged that the directors had been aware or should have been aware of the history of safety, maintenance and regulatory compliance issues – both for the company as a whole and with respect to the Deepwater Horizon rig – yet failed to take corrective actions, while making false statements to shareholders about the company’s safety and compliance record. The plaintiff asserted causes of action for breach of fiduciary duty, unjust enrichment and waste of corporate assets. The parties agree that because Transocean is a Swiss company, Swiss law applies to Richardson’s claims.

 

The defendants moved to dismiss the plaintiff’s action on forum non conveniens grounds. They stressed the difficulties the trial court would face in applying Swiss corporate law. The trial court granted the motion to dismiss and the plaintiff appealed.

 

The July 24 Opinion 

On July 24, 2014, in an opinion by Justice Michael Massengale, a three-judge panel of the Court of Appeals of the First District of Texas affirmed the trial court’s ruling, concluding that the trial court judge had not abused her discretion in granting the defendants’ motion to dismiss on forum non conveniens grounds.

 

In contending that the trial court judge had abused her discretion in dismissing the suit, Richardson had emphasized Transocean’s American origins; the substantial presence of its American subsidiary; the American residence of several of the company’s directors; and the significant human, economic and environmental costs to Texas from the Deepwater Horizon disaster. She argued that Transocean’s connections to Switzerland are “primarily tenuous corporate fictions,” while the activities of the company’s U.S. subsidiary affected the lives of thousands of Texans.

 

In assessing whether or not the trial court judge had abused her discretion, the appellate court assessed whether the trial court had considered all of the relevant private and public interest factors and whether the trial court’s balance of the factors was reasonable.

 

Among the private interest factors, the appellate court considered the accessibility of the evidence and witnesses. Although the Deepwater Horizon disaster took place in the Gulf of Mexico, the actions of the directors at issue in the plaintiffs’ derivative lawsuit “predominately took place in Switzerland.” Accordingly, the appellate court said, while there may be circumstances that favor a Texas forum, “the trial court reasonably could have concluded based on other facts presented – most notably that this case concerns acts of corporate governance by the board of directors of a Swiss corporation that holds it meetings in Switzerland – that the balance of private-interest factors favored litigation in Switzerland.”

 

The appellate court also concluded that the appellate record did not show that the trial court judge abused her discretion in weighing the public interest factors. The appellate court seemed to be particularly concerned with the problems associated with applying the law of Switzerland, a trilingual country and a civil-law jurisdiction with a code-based jurisprudence. The trial court said that given that Richardson’s suit “concerns the internal affairs of a Swiss corporation” and that the plaintiff had failed to show that the stockholders had a particular connection with Texas, and given  “the challenges of applying Swiss law in a complex, unsettled area,” the trial court “could reasonably have concluded that the public interest factors favored litigation in Switzerland.”

 

Discussion

The Texas courts’ consideration of these forum non conveniens issues very much reflected the specific circumstance presented, particularly the perceived difficulties for Texas courts in applying Swiss law. A different set of circumstances might well have produced a different outcome, notwithstanding the fact that the defendant company in a shareholder derivative suit is domiciled outside the U.S. Indeed, as discussed here, in at least one of the many other lawsuits that the Deepwater Horizon disaster produced, the Southern District of Texas refused to dismiss at least some of the common law damages claims of BP shareholders on forum non conveniens ground, even though English law governed the shareholders’ claims. Clearly, the mere fact of a defendant company’s non-U.S. domicile is not a universal safeguard against all U.S.-based shareholder litigation.

 

Just the same, the most salient factor in the Texas courts’ consideration of these issues was the fact that Transocean was headquartered outside the U.S and that as a result the law of company’s domicile governed the shareholder claimant’s derivative lawsuit. These same considerations resulted in the dismissal on forum non conveniens grounds of the Deepwater Horizon disaster-related shareholders’ derivative lawsuit that had been filed against the board of BP; in January 2013, the Fifth Circuit affirmed the district court’s dismissal of the BP derivative lawsuit, as discussed here.

 

These dismissals of purported shareholders’ derivative lawsuits on forum non conveniens grounds are of course interesting in and of themselves, for what they say about the relative insusceptibility of non-U.S. domiciled companies to U.S.-based derivative litigation.

 

But I find these dismissals, particularly the dismissal of the Transcocean lawsuit, even more interesting in light of the recent wave of corporate inversion transactions, in which U.S.-based companies merge with non-U.S. companies and then move their corporate headquarters to the target company’s location. The primary motivation for these transactions is tax-related, as the lower corporate tax rates applicable in many non-U.S. jurisdictions can result in a substantial tax savings for the acquiring company.

 

The Transocean case shows that in addition to the intended tax benefits, a company’s move to a foreign domicile through a corporate inversion transaction may also reduce the susceptibility of the company’s board to certain types of shareholder litigation.

 

Transocean itself had started as a U.S. company and had maintained a U.S. headquarters for over four decades. Even though the company’s U.S. subsidiary maintained substantial operations and employed thousands of workers in the U.S., because the company was based outside the U.S. and because its significant board activities took place outside the U.S., the courts of its home jurisdiction were held to be a more convenient forum than a U.S. court for a shareholder derivative lawsuit. Because shareholder litigation is far less well-established outside the U.S., the company’s board, as a result of the company’s non-U.S. domicile, arguably faces a much reduced exposure to these kinds of shareholder suits than as a U.S.-based company.

 

There may be many substantial tax-related reasons for companies to engage in the type of corporate inversion transaction that is all the rage these days. (I suspect that tax considerations were behind Transocean’s overseas move as well, but the appellate court’s opinion is silent about the reasons for the company’s move.) But along with the tax considerations there may be additional benefits as well – that is, that the potential liability exposures of the acquiring company may be reduced by taken on the non-U.S. domicile of the target company.

 

As noted above in connection with the BP shareholder common law damages claims, the fact that a company is based outside the U.S. is not an all-purpose defense against all U.S.-based shareholder suits. Nevertheless, the Transocean example shows that a company’s move to a non-U.S. headquarters can reduce the potential liability exposures of the company’s board, at least with respect to shareholder derivative litigation.  

 

delsealThe Delaware Supreme Court stirred up quite a bit of controversy earlier this year in the ATP Tours, Inc. v. Deutscher Tennis Bund case when it upheld the facial validity of a fee-shifting by law. The bylaw provided that an unsuccessful shareholder claimant in intracorporate litigation would have to pay his or her adversaries’ cost of litigation. The controversy seemed headed for a swift resolution when the Delaware General Assembly quickly moved to act on a measure that would have limited the Supreme Court’s ruling to non-stock corporations (meaning that it wouldn’t apply to Delaware stock corporations).  However, as discussed here, the legislature tabled the measure and now it will not be acted upon until at least January 2015.

 

In light of the uncertain state and indefinite future of fee-shifting bylaws under Delaware law, many lawyers have been counseling caution. For example, a July 11, 2014 memo from the Wilson Soninsi firm (here) states that in light of the “uncertain fate of fee-shifting bylaws” companies should adopt a “wait and see attitude.” Going to the heart of the matter, the memo further states that “we do not believe that directors of most Delaware corporations should adopt any specific fee-shifting bylaw at this time,” as companies  adopting a fee-shifting bylaw now could “face the possibility of later statutory amendments intended to undercut those provisions, potential investor opposition, and possible litigation risks.”

 

But while the prudent course for companies considering these bylaws arguably is to await further action by the Delaware General Assembly next year, at least a few companies have gone ahead and adopted some version of a fee shifting bylaw. As detailed in Tom Hals’s July 7, 2014 Reuters article entitled “U.S. Companies Adopt Bylaws That Could Quash Some Investor Lawsuits” (here), at least six companies have adopted fee-shifting bylaws. Interestingly, among these companies are two — Biolase, Inc. and Hemispherix Biopharma, Inc. — that adopted bylaws with the obvious intent of seeking to address specific ongoing doing disputes in which each of the companies is involved.

 

Because of the targeted nature of these bylaws and because of the ongoing disputes, it is possible that Delaware’s courts will be called upon to consider the validity of each of the company’s respective bylaws even before the Delaware legislature acts on the pending legislation next year.

 

Hemispherx

As discussed in a July 22, 2014 Law 360 article (here, subscription required) Hemispherx adopted its fee-shifting bylaw in response to an ongoing shareholder derivative lawsuit. The plaintiffs filed the lawsuit in June 2013, seeking to invalidate $2.5 million in bonuses paid to board members in November 2012. The plaintiffs contend that the bonuses were not permissible under the board members’ employment agreements.

 

On July 10, 2014, Hemispherx’s board adopted a fee shifting bylaw attempting to impose a retroactive requirement holding shareholder plaintiffs liable for all the defendants’ costs in the event that the plaintiffs are not successful on all of their claims. The bylaw, which is detailed here, applies to any securityholder who after July 3, 2014 “initiates, asserts, maintains or continues” a derivative action or breach of fiduciary action against any current or past director, officer or securityholder and who is not successful on the merits. The bylaw also provides that the company can require a shareholder claimant to “post a surety” for the expenses incurred in defending the action.

 

According to a July 22, 2014 Wall Street Journal Law Blog post (here), the shareholder plaintiffs in the Hemispherx derivative suit have asked the court to invalidate the bylaw, arguing that it unfairly saddles them with financial risk. The plaintiffs argue that the company has “changed the rules in the middle of the game to place the plaintiffs and their counsel at risk not only for their own litigation costs, but for all litigation costs of the defendants back to the beginning of the case.”

 

The blog post quotes the company’s general counsel as saying that the bylaw was adopted to protect the money-losing developmental stage biotech company’s “scarce resources,” noting that the bonuses at issue were intended to “encourage and reward hard work” and came after an 18-month period in which no bonuses were paid. The company’s outside counsel added that whatever the debated merits of fee-shifting bylaws, the right to adopt such a bylaw now exists and companies can use the bylaw “as a sword against cases that corporations themselves deem to be empty and frivolous.”

 

Biolase

Biolase also adopted its bylaw in response to an ongoing dispute, but its bylaw is even more specifically targeted to address the dispute than the one adopted by Hemispherx. As discussed in a detailed July 8, 2014 post on Alison Frankel’s On the Case blog (here), Biolase adopted its fee-shifting bylaw as the latest step in an ongoing dispute with its former Chairman and CEO, Frederico Pignatelli, whom the company’s board ousted in June after months of legal wrangling over the composition of the company’s board.

 

At the same meeting at which the board ousted Pignatelli, it adopted a fee-shifting bylaw. But the bylaw Biolase adopted involves an interesting variant. Instead of applying to any shareholder claimant, the Biolase bylaw applies only to current or former directors (or anyone acting at their behest) who assert unauthorized claims against the board. In her blog post, Frankel quotes a company spokesman as saying that the bylaw was narrowly tailored in the hope of avoiding additional litigation expenses after the bitter fight to oust Pignatelli.

 

Pignatelli has already made it clear he is ready to continue the fight. As reflected here, Pignatelli has sent a books and records request to the company “relating to suspected wrongdoing, mismanagement and corporate governance failures by the company’s board of directors.” From the statements of Pignatelli’s counsel that Frankel quotes in her blog post, it appears that Pignatelli is primed to challenge the Biolase fee-shifting bylaw, which Pignatelli’s counsel says is “clearly designed to chill actions taken to protect all shareholders and hold the board accountable for misconduct.”

 

Discussion

There would seem to be a pretty good chance that between the Hemispherix case and the Biolase case that at least one and possibly two Delaware courts will have to address the question of a validity of a fee-shifting bylaw for Delaware stock corporations, perhaps before the Delaware legislature acts on the pending legislation next year.

 

The question the courts will be called upon to address with respect to these companies’ bylaws is whether or not the Delaware Supreme Court’s decision in the ATP Tour case compels a conclusion that the companies’ respective fee-shifting bylaws are valid and enforceable. A threshold issue the courts will have to address is whether the Delaware Supreme Court’s decision, which involved a non-stock corporation, also applies to stock corporations. Although many commentators have assumed that the decision is equally applicable to stock corporations, no court has yet made that determination.

 

Another issue that the courts will have to address is whether the bylaws, even if valid, are enforceable. As discussed here, the Delaware Supreme Court said in the ATP Tour case that whether a fee-shifting bylaw is enforceable depends on the manner in which it was adopted and the circumstances under which it was invoked. Bylaws that are otherwise facially valid will not be enforced if adopted or used for inequitable purposes. Specifically, the Court said a fee-shifting bylaw “may be enforceable if adopted by the appropriate corporate procedures and for a proper corporate purpose.”

 

The claimants in the disputes with Hemispheryx and Biolase may try to argue that the respective bylaws were not adopted for proper corporate purposes but rather were merely means to try to deprive the claimants of their rights to seek legal redress through the courts. On this point, it is interesting to note that the Delaware Supreme Court specifically said that on the question of what might constitute an “improper purpose” that “the intent to deter litigation … is not invariably an improper purpose.” Fee shifting provisions “by their nature, deter litigation.” The intent to deter litigation “would not necessarily render the bylaw unenforceable in equity.”

 

The developments in these cases will be closely watched. As Alison Frankel said in her post about the Biolase bylaw, if Pignatelli, the former Biolase CEO, is unsuccessful in challenging the validity or enforceability of the bylaw, “more public corporations will be emboldened to enact loser pays provisions.” Either way, the outcome of the courts’ considerations of these issues could affect the Delaware legislature’s consideration of the pending legislation next year, as regardless of the outcome one side or the other is likely to pick up ammo to use in the debates surrounding the merits of the legislation – and of fee-shifting bylaws.

 

When the Delaware legislature tabled the proposed legislation, it seems as if the topic of fee-shifting bylaws would lie dormant until next year. For better or worse, that will not be the case. Instead, there could possibly be some significant developments before the legislature takes up the issue again.

 

The Halliburton Decision and D&O Insurance: One of the many questions being asked in the wake of the U.S. Supreme Court’s decision last month in the Halliburton case is what the decision’s implications are for D&O insurance. Readers interested in thinking about this issue will want to read the July 25, 2014 Law 360 article by Roberta Anderson of the K&L Gates law firm entitled “Your D&O Insurance Policy Post-Halliburton” (here, subscription required).

 

After summarizing and reviewing the Court’s holding, Anderson considers that decision’s D&O insurance coverage implications. Anderson also analyzes the likely insurance issues associated with the Court’s holding that defendants may present absence of price impact evidence to try to defeat class certification. She specifically reviews current insurer initiatives to address the costs for event studies that defendants will use to show the absence of price impact. Anderson’s interesting article provides a good summary of the relevant issues. 

 

PrintThe level of all corporate and securities filings continued to decline in the second quarter of 2014 as filing activity returns to levels that prevailed before the financial crisis, according to the latest quarterly D&O claims activity report of Advisen. According to the report, filing levels in the second quarter reflected the “fewest securities and business litigation filings and enforcement actions in the post financial crisis era.” However, securities class action filings bounced back in the second quarter after a “downward fluctuation” in the first quarter. A copy of the Advisen report can be found here. My analysis of first half securities class action litigation filings can be found here.

 

It is important to understand that the Advisen report differs in significant respects from other published reports of securities litigation activity. The other published reports discuss only the levels of securities class action filings, whereas the Advisen report captures a broader sweep of corporate and securities litigation, including regulatory enforcement actions, individual securities actions, breach of fiduciary duty lawsuits and even foreign litigation. In addition, Advisen uses a counting methodology that differs from that used by other reporting sources, which count each action as a single suit no matter how many complaints are filed and no matter how many defendants are named. By contrast, Advisen “counts each company for which securities violations are alleged in a single complaint as a separate suit.” As a result of these features of Advisen’s approach, the figures Advisen reports may appear different from other reported figures.

 

According to Advisen, the quarterly decline in securities and business litigation filings puts filing activity in 2014 on pace for its third straight year of declines in litigation filings levels. Corporate and securities litigation filing levels declined in the second quarter by 26 percent from the first quarter of this year, and declined 25 percent compared to the second quarter of 2013, as the total number of events dropped from 303 to 227. Exhibit 1 to the report graphically depicts filings levels since 2005 and clearly shows that 2014 filing activity is on pace for its lowest level since 2008.

 

In contrast to the overall levels of corporate and securities litigation filing activity, securities class action litigation filings actually increased in the second quarter. According to the Advisen report, there were 44 new securities class actions filed in the second quarter, compared to 39 in the first quarter. The first-half total of 83 projects to a year-end filing total of 166, which is close to the 2013 filing level. (For example, Cornerstone Research tallied the 2013 year-end total of securities class action filings as 166.)

 

 

For the past several years, securities class action litigation as a percentage of all corporate and securities litigation had been declining. However, with the overall decline in the corporate and securities lawsuit filings and the increase in the number of securities class action litigation filings in the second quarter, the percentage that securities class action lawsuit filings represent of all corporate and securities lawsuit filings has increased. In the second quarter, securities class action lawsuit filings represented 20 percent of all filings. On an annualized basis, 2014 is on pace to be the third consecutive year in which securities class action lawsuit filings increased as a percentage of all corporate and securities litigation  filings.

 

While securities class action lawsuit filings are up as a percentage of all corporate and securities filings, the number of new securities class action lawsuits is down from the longer term historical average. For example, Cornerstone Research reports that the 1997-2012 average annual number of securities class action lawsuits was 192, well above the projected number of 2014 securities class action lawsuit filings of 166. According to the Advisen report, “the general decline in the number of securities class actions may be driven by factors such as a reduction in the number of companies traded on the U.S. Stock Exchange or the winding down of credit crisis litigation.”  The longer term trend “may also reflect a change in emphasis by plaintiffs’ firms.”

 

The sector experiencing the greatest number of corporate and securities lawsuits is the financial sector, as has been the case in every quarter since the beginning of the financial crisis. According to the Advisen report, 27 percent of all corporate and securities filings in the second quarter involved companies in the financial sector. Though this level is down compared to 2008, when financial firms were involved in 40 percent of all corporate and securities litigation, financial firms remain the leading sector for new filings.

 

One of the most noteworthy trends in corporate and securities litigation has been the explosion in recent years of M&A-related litigation. Various reports have noted that lawsuits are now filed in connection with virtually every M&A transaction. The most recent Advisen report notes that while M&A litigation increased dramatically through 2011, in the last two years, the trend in terms of absolute numbers of lawsuit filings has been downward. However, the report reflects only absolute numbers of M&A lawsuit filings; it does not attempt to express the M&A related litigation activity as a reflection of the levels of underlying merger and acquisition activity.

 

The report also notes that in the second quarter foreign firms were involved in fifteen percent of all corporate and securities litigation filings, the same level as in the first quarter. The average settlement cost for all types of cases in the second quarter was $16 million, up from $14 million in the first quarter, but well below the $41 million reported in the second quarter of 2013.

 

Advisen Quarterly Claims Trends Webinar: On Thursday July 24, 2014, I will be participating in a free Advisen webinar on the topic of Quarterly D&O Claims Trends. The hour-long call will begin at 11:00 am EDT. The webinar will also include Brenda Shelley of Marsh, Paul Rodriquez of Swiss Re Corporate Solutions, and Jim Blinn of  Advisen. For additional information about the webinar and to register, please refer here.

 

PLUS Professional Liability Regional Symposium in Singapore: On August 21, 2014, I will be participating in the Professional Liability Insurance Society (PLUS) Regional Professional Liability Symposium in Singapore. This evening  event, which will take place at the Singapore Cricket Club, will include a keynote presentation from Chelva Rajah of the Tan, Rajah & Cheah law firm. I already know that many industry professionals in the region plan to attend. I hope that everyone in the region will plan to attend and will encourage others to attend as well. Information about the event including registration can be found here.