I am pleased to publish below a guest post written by Paul A. Ferrillo of the Weil Gotshal and Manges law firm. Paul’s guest post identifies the liability exposures that IPO companies and their directors and officers face, and describes the insurance considerations the companies should address in confronting those exposures. Paul’s article was first printed in Westlaw Journal Corporate Officers & Directors Liability, a Thomson Reuters publication.

 

I would like to thank Paul for his willingness to publish his article on this site. I welcome guest posts from responsible commentators on topics of interest to readers of this blog. Any readers who are interested in publishing a guest post on this site are encourage to contact me directly. Here is Paul’s guest post:

 

 

With a potentially improving economy and rebounding public markets, the idea of going public (a long-shelved consideration in the past few years) in an initial public offering (an “IPO”) has come back in vogue, both in the United States and abroad.  Going public, of course, can be a very good thing for a company, its directors, its initial investors (often venture capital firms or private equity firms), and its stockholders—if the stock does well. But sometimes the stock does not do well because the company misses earnings, or worse, finds some accounting problem that must be disclosed to investors. The price of “not doing well” is often more than just monetary—there could be mountains of lawsuits filed against the company and its directors and officers. These lawsuits can present unique problems for defendants, since the strict liability provisions of Section 11 of the 1933 Act (which govern liability with respect to the publication of alleged materially misleading statements in a company’s prospectus) are almost always implicated. That means, in sum, that any material misrepresentation, even negligently made (because scienter, or culpable knowledge, is not a requirement of a Section 11 claim), could form the basis of liability against a corporate director. Depending upon the severity of the problem and the resulting drop in the stock price, an IPO “failure” could also draw the attention of state and federal securities regulators and potentially the United States Attorneys office. Needless to say, securities class action litigations and investigations can cost millions or tens of millions to defend and settle.

 

 

The delicate balance between the “good” and the “bad” IPOs often ends up on the desk of a company’s risk manager.  Unfortunately, D&O insurance for IPOs is a very different product than other corporate insurance. Slips and falls, broken bones, workers compensation and fire losses are not the issue here. Instead, the personal assets of directors and the company’s most senior executives are at risk.  For this reason, leaving D&O insurance decisions for IPOs solely to risk managers is not advised.  Directors themselves need to understand the pitfalls and perils of poor decisions related to D&O insurance for IPOs. Directors need to understand the value that a sophisticated insurance broker brings to the D&O insurance purchasing decision.   This knowledge is especially important for directors in today’s environment where companies may be seeking to go public under the streamlined requirements for emerging growth companies as set forth in the Jumpstart Our Business Startups Act (“Jobs Act”) of 2012, which generally sets forth looser compliance and internal control requirements than under the Sarbanes Oxley Act of 2002. This article attempts to bring all of these issues together, in one place, for directors to understand what they need to know about D&O insurance (and related corporate insurances) when a company goes public.

 

 

How Much D&O Insurance to Buy?

 

Very often, after a director is recruited to sit on the board of a company going public, one of his first questions is “well, how much D&O insurance are you going to have?” Unfortunately, there is not one right answer to this question.  Some view it a “cost question.” Buying a lot of good D&O insurance costs money, and some companies don’t want to pay a lot for it, as they think it’s a “commodity.” Directors often take an opposite view.  They are on the firing line, and if there is not enough D&O insurance, they could be asked to write a personal check to the plaintiffs’ counsel to settle an action against them—a very unpalatable prospect. Finally, others view it as a question answered by reference to benchmarks—if the last company that did a $300 million IPO bought $20 million of D&O insurance, why shouldn’t we? 

 

 

All of these viewpoints have some ring of truth and make some sense. But the bottom line is that being uninsured is a very bad thing for everyone involved. So why not resolve to make a D&O IPO insurance purchase that makes better sense to all those potentially involved in the aftermath of a failed IPO? To do so, we recommend the following: First, ask your insurance broker for recommendations as to other similarly situated companies that went public in terms of what D&O limits they purchased. A sophisticated broker with experience in the public company D&O markets should have this information at his fingertips. Such benchmarking is a good start to get a ballpark figure of what limits to buy.  Second, an arguably better approach is a market capitalization analysis of potential stock drop scenarios, using generally-accepted settlement figures that are publicly-available. For instance, imagine that a company expects its market capitalization twelve months post-IPO to be $1 billion. And what if that company were to suffer a 40% stock drop as a result of the announcement of unexpected bad news? That would equate to a $400 market capitalization drop. Taking 10% of that number (10% being a “proxy” for the percent of shareholder losses that might be recoverable in a “medium” severity case) would equate to a potential settlement of $40 million (but note that in a Section 11 case with strict liability issues, the settlement percentage could arguably be higher!). Adding in attorney’s fees and the potential costs of an investigation might get you to a $50 million total per-claim loss. The $50 million number should be another data point to consider when evaluating a D&O limits purchase. Again, there is no “right” answer here. 

 

 

What Carriers to Use in “the Tower”

 

Years of experience defending securities class actions allow us to make some comments about the importance of good D&O insurance. D&O insurance is not a commodity. Not all D&O carriers are equal.  Not all D&O carriers have good reputations for handling and paying claims. Not all carriers will “step up to the plate” when its time to resolve the action. Directors should ask around (to other directors and other companies of boards they sit on) to understand which carriers are willing to pay claims and which are not. Good brokers will have this information too, if they are willing to share it with you. Lawyers who defend securities class action typically run into many carriers while mediating class actions, and may also have an opinion on which carriers are business-minded and stand behind their director clients. There is nothing worse that having a recalcitrant carrier at the settlement table that refuses to pay a claim. 

 

 

Portfolio Company IPO’s versus Spin-offs

 

Many times IPOs are a tool for private equity firms or hedge funds looking to exit or reduce an investment. Sometimes IPOs result from larger companies spinning off profitable subsidiaries into standalone public companies. Spin-offs present unique D&O challenges to consider in the D&O insurance purchasing decision: the potential for overlapping boards, the potential for not only a stock drop for the company going public, but for the parent as well under certain circumstances, counsel and privilege issues that might require multiple sets of defense counsel (which add to the cost of a litigation), and the selling shareholder liability of the ultimate parent who is selling its shares of the spin-off in the IPO.

 

 

Regardless of the challenges, one simple strategy for a director of the company going public is to insist that the company going public purchase enough D&O insurance to fully satisfy the company’s (and his) potential liability to shareholders.  Another question to ask is whether there will be any additional insureds on the policy (e.g. the private equity sponsor, or the ultimate parent who is spinning off the company going public) who may have other liability issues like potential selling shareholder liability.  If too many constituencies share from the same tower chances are that there may be not enough money left at the end of the day to effectuate a settlement of all outstanding litigations and investigations, especially in a Section 11 case.

 

 

Indemnifiable versus non-Indemnifiable Loss Coverage –Side A D&O Insurance

 

Part of any analysis of the purchase of D&O insurance is the purchase of Side A D&O coverage. “Side A” excess D&O coverage is for “non-indemnifiable loss,” i.e. loss incurred by a director for which a company cannot advance or indemnify, or is financially unable (because of an insolvency scenario) to advance or indemnify pursuant to its bylaws or certificate of incorporation. Side A coverage only exists for the benefit of the directors and officers—it would never cover the entity.

Though certainly a part of traditional D&O coverage, in the years after Enron and Worldcom, it has become standard to purchase separate Side A D&O coverage to cover the directors and officers with dedicated limits that are fully accessible in any insolvency situation. Though some would term this “bankruptcy-specific” D&O coverage, the need for Side A excess D&O insurance can come up in other ways. More specifically, under Delaware law, the settlement of a shareholder derivative action is “non-indemnifiable,” meaning the Company cannot fund such a settlement.  So having Side A coverage available for such a situation is a huge positive for a director. More specialized forms of Side A coverage also exist, like Side A “difference in conditions” coverage (which can, under certain circumstances, drop down and provide coverage in situations where an underlying carrier won’t pay), and “independent director” coverage (which expressly covers only independent directors) also exist. Directors and independent directors should insist on dedicated Side A limits as part of the overall IPO D&O structure.

 

 

Mandatory Advancement – Presumptive Indemnification Clauses

 

One of the new developments in the D&O marketplace over the last two years is mandatory advancement of defense costs under any circumstance. Previous to 2010 D&O carriers would generally advance defense costs from dollar one in insolvency settings, understanding that (1) in such a case a company “was unable to advance” defense costs within the retention, and (2) to not advance defense costs would potentially leave directors without adequate counsel, thus exposing them (and the carrier) to increased exposure. A soft market for D&O insurance, among other reasons, caused carriers to expand advancement of defense costs to situations where a company “simply refuses” to advance or pay a director’s defense costs, in addition to the insolvency scenario. That is a huge consideration when such defense costs could run into the hundreds of thousands of dollars. Further, presumptive indemnification language normally contained in D&O policies should be stricken or watered down so it does not conflict with the broad advancement of defense cost coverage now being offered in the D&O marketplace.

 

 

Definition of Loss Issues

 

A D&O policy is not particularly useful if it does not cover all claims-related payments and settlements concerning litigation commenced against directors and officers. A director should insist on the broadest definition of “loss” possible, which should include the payment of (1) all pre-claim investigation or inquiry costs, (2) all defense costs, judgments and settlements related to litigation and post-claim investigatory proceedings and litigation, (3) all expert costs, (4) any defense costs associated with bankruptcy-related investigations commenced by a trustee, receiver or creditors committee, and (5) all defense costs and settlements associated with claims against him under Sections 11, 12 and 15 of the 1933 Act. 

 

 

Bankruptcy Protections

 

Needless to say, the primary D&O policy should work in all settings, including bankruptcy settings. Directors should insist on broad “definition of claim” words to cover bankruptcy investigations, and a broad carve-out from the insured-versus-insured exclusion for derivative claims brought by creditors committee, bondholder committees or properly formed bankruptcy constituencies of the company. Finally, we recommend a simplified “order of payments” (or “priority of payments”) clause which does not leave any discretion to the company to withhold or direct payments under a D&O policy. 

 

 

Though our list of questions is long, it is certainly not exclusive of other D&O policy enhancements sophisticated brokers might also suggest for clients going public. A good broker can be an ally here, not a hindrance to the process. At the end of the day, however, it is up to the director himself to fully educate himself on the D&O coverage for any company for whom he or she is going to sit on the board. This is an area that is simply too important to overlook. Again, good D&O insurance often goes unnoticed. But poor D&O insurance often comes to light at the worst possible time for a director.

 

 

************

 

 

Weil Gotshal & Manges Releases Latest Edition of "The 10b-5 Guide": In adddition to writing the above blog post, Paul Ferillo is also one of the co-authors, along with his colleagues Robert Carangelo, David Schwartz and Matthew Altemeier, all also of the Weil, Gotshal & Manges law firm, of the seventh edition of The 10b-5 Guide, which the firm released today. The  law firm’s press release regarding the Guide can be found here and a link to the electronic version of the Guide can be found here

 

 

The Guide provides a comprehensive survhey of recent developments in the regarding 10b-5 actions, including in particular a complete overview of the decisions of the U.S. Supreme Court in the securities law arena during the 2010-11 term. The Guide is presented as a primer for corporate employees and securities ltigation practitioners and serves as a handbook to one of the SEC’s most important rules.

 

 

The Guide is great resource and I highly recommend it for everyone. (Readers will note that I wrote the Foreward for this latest edition of the Guide.)

 

In the August 2012 issue of Business Law Today, the ABA Business Law Section published an article entitled “Training for Tomorrow: Corporate Counsel Checklist for Supervising Creation/Renewal of D&O Protection Program” (here). The article describes the critical components of a comprehensive executive protection program. A detailed description of the article and an explanation of the process by which the ABA Business Section created and published the checklist can be found in a September 11, 2012 post by Kevin Brady on the Delaware Corporate and Commercial Litigation Blog

 

The ABA checklist and accompanying commentary emphasizes that there are multiple components of a comprehensive program to protect corporate directors and officers from potential financial and criminal liability. The first element, statutory exculpation, should be incorporated into the company’s certificate or articles of incorporation.

 

Three additional elements of the program described in the ABA article are:  the right to advancement of defense costs; relief from the duty to repay advances; and indemnity against settlement and judgments. All three of these elements should be address in the company’s corporate by-laws. As the article notes, the changing legal environment poses “significant hurdles” to “making sure that the entity’s by-laws actually provide the maximum rights to advancement and indemnity that the law permits. The article provides a short, useful checklist to be used in reviewing corporate by-laws in order to ensure that the provisions provide the recommended components of executive protection program. Readers of this blog will find this portion of the ABA article particularly useful.

 

The article also notes that D&O insurance is a critical component of a comprehensive executive protection program. The article also contains a D&O insurance checklist. The list contains many useful items. D&Oinsurance professionals will want to be familiar with the list, as it is possible that their clients, armed with checklist, might expect the insurance professionals to respond to each of the checklist items.

 

One item that should be added to the list is the critical importance of associating in the D&O insurance placement process an experienced and knowledgeable insurance professional that is qualified to negotiate policy terms and conditions and that is able to make informed recommendations about policy limits and structure. Corporate counsel that want to ensure that their company’s D&O insurance program is state of the marketplace will want to enlist the assistance of a D&O insurance professional that is out in the marketplace every day and that is fully informed about what is available in general and from each of the carriers.

 

On September 7, 2012, the Delaware Supreme Court, applying California law, held that Intel’s excess insurer’s defense obligations were not triggered where Intel had settled with the underlying insurer for less than policy limits and had itself funded the defense fees above the settlement amount and below the underlying insurer’s policy limit. A copy of the Court’s opinion can be found here. (Hat tip to the Traub Lieberman Insurance Law Blog for the link to the Court’s opinion).

 

Intel carried a multilayer tower of general liability insurance, consisting of a primary layer of $5 million, a first excess layer of $50 million, and multiple layers above that. Intel became involved in antitrust class action litigation triggering the insurance tower. Intel subsequently became involved in insurance coverage litigation with the first level excess insurer, which the first level excess insurer settled with a payment to Intel of $27.5 million. Intel funded its own defense expenses above that amount.

 

When its payment of defense expenses exceeded the remaining amount of the first level excess carrier’s limit of liability, Intel contended that the second level excess carrier’s defense obligations had been triggered. The second level excess carrier contended that its payment obligations could only be triggered by payments by the underlying excess insurer and that Intel’s own payments did not trigger payment. The second level excess insurer (hereafter, the insurer) filed an action in Delaware Superior Court seeking a judicial declaration that its payment obligations had not been triggered. The Superior Court granted summary judgment for the excess insurer, and Intel appealed.

 

On appeal, Intel argued that its defense cost payments were sufficient to trigger the insurer’s payment obligation. In making this argument, Intel relied on Condition H, which is titled “When Damages Are Payable” and provides that policy coverage “will not apply unless and until the insured or the insured’s underlying insurance had been paid or is obligated to pay the full amount of the Underlying Limits.”

 

In arguing that its payment obligations had not been triggered notwithstanding Intel’s payment of the defense expenses, the insurer argued in reliance on an Endorsement that had been added to the policy and that provided in Paragraph C that “Nothing in this Endorsement shall obligate us to provide a duty to defend any claims or suit before the Underlying Insurance Limits … are exhausted by payment of judgments or settlements.” The insurer argued that notwithstanding Intel’s payment of defense expenses, the underlying limit had not been exhausted by “payment of judgments or settlements.”

 

In affirming the lower court’s entry of summary judgment, the Supreme Court, in an opinion written by Justice Henry duPont Ridgeley for a five-judge panel, found that “Intel’s reading of the [insurer’s] policy purports to do exactly what Paragraph C of the Endorsement forbids: obligate [the insurer] to provide a duty to defend before exhaustion of the underlying …policy by payment of judgments or settlements.” The Court added that “viewing the policy language as a whole, Intel’s reading is untenable.” The Delaware Court also called Intel’s interpretation “strained.”

 

The Court specifically found that Paragraph C “cannot be construed under California precedents to encompass an insured’s own payment of defense costs.” The term “judgments” refers, the Court found,“to a decision by some adjudicative body of the parties’ rights” and the term “settlements” refers to “some agreement between parties as to a dispute between them.” Defense costs paid by the insured “do not fall within the plain meaning of either term.”

 

The Delaware court also referred specifically to the California Intermediate Court of Appeals decision in the Qualcomm case (about which refer here), in which the court held that payments of amounts by the policyholder did not suffice to exhaust the underlying insurance and trigger the excess coverage.  Though noting that the Qualcomm case involved different policy language, “the implications of Qualcomm’s holding for this case are clear” – that is, that “plain policy language on exhaustion, such as that contained in Paragraph C, will control despite competing public policy concerns.”

 

The Delaware Court also concluded that because the “plain language of the policy control,” the venerable Zeig v. Massachusetts Bonding & Insurance Co. decision from the Second Circuit is “inapplicable.”

 

Discussion

This Delaware decision joins a growing line of cases concluding –based on the language at issue requiring payment by the underlying insurer — that the policyholder’s payments do not suffice to trigger an excess insurer’s payment obligation. (Refer here for the most recent discussion of the growing line of cases).

 

It is worth emphasizing that these cases are strictly a reflection of the policy language at issue. The excess policies certainly could provide that payment by either the insurer or the insured would suffice to exhaust the underlying insurance amounts and to trigger the excess insurer’s payment obligation. Indeed, more recently, many excess D&O insurance carriers have agreed to modify their policies to recognize payment either by the underlying insurer or by the insured as a trigger to the excess insurer’s obligation.

One of the interesting things about this case is that Condition H, on which Intel relied, did in fact expressly allow for the amount of the underlying insurance to be paid either by the “insured or the insured’s underlying insurance.” The Delaware Court, interpreting this provision (which is captioned “When Damages Are Payable”), said that it provided only that “Intel’s payment of damages may trigger [the insurer’s] duty to indemnify” (emphasis added). The Court went on to say that “nothing in Paragraph C suggests that Intel’s direct payment of defense costs may trigger (the insurer’s] duty to defend” (emphasis added).

 

That is, because the payment on which Intel sought to rely in arguing that the insurer’s payment obligations had been triggered was the payment of defense expenses (not damages), and because INtel was seeking payment from the insurer of defense expense (not damages), Condition H was irrelevant and only Paragraph C applied.

 

It is worth noting that Paragraph C had been added by endorsement, and it is fair to say the relationship between the various provisions and amendments is complicated. As the Delaware court itself noted, the “interplay” between the provisions “is admittedly complex.”

 

Insurance policies are of course complicated contracts with a variety of operating provisions. These provisions interact in complex ways, and when base forms are amended by endorsement, the interactions can become even more complicated.

 

Without in any way meaning to suggest that the policy at issue in this case did not reflect the intent of the parties to the contract, this case is a good illustration of how important it is to make sure that all of the various policy provisions are appropriately structured to that the interaction of the various provisions results in the intended outcome. Which is reminder that it is mportant in connection with the policy placement process that policyholders enlist the assistance of knowledgeable, experienced insurance advisors who understand the coverage and understand how various provisions and amendments will interact even the event of a claim.

 

 Today’s Typo of the Day: This high school booster club banner has a rather unfortunate typo.

 

In an August 27, 2012 post (here), I discussed Central District of California Judge James Selna’s August 21, 2012 decision in Petersen v. Columbia Casualty, and in particular Judge Selna’s consideration of the insurer defendant’s duty to advance under its liability policy. Following my publication of the post, I was contacted by Jeffrey Kiburtz of the Shapiro, Rodarte & Forman law firm. Jeff had a differing perspective on Judge Selna’s opinion and he suggested the possibility of a guest post on the topic, to which I readily agreed. Jeff’s guest post discussing Judge Selna’s opinion is set forth below.

 

I would like to thank Jeff for his willingness to set out his views as a guest post on this site. I welcome guest posts from responsible commentators on topics of interest to this blog. Any readers who are interested in publishing a guest post on this site are encourage to contact me directly. Here is Jeff’s guest post:

 

 

 

As a regular reader of Kevin’s blog, I always find it be well-written, informative and timely – it is truly a great resource and I am thankful to him for helping me stay up-to-date on a variety of management liability issues (as well as the opportunity to submit this guest blog). And while I also find myself in agreement with the majority of his substantive commentary, I felt compelled to provide a different perspective on the Petersen v. Columbia Casualty he discussed here. (For the record, I had no involvement in the Petersen case.)

 

 

As discussed in greater detail there, Petersen ostensibly addressed the standard for determining whether an insurer must advance defense costs under a non-duty to defend policy. For Kevin, “the court [in Petersen] correctly understood the insurer’s defense obligations and correctly declined to apply principles derived from duty to defend cases to the determination of the insurer’s obligations.” From my perspective, however, the court’s decision on the standard applicable to non-duty to defend policies did not expressly consider, and is in any event difficult to reconcile with, established Ninth Circuit precedent. (I’ll leave for others the issue of whether there is any actual conflict between our two stated perspectives.)

 

 

In refusing to apply duty to defend principles (most notably the principle that defense obligations are triggered by a “mere potential” for coverage) to the analysis of whether an insurer must advance defense costs, the court in Petersen appears to have relied nearly exclusively on Jeff Tracy, Inc. v. U.S. Specialty Ins. Co., 636 F. Supp. 2d 995 (C.D.Cal. 2009). Further, both Petersen and Jeff Tracy suggested that the only support for the insured’s “mere potential” argument was Gon v. First State Ins. Co. 871 F.2d 863 (9th Cir. 1989), which both courts distinguished as addressing the timing of when an insurer must begin to advance defense costs, not the method of determining whether such a duty exists in the first instance. Thus, in both Jeff Tracy and Petersen, the Central District concluded in one form or another that “the Ninth Circuit did not hold [in Gon] that the duty to defend or ‘potential for coverage’ standard still applied” to non-duty to defend policies. Jeff Tracy at 1003.

 

 

Now, admittedly, the specific reach of Gon (and a similar case, Okada v. MGIC Indem. Corp., 823 F.2d 276, 282 (9th Cir.1986)) is a little unclear, but the Ninth Circuit itself regards Gon and Okada as “circuit precedent requiring the advancement of defense costs for potentially covered claims.” Pan Pacific Retail Properties, Inc. v. Gulf Ins. Co., 471 F.3d 961, 970 (9th Cir. 2006). Moreover, although the court in Pan Pacific distinguished Gon and Okada on grounds that those cases are inapplicable when, as in Pan Pacific, the coverage action was brought after the conclusion of the underlying matter, the court made reasonably clear in a separate case that potentiality remains the test when contemporaneous advancement of defense costs is the issue. Unified Western Grocers, Inc. v. Twin City Fire Ins. Co., 457 F.3d 1106, 1112 (9th Cir. 2006).

 

 

Unified Western Grocers involved alleged fraudulent transfers in the context of a leveraged buyout. The insurer declined coverage on grounds that the underlying suit effectively constituted an action for restitution based on allegations of intentionally wrongful conduct. And, while the insured countered that the asserted breach of fiduciary duty was at least potentially covered, the insurer argued that the claim for breach of fiduciary duty and its related allegations were, in effect, inseparably intertwined with the non-covered, intentionally wrongful conduct and demand for restitution. Reversing the district court, the Ninth Circuit agreed with the insured, holding that the breach of fiduciary duty claim gave rise to a potential for coverage and the broad allegations of intentionally wrongful conduct did “not automatically subsume all allegations of a negligent character.” Id. at 1114.      

 

 

As most relevant to this discussion, the Ninth Circuit stated that “[i]n determining whether an unproven claim is covered by an applicable insurance policy, we are reluctant to frame coverage based on isolated allegations in an underlying complaint.” Id. at 1112 (citingGon and the seminal California duty to defend case Gray v. Zurich Ins. Co. (1966) 65 Cal.2d 263 for the proposition that “the third party complainant, who may overstate the claims against the insured, should not be the arbiter of the policy’s coverage.”) Based on this, the court applied a potentiality test to the two coverage issues raised by the insurer (intentionally wrongful conduct and restitution), ultimately holding that there remained a possibility of covered liability based on the not-necessarily-intentional conduct alleged in connection with the breach of fiduciary claim and that the relief sought was not necessarily restricted to restitution.   

 

 

Further, lest one think that the Ninth Circuit missed that it was dealing with what appears to have been a pretty standard D&O policy that did not provide for a duty to defend, the court made clear that while “Gon and Gray involved interpretations of an insurer’s duty to defend potentially covered claims” and are “not directly applicable to determining an insurer’s duty to indemnify loss,” the determination that the district court’s decision below that there were “no covered claims as a matter of law . . . is closely analogous to the question of whether there is a potentially covered claim.” Id. at 1112 fn.8.  

 

 

Returning to Petersen, it is difficult to reconcile the court’s apparent rejection of any form of a potentiality test with the precedent discussed above, especially Unified Western Grocers. For example, like Unified Western Grocers and unlike Pan Pacific, coverage in Petersen was determined during the pendency of the underlying litigation. Further, while it appears that the court in Petersen implicitly distinguished Olympic Club v. Those Interested Underwriters at Lloyd’s London, 991 F.2d 497 (9th Cir. 1993) (an earlier Ninth Circuit decision in which the court explicitly held that potentiality is the test for non-duty to defend policies) on grounds that the policy in Olympic Club did not expressly disclaim the insurer’s duty to defend, that would not be sufficient to distinguish Unified Western Grocers as the policy there plainly had no duty to defend. The Petersen court also appears to have distinguished Olympic Club on grounds that the policy in Petersen did not provide coverage for allegations of wrongful conduct, an assertion which does not appear factually accurate, as the definition of “Act” quoted in the Petersen decision encompassed allegations of wrongful conduct.  

 

 

The court in Petersen also appears to have been swayed by the presence of allocation provisions in the policy, which seems to suggest that the court viewed potentiality and allocation as mutually exclusive, i.e., that one cannot have a potentiality standard without also requiring the insurer to fund 100% of the defense of a mixed suit. Irrespective of the rationale, the policy’s allocation provisions would not in any event appear to be an adequate basis for distinguishing United Western Grocers, as the policy at issue there also contained an allocation provision. Lastly, while Unified Western Grocers did not mention the final policy attribute cited as militating against a potentiality standard in Petersen (i.e., that the policy required the insured to consult with the insurer before incurring defense costs), it is hard to imagine that factor being significant, especially since the “power of the purse” control that language provides the insurer makes the policy more akin to a duty to defend policy, arguably making it more appropriate to apply principles developed under duty to defend policies. 

 

 

It seems worth noting that the Petersen court’s decision on the standard applicable to determining whether an insurer must advance defense costs could be considered dicta, as it is not clear from the recited facts that application of a potentiality standard would have yielded a different result. Nevertheless, whether dealt with on that basis or otherwise, I would question the suggestion that Petersen (or Jeff Tracy for that matter) represents the law in California federal courts concerning the duty to advance defense costs. 

 

 

        

            

I am pleased to publish below an article by my good friend Richard J. Bortnick (pictured left) concerning the directors’ and officers’ liability issues related to cyber security and data breaches. Rick is a Member of the Cozen O’Connor law firm and he is also the co-author of the CyberInquirer blog. This article first appeared as a chapter in the July 2012 publication Willis’ Executive Risks – A Boardroom Guide 2012/2013. I would like to thank Rick for his willingness to publish the article here.

 

I welcome guest posts from responsible commentators on topics of interest to this blog. Any readers who are interested in publishing a guest post on this site are encourage to contact me directly. Here is Rick’s guest post: 

 

 

Cyber insurance has become a necessity. Every company that maintains, houses or moves sensitive information is at risk of a data breach, primarily due to the growth and increased sophistication of hackers, malicious software and, most recently, ‘hacktavists’. Even mere employee negligence can lead to a data breach. High-profile companies such as Sony can attest that cyber-intrusions can lead to hundreds of millions, if not billions, of dollars in legal exposure.

 

 

Equally troublesome, our expanding online society has introduced new financial risks and exposures that may not be covered under general and professional liability insurance products, including standard directors’ and officers’ (D&O) policies. As such, corporate directors and officers, and their risk-management professionals, must ensure that they buy appropriately tailored policies that provide protection against the rapidly expanding risks to which they could be vulnerable, both personally and professionally.

 

 

The risks and costs of a data breach

 

It has become known as the Year of the Breach: in 2011, companies of all sizes experienced malicious intrusions or employee negligence that affected their operations and/or businesses. For example, in April 2011, computer hacktavists unlawfully accessed the Sony PlayStation Network (PSN) and obtained the personal and financial information of roughly 77 million PSN users. Since then, Sony and its insurers likely have spent tens, if not hundreds, of millions of dollars to remedy and mitigate the resulting security and commercial crises — an amount that grows by the day as lawyers prosecute class action lawsuits on behalf of allegedly affected users whose personal and financial information was improperly accessed. 

 

 

Equally problematic for Sony, it has been sued by its commercial general liability (CGL) insurer, Zurich American, which is seeking to avoid coverage by arguing that its general liability policies do not and never were intended to cover data breaches.

The TJX Companies also fell victim to a cyber intrusion that security experts predict will have long-term costs of between US$4 billion and US$8 billion in fines, legal fees, notification expenses and brand impairment. In the TJX case, the retail group reported that 45.6 million credit and debit card numbers were stolen from one of its systems during the period July 2005 to January 2007. Of critical import, the January 2007 intrusion occurred after TJX already had knowledge of the initial breaches. 

 

 

Of course, big corporations are not the only entities that are vulnerable to hackers and hactavisits; indeed, half of all companies that have experienced data breaches have fewer than 1,000 employees. 

 

 

NetDiligence, a US company that specialises in assessing cyber risks and data breaches, released a study in June 2011 summarising its survey of data-breach insurance claims made between 2005 and 2010 in a variety of industries in the US (see the panels on the next three pages). Based on the claims payout data submitted for the study, the average cost for a data breach was US$2.4 million. Topping the list of the most frequently breached sectors were healthcare and financial services. 

 

 

Moreover, the study found that 95 per cent of the breaches were caused by one of three things: hackers, rogue employees and loss/theft of equipment. For the most part, the information stolen consisted of personal identification information (PII) — name, address, email address, telephone number, social security number and credit card information — or personal health information (PHI).

 

 

 

Similarly troubling, in 2011 nearly 23 million confidential records were exposed in the US as a result of over 419 reported security breaches, according to the non-profit Identity Theft Resource Center (ITRC).

 

 

These numbers are likely to hold steady; at the start of April 2012, the ITRC reported 105 breaches and roughly 4.5 million exposed records in the first three months of the year. In turn, the Ponemon Institute, a data-security research firm, reported that the average cost of a breach to US organisations in 2011 was US$5.5 million, and that the cost per compromised data record stood at $194. These substantial numbers include the attendant costs of retaining forensic experts, attorneys’ fees, customer-notification expenses, fraud monitoring, public relations support, business interruption, loss of customer goodwill, and third-party liability claims.

 

 

Many breaches result in reputational damage, leading to diminished future cash flows. While loss of goodwill is notoriously hard to quantify, its financial impact can be both long-term and substantial.

 

 

Cyber security regulations and compliance

 

SEC guidance

 

On October 13, 2011, in response to the “increasing dependence on digital technologies” and associated risks, the Division of Corporation Finance (DCF) of the US Securities and Exchange Commission (SEC) issued a ‘Disclosure Guidance’ that presents, for the first time, disclosure recommendations relating to cyber-security risks. It is worth noting the DCF’s own observation in the guidance that it “is not a rule, regulation, or statement of the Securities and Exchange Commission”. The DCF also emphasises that many of its ‘recommendations’ may already be encompassed within corporate disclosure obligations found elsewhere in various SEC regulations.

 

 

While the Disclosure Guidance is designed to be ‘advisory’, its practical implications establish the ‘recommendations’ as best practices and in essence render compliance essential, if not mandatory. To put it another way: non-compliance would be ill-advised. 

 

 

At the same time, the DCF counsels that “material information regarding cyber-security risks and cyber incidents” may need to be disclosed “in order to make other required disclosures, in light of the circumstances under which they are made, not misleading.” It cites Basic Inc v Levinson (1988) for the proposition that “information is considered material if there is a substantial likelihood that a reasonable investor would consider it important in making an investment decision or if the information would significantly alter the total mix of information made available.”

 

 

Although the Disclosure Guidance is only directed at public companies under the SEC’s jurisdiction, it can be expected to have far-reaching implications for non-public companies and even individuals doing business with public companies.  

 

 

What does the disclosure guidance say?

 

It makes most sense to begin with what the Disclosure Guidance is not. The DCF makes it clear that it is not advising companies to make detailed disclosures of highly technical elements of their cyber-security programme or even the details of an actual cyber attack. Indeed, it is aware that “detailed disclosures could compromise cyber-security efforts — for example, by providing a ‘roadmap’ for those who seek to infiltrate a registrant’s network security — and we emphasize that disclosures of that nature are not required under the federal securities laws”. On the other hand, the DCF advises that companies should avoid offering “generic risk factor disclosure.”

It also highlights the point that existing disclosure obligations may warrant discussion of such risks — in many cases rendering cyber-security disclosures mandatory. For instance, Regulation S-K and Form 20-F of the Securities Act of 1933 require public companies to disclose “risk factors” that would be relevant to a prospective investor. Accordingly, the Disclosure Guidance counsels that companies “should disclose the risk of cyber incidents if these issues are among the most significant factors that make an investment in the company speculative or risky.”

 

 

The DCF further suggests that companies, in determining whether risk disclosure is required, should evaluate their cyber-security risks, taking account of previous incidents, the likelihood of future occurrences, the magnitude of those risks and the adequacy of preventive measures. Depending on the circumstances of individual companies, the DCF says that appropriate disclosures may include:

 

•             discussion of aspects of the company’s business or operations that give rise to material cyber-security risks and the potential costs and consequences

•             description of outsourced functions that have material cyber-security risks, and how the company is addressing those risks

•             description of cyber incidents experienced by the company that are individually or in the aggregate material, including the costs and other consequences

•             risks related to cyber incidents that may remain undetected for an extended period

•             description of relevant insurance coverage.

 

Beyond all of this, the DCF recommends the following (potentially required) disclosures that could implicate cyber issues.

 

 

Discussion and analysis of financial condition

 

The DCF recommends: “Registrants should address cyber-security risks and cyber incidents … if the costs or other consequences associated with one or more known incidents or the risk of potential incidents represent a material event, trend, or uncertainty that is reasonably likely to have a material effect … For example, if material intellectual property is stolen in a cyber attack … the registrant should describe the property that was stolen and the effect of the attack on its … operations, liquidity, and financial condition and whether the attack would cause reported financial information not to be indicative of future operating results or financial condition. If it is reasonably likely that the attack will lead to reduced revenues, an increase in cyber-security protection costs, including related to litigation, the registrant should discuss these possible outcomes, including the amount and duration of the expected costs, if material.”

 

 

Description of business

 

“If one or more cyber incidents materially affect a registrant’s products, services, relationships with customers or suppliers, or competitive conditions, the registrant should provide disclosure … In determining whether to include disclosure, registrants should consider the impact on each of their reportable segments. As an example, if a registrant has a new product in development and learns of a cyber incident that could materially impair its future viability, the registrant should discuss the incident and the potential impact to the extent material.”

 

 

Legal proceedings

 

“If a material pending legal proceeding to which a registrant or any of its subsidiaries is a party involves a cyber incident, the registrant may need to disclose information regarding this litigation …”

 

Financial statement disclosures

 

Noting that “cyber-security risks and cyber incidents may have a broad impact on a registrant’s financial statements”, the DCF sets out some of the costs and losses that may need to be disclosed in statements, depending on the nature and severity of the potential or actual incident:

 

•             the possibly substantial costs incurred in preventing cyber attacks

•             any incentives provided to customers to mitigate damages from a cyber incident and maintain the business relationship

•             losses, in the wake of cyber attacks, from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and replacement, and indemnification of counterparty losses from their remediation efforts

•             potentially diminished future cash flows, therefore requiring consideration of impairment of certain assets including goodwill, intangible assets, trademarks and patents.

 

 

Disclosure controls and procedures

 

The DCF further notes that: “Registrants are required to disclose conclusions on the effectiveness of disclosure controls and procedures. To the extent cyber incidents pose a risk to a registrant’s ability to record, process, summarize, and report information that is required to be disclosed in Commission [SEC] filings, management should also consider whether there are any deficiencies in its disclosure controls and procedures that would render them ineffective.” 

 

 

In short, directors and officers must be attuned to the regulations to protect themselves against the impact of cyber risks and costs in the larger context of their company’s disclosure obligations to investors. Or, to put it another way, those who ignore the Disclosure Guidance do so at the risk of an action by the SEC or by shareholders if a cyber incident occurs.

 

 

Given the increased prevalence and effectiveness of cyber attacks and breaches, and in light of the Disclosure Guidance, it would be difficult to justify why proper protective measures — including sufficient cyber insurance   — were not put in place, and why the risks were not disclosed to the investing public.

 

 

A ‘not so hypothetical’ hypothetical

 

Consider the following case and contemplate whether the court may have reached a different result in light of the Disclosure Guidance. Heartland Payment Systems stores millions of credit and debit card numbers on an internal computer network to facilitate payment processing. In December 2007, hackers launched a Structured Query Language (SQL) attack on Heartland’s payroll management system. To its credit, Heartland was able to repel the attack before any personally identifiable information was stolen.

 

 

Regrettably, however, the company failed to detect malicious software (malware) that had been placed on the network by way of the SQL attack. This malware infected Heartland’s payment processing system, ultimately enabling the hackers to steal 130 million consumer credit and debit card numbers.

 

 

Heartland did not discover the malware until January 2009, at which time it notified government authorities and publicly disclosed the event. 

 

 

Over the course of the following month, Heartland’s stock price plunged in value. Shareholder class actions alleging securities fraud and material non-disclosures followed. 

 

 

In their complaint, the plaintiffs alleged that Heartland and its officers and directors had made material misrepresentations and omissions about the December 2007 SQL attack. For example, the plaintiffs alleged the following material misrepresentations:

 

•             At numerous times, defendants concealed the SQL attack in statements made during earnings conference calls and in 10-K (annual) reports

•             Defendants misrepresented the general state of Heartland’s data security because they were aware that Heartland’s network had been breached and yet they had not fully remedied the problem

•             Notwithstanding its knowledge of the SQL attack, the company failed to disclose that its information systems were extremely vulnerable (rather, it had stated that it took computer security very seriously).  

 

The plaintiffs claimed that Heartland and its directors and officers had violated Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 by failing to disclose material information related to a lack of security and known breaches of its information systems. As a result of the company’s material misrepresentations related to the security breach, the plaintiffs alleged, Heartland’s common stock lost around 80 per cent of its value.

 

 

As is common in security class action lawsuits, the Heartland defendants moved to dismiss the shareholders’ complaint on the basis that it failed to state a claim upon which relief could be granted, because it did not allege the existence of a material mis-statement or omission. In ruling on that motion (see In re Heartland Payment Systems Inc, 2009), the US District Court for the District of New Jersey found that the existence of unresolved network security issues did not, in itself, suggest that the company did not value data security or that it did not maintain a high level of security. The court further found that while knowledge of the 2007 SQL attack may have been material to the plaintiffs’ investment decisions, securities issuers have no general duty to disclose every material fact to investors.

 

 

In addition, the court found that the plaintiffs’ complaint failed to sufficiently plead the necessary elements of scienter, or knowledge of wrongdoing, as it did not allege that defendants knew or had reason to suspect that Heartland’s security systems were so deficient that it was false to say the company placed significant emphasis on maintaining a high level of security. Accordingly, the court granted the defendants’ motion to dismiss. 

 

 

Now, consider the language of the Disclosure Guidance in addressing the following, potentially required ‘risk factor’ disclosures: “A registrant may need to disclose known or threatened cyber incidents to place the discussion of cyber-security risks in context. For example, if a registrant experienced a material cyber attack in which malware was embedded in its systems and customer data was compromised, it likely would not be sufficient for the registrant to disclose that there is a risk that such an attack may occur. Instead, as part of a broader discussion of malware or other similar attacks that pose a particular risk, the registrant may need to discuss the occurrence of the specific attack and its known and potential costs and other consequences.”

 

 

In light of the express reference to ‘malware’, Heartland may have found it more difficult to argue that its failure to detect the malware embedded in its systems was reasonable and that its failure to disclose the extent of other potentially significant risks associated with a known cyber attack adequately satisfied the recommendations in the Disclosure Guidance. At a minimum, the fate of the defendants at the motion-to-dismiss stage may have been different, as the shareholder plaintiffs’ counsel would have been able to cite the company’s failure to abide by the Disclosure Guidance as being allegedly reckless and actionable. 

 

 

Additional theories of liability against officers and directors, and actions against non-public companies Securities Act violations, as alleged by the Heartland plaintiffs, are by far the most likely to be brought by shareholders alleging cyber-related material non-disclosures. However, plaintiffs who choose not to seek federal class-action status are free to assert claims based on state law theories of fraud, breach of fiduciary duty or negligence. Therefore, directors and officers should be aware that, in addition to Securities Act violations, state law remedies could support other types of action   especially against non-public or closely held companies faced with cyber/privacy liabilities. The DCF Disclosure Guidance further highlights that directors and officers continue to face exposure from the possibility of derivative suits.

 

 

The Disclosure Guidance: practical implications for non-public companies

 

Yes, the Disclosure Guidance only applies to public companies; but that doesn’t mean the recommended best practices do not affect private companies. 

 

 

A prudent public company subject to SEC reporting requirements will require its business partners, suppliers, vendors and others to provide it with parallel disclosures in order to avoid direct (or even vicarious) liability to those with whom it is in privity for those companies’ failings. Privately held entities also have business relationships with public corporations and so may find themselves required to perform the analyses and assessments suggested by the Disclosure Guidance, albeit indirectly, simply to maintain their competitive footing in the market. To illustrate, if you were a business client and your prospective public company associate provided you with all of its cyber-related disclosures, would you not insist upon similar disclosures from potential private company partners — irrespective of whether the Guidance applies to them?

 

 

As a private company submitting a business proposal to a prospective client who asks for such information, would you refuse? Of course not. The only practical solution is to evaluate your own cyber risks and exposures — and be in a position to address them. 

 

 

Why technology and cyber insurance has become a necessity

 

A typical CGL insurance policy defines ‘property damage’ as “physical injury to tangible property, including all resulting loss of use of that property”. Regrettably, many policyholders and brokers incorrectly assume that CGL policies extend to losses involving intangible property such as electronic data. This misconception is partially based on the intuition of policyholders and brokers that traditional policy forms should adapt to protect against evolving risks. While this belief may be understandable, it is not correct.

 

 

Beginning in 2001 (in other words, during the early emergence of electronic commerce), certain CGL policy forms added language that specifically excluded electronic data from their definitions of ‘property damage’. Additionally, professional liability policies often do not include coverage for the results of a cyber intrusion, and often contain exclusions when criminal acts are the cause of the loss. 

 

 

Even though a majority of cyber incidents may not be covered by traditional insurance products, 65 per cent of company respondents in a Carnegie Mellon University study indicated that their boards are not reviewing insurance coverage for cyber-related risks, notwithstanding that 86 per cent of respondents agreed that cyber and information-security risks pose at least a moderate danger to their organisation.

 

 

The study, published in March 2012, further found that boards and senior management are not engaging in key oversight activities such as setting policies and budgets to help protect against breaches and mitigate financial losses. Thus, although many corporate executives may appreciate the risks posed by cyber breaches, most do not follow up by taking steps to ensure that their companies purchase technology and cyber liability insurance. 

 

 

Technology insurance is analogous to traditional ‘tangible property’ insurance. It typically covers first-party loss such as business-interruption expense as well as the costs of a forensic expert, who would be retained to identify the cause of the technology breach, and other necessary expert consultants. In turn, cyber liability insurance provides third-party coverage that is designed to protect a company from legal claims brought by those whose personal information has been compromised.

 

 

Technology and cyber insurance can take many forms, with some insurers adding endorsements to a standard CGL policy that extend the coverage to technology and cyber risks. For example, Insurance Service Office (ISO) endorsements provide first-party coverage for loss of electronic data resulting from physical damage to tangible property. That, however, means companies may not be adequately protected against substantial risks if there is a different cause for the loss. Additionally, endorsements do not cover the crisis-management costs of lawyers, forensic experts, breach-notification letters etc.

 

 

Standalone technology and cyber insurance products are far more comprehensive and, typically, cost-effective. Although they may be marketed under various names, they generally cover similar risks and exposures. Covered losses in the first-party context include ‘data-breach expenses’, ‘cyber extortion’, ‘digital asset loss’ and ‘business-interruption loss’. However, as suggested by its name, first-party cyber insurance does not cover claims brought by third parties. Additionally, few products cover the expenses incurred to correct system problems and prevent future data breaches. 

 

 

In turn, third-party cyber insurance often fills in these gaps and may be referred to as ‘privacy liability insurance’, ‘network security liability insurance’ or ‘internet media liability insurance’. Despite the differing labels, each provides similar cover for third-party liability after a data breach, namely: ‘crisis-management expenses’, including notification costs, fraud monitoring, forensic investigations, public relations consultants and the costs of pursuing third parties responsible for the breach, ‘liability expenses’, including the costs of defending and settling lawsuits, and ‘regulatory expenses’, including the cost of compliance with SEC regulations.

 

 

Regardless of what form of insurance is purchased, companies and their insurance professionals must ensure that their policies are tailored to their own unique needs.

 

 

Why directors and officers’ insurance should supplement cyber insurance

 

In addition to purchasing tech/cyber insurance covering first-party and third-party exposure, both public and private companies should ensure that their D&O liability policies respond to cyber-related claims based on allegations of securities fraud, breach of fiduciary duty and alternative theories of liability. 

 

 

In the event of a data breach or a catastrophic first-party loss, it would not be surprising for shareholders’ counsel to file securities fraud and/or derivative suits against a company’s directors and officers alleging failure to properly disclose and manage risks and/or breach of fiduciary duty. Given the defence costs associated with such suits, even in the absence of liability exposure, it is essential to have a D&O policy that complements a cyber insurance policy. In this respect, a specialist insurance broker is not just helpful, it is a necessity.

 

 

Methods of preventing data breaches, and strategies in the event of an intrusion  

 

Ultimately, the responsibility for preventing cyber breaches falls on each individual company whose reputation is on the line. While government regulation may have advanced in addressing the problem of data breaches, it has been estimated that 85 to 90 per cent of a company’s assets are maintained on an electronic platform and susceptible to a tech/cyber crisis — and regulations alone cannot protect them. In some cases, they may be self-defeating, as the cost of regulatory compliance can consume much of a company’s ‘security’ budget. 

 

 

Of course, it is far less costly, from both a financial and reputational point of view, to prevent a cyber breach than to attempt after-the-fact mitigation of its negative effects.. This point is made clear by the 2012 ‘Data Protection & Breach Readiness Guide’, published by the Online Trust Alliance (OTA). The report advocates several ‘security best practices’ that could significantly reduce the likelihood of a tech/cyber loss. While the OTA provides 19 guidelines on ‘data governance and loss prevention’, four in particular bear mention. 

 

 

First, according to the OTA, companies should engage in data classification according to the level of the data’s sensitivity and tailor their software protection schemes accordingly. Next, the OTA advises that data minimisation can prevent a breach, as hackers cannot obtain information that is not kept on a system. Companies should review any sensitive information on their system and eliminate non-essential data that poses an unnecessary risk of data breach.

 

 

Third, companies should destroy data that is no longer in use. And fourth, the OTA suggests that companies provide employee awareness and readiness training to ensure that staff understand company policies on data collection and retention, and data-loss reporting procedures. 

 

 

In addition to taking steps to prevent an incident, organizations need to be ready to identify and deal with the results of any breach. They should have in place a data response team trained to respond to a breach in a co-ordinated and prompt fashion. This trained response team should include representatives from key groups within the company, including legal, information technology, information security, human resources, public relations and customer service. The data response team should have broad decision-making authority and be available 24/7. The initial goal of the group should be to evaluate systems and create plans and procedures to prevent and, if necessary, manage a tech/cyber incident.

 

 

Additionally, companies should determine the notification requirements that govern their industry. Since many state, federal and foreign regulations require prompt notification, it is important to work out in advance how the relevant individuals should be contacted, as it will significantly improve the company’s ability to mitigate consumer frustration and increase compliance. Should a breach occur, the response team and dedicated employees can move quickly to contain and repair the damage.

 

 

Conclusion

 

Although the DCF says the Disclosure Guidance is ‘advisory,’ it makes it equally clear that cyber-security risks may fall under existing SEC disclosure obligations in certain circumstances. Accordingly, a public company would be ill-advised to disregard the best practices provided by the DCF. 

 

 

The essential message is simple: if companies are aware of material cyber-security risks and/or incidents, and if disclosure of those risks or incidents would be material to investors, a company risks SEC action (not to mention shareholders’ and derivative actions) by failing to publicly disclose this information as part of its routine reporting requirements.    

 

 

Companies also should follow prudent security practices to reduce the likelihood of a data breach, and have a data response team ready to deal with and mitigate potential future damage in the event of a cyber incident. Perhaps most importantly, businesses should ensure that they have virtually seamless insurance coverage to deal with any such events. Just as our economy is evolving, so are the types of insurance available to meet a policyholder’s changing needs. 

 

 

Understanding the components of these new-age policies is critical, and executives should devote the time and resources needed to identify a specialist insurance broker who can assess a company’s vulnerabilities and ensure that it purchases the right products.

 

 

Data is a prized asset that warrants its own specific protection. Now is the time to ensure that your data and corporate executives are properly insured so that, when a cyber incident occurs tomorrow, your company and its directors and officers are not burdened with exorbitant costs and huge, uncovered potential exposures.

 

On Friday September 7, 2012, the University of Michigan Law School dedicated its new South Building, an impressive new facility that beautifully complements the school’s venerable Law Quadrangle (see picture below). U.S. Supreme Court Justice Elena Kagan delivered the keynote address at the dedication ceremony. (I attended the event because it coincided with my 30th law school class reunion.) Prior to the ceremony, Justice Kagan appeared on the stage with Michigan Law School Dean Evan Caminker for a question and answer session. The session is summarized below.

 

Kagan has been serving on the Court since August 2010, after a relatively short stint as Solicitor General. She previously served as Dean of Harvard Law School, following her service in various positions in the Clinton White House. She began her academic career at the University of Chicago Law School, after her judicial clerkship with U.S. Supreme Court Justice Thurgood Marshall.

 

Several of the initial questions for Justice Kagan concerned the way the Court has changed since her days as a judicial clerk. She noted that the Court is a “slow-moving institution’ Information technology “has not reached the Court,” and the justices still communicate with each other using written memoranda. The practices have not changed with technology because overall the Court “works well as an institution” and it has developed practices that “allow us to do our job.”

 

Justice Kagan did identify two things about the Court that have changed. First, a Supreme Court bar has developed, consisting of specialized lawyers who “understand what the exercise is all about” and who are “extremely good at it.” It means that the justices “get answers to our questions” and can “engage in the kind of dialog that we all want.” She commented that with the experienced practitioners, “there’s a kind of comfort level” and “informality.” She noted that states “are really getting their act together,” and that the quality of the representation of the states’ interests “has really gone up.”

 

She added that it is” frustrating” when “we don’t get good lawyers.” She noted one particularly area of weakness “on the criminal defense side” She commented that she hoped in the future that the criminal defense bar would do something along the lines of what the states have done.

 

Another thing Justice Kagan said has changed is that Court now has “a more active bench.” She noted that the current practices began with Justice Antonin Scalia who “wanted to try to make the hour more useful.” All of the more recent appointees, she observed, are more active questioners than the justices they replaced, noting as an example that she asks more questions than did Justice Stevens (whose place she took on the Court). She did allow, with respect to the justices’ questions, that it may be getting “into the place where” the level of questioning “is too much.” She said that Chief Justice Roberts is an effective “traffic cop,” but she wonders whether “he should have to do that,” adding that perhaps “we should step it back a little.”

 

She did say that the oral arguments do matter. She said that the briefs are more important, but that the arguments “can make a difference—both ways, you can sway or you can lose a case.” The lawyers know the crux of the case, and “when you hear them say it,” the justices ask themselves – particularly in cases where they are not yet sure where they stand – “how does that sound to me?” She added that oral argument can make a difference even sometimes in cases where going into the argument "you think you have it figured out.”

 

Another difference at the Court that she noted comparing to what she observed as a law clerk is that there are differences in the amount of communication around the Court. Her observation is that the level of communication between the justices outside of the conference has changed. She added that she has noted that even in the conference, there is a great deal of “back and forth,” particularly when they justices have not “yet arrived at a theory that can get five votes.” She added the observation that “it is a great court full of thoughtful and smart people.”

 

In response to a question, she commented on the role of the judicial clerks. She said that they “do what they ought to be doing.” They “are not deciding cases,” adding that the “notion” that has been advanced in certain parts of the popular press that judicial clerks get involved in deciding cases is “an unfounded idea.” She said one very important role that the clerks play is helping to winnow the thousands of petitions the court receive, adding that the clerks “principal role” is helping to “figure out what cases to take.” The clerks sort through the 10,000 petitions to “identify “the 200 to 300 cases worth looking at.” She added that they do “an extremely good job” at that.

 

She took pains to emphasize that she writes her own opinions, and while she asks her clerks to draft position statements, she warns her clerks that “if you see a single sentence you wrote in the Supreme Court Reporter, that will be a big day in your life.”

 

She did acknowledge that it does have an effect when the Court takes up a high profile case. She noted that it is “hard not to be aware there’s a lot of scrutiny.” She said that she “doesn’t think it affects the way we go about our work and they way we do our function.” Those who believe that the things they are saying “have some effect” on the Court “would be disappointed.” Even if there is “political controversy,” it “does not affect our consideration of the cases.” She felt that in a democracy, people “should be free to criticize the Court” but the Court “shouldn’t be pressured to do things,” and she is “100% certain we are not pressured.”

 

A student questioner raised the concern that recent polls had shown that the public respect for the Court as an institution has declined and that there are increasing concerns that the Court is deciding cases with decision splits determined according to the party of the Presidents that appointed the various justices. The student asked what the Court could do to eliminate these perceptions.

 

Justice Kagan responded (noting, after a lengthy pause, that it was a “very serious question”) that she is aware of the polls. She commented that in general people’s “trust in all institutions has declined,” so the decline in the public respect for the Court may “not have anything to do with what the Court has done.” She did say that she “wouldn’t want to discount the feeling that the Court has become divided politically.” She added that “it is really bad thing if the public thinks” cases are being decided on a political basis, and that it is “worth thinking about why this is and what can be done.”

 

One reason for this public view may be the number of 5-4 decisions. The cases that are decided by a 5-4 vote only represent about ten out of the 80 cases decided in a term, but some of these are “important cases.” The concerns can arise when there is perception that the votes are “consonant” with “who has nominated the justices,” something that “has not been the case historically.” She stressed that “there is not … a single vote that is made because of whether I like the President or not, or because I do or do not want to help one party or another.” She acknowledged that given the various justices’ different backgrounds and points of view, “we approach cases in different way” adding that “we may have different views on how we regard precedents.” It would be, she allowed, better “if there were fewer of these [5-4] decisions.” But as “each case comes along, you have to decide it, you can’t decide it in a way to avoid these kinds of splits.”

 

She noted that many people believe that the Court is polarized, often because of colloquy or commentary that may appear in published opinions. She said that one justice advised her that “if you take those things personally, you are going to have a long life tenure.” She understands that some people may read statements in some opinions and think “they must hate each other.” She said that, to the contrary, “we like each other a lot,” that the Court is “quite collegial,” that all of her colleagues are “quite warm.” The disagreement that occurs is “part of the job,” and she believes that all of the justices “are operating in good faith.” Besides, she noted, “life tenure is long” and it “would not be pleasant or useful to hold big grudges.”

 

Justice Kagan noted, in response to a question, that there are now three female justices and that it “would be even better if there were five” (a comment that drew audience applause). She said, however, that it makes “precious little difference in what happens in the conference room.” The value she sees from the presences of women on the Court is that it “changes how the Court looks to the outside world.”

 

When asked her views about the possibility of cameras in the Supreme Court’s courtroom she said that before she went on the Court she would have said, “Sure, why not?” She believes that “transparency is good.” However, now that she is on the Court, she wonders whether the presence of the cameras might “make me think about how I ask a question.” She also noted that following the oral arguments in the health care case, the Court issued audio tapes of the arguments, and almost immediately parts of the arguments were made into political advertisements. She worries that if there were video of the arguments, there would be much greater use of that type. She is “hopeful” that other courts will experiment to see what works best, but “wouldn’t volunteer the Court to be the first.”

 

She did have some interesting comments on her role as the most junior member of the Court. Because she has the shortest tenure on the bench, she does have certain duties. One is that she must answer the door if someone knocks while the justices are meeting in conference, and she is also responsible for taking notes in conference (two duties that she notes have a certain incompatibility). She added that she also serves on the Court’s cafeteria committee, where one of her greatest accomplishments has been to arrange to have a frozen yogurt machine installed in the cafeteria. (This statement drew applause from the audience, with respect to which Justice Kagan noted that “That was the reaction of the Court staff as well.”)

 

The New South Building at the University of Michigan Law School::

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The Pre-Game Ceremony from the Michigan-Air Force Football Game: You have to watch this short but totally awesome video tape of an event that occured during the pre-game ceremony at the Michigan-Air Force Football Game on Saturday. The event was even more awesome live because it was completely unexpected;there was absolutely no warning of what was about to happen.

Many of the toxic mortgage-backed securities that were a key part of the subprime mortgage meltdown were sold in multiple separate offerings based on the same shelf registration statement but separate prospectuses. Each separate offering included multiple securities at varying tranches of seniority and subordination. In the litigation following the subprime meltdown, defendants in suits bought by mortgage-backed securities investors have had considerable success in arguing that the claimants have standing only to assert claims only with respect to the specific offerings and tranches in which the claimant had invested, and lacked standing to assert class claims on behalf of investors who purchased securities in other offerings and tranches.

 

The plaintiffs may now have a potent tool to try to fight these standing arguments. In a September 6, 2012 opinion (here), the Second Circuit ruled  — in a case involving mortgage-backed securities issued by a unit of Goldman Sachs — that the investor plaintiff had standing to assert claims relating not only to the specific offerings in which the plaintiff invested but also the claims of investors in other related offerings, to the extent that the securities in the other offerings were backed by mortgages originated by the same lenders that originated the mortgages backing the plaintiff’s securities. The Second Circuit also rejected the argument that the plaintiff lacked standing to assert claims on behalf of investors in  the different tranches. Finally, the Second Circuit also held the plaintiff need not plead an out-of-pocket loss in order to allege a cognizable diminution in the value of an illiquid security under Section 11.

 

Background

During the period of 2006 to 2007, a unit of Goldman Sachs sold mortgage-backed certificates in 17 separate offerings, using a single shelf registration statement and a separate prospectus for each of the offerings. Each offering included securities at varying tranches of seniority or subordination. The mortgages backing the offerings had been originated by different mortgage originators. For example, mortgage issued by National City Mortgage Corp. backed six of the seventeen offerings, and Countrywide originated mortgages backed five of the offerings and so on.

 

The plaintiff had purchased securities in two of the offerings. As the mortgage meltdown unfolded all of the securities were downgraded. Believing that the securities were now worth substantially less than their cost, and believing that they had been misled about the mortgage origination practices of the mortgage originators, the plaintiff filed an action against the Goldman Sachs entities asserting claims on behalf of investors who purchased securities in all 17 offerings.

 

The district court ruled that the plaintiff had standing to assert claims only on behalf of investors i n the offerings and tranches in which the plaintiff had invested, but lacked standing to represent investors who purchased shares in the other offerings and tranches. As discussed here, the district court also held that because the plaintiff had not alleged that they had failed to receive payments due under the certificates, they had failed to allege injuries cognizable under the federal securities laws. The district court dismissed the plaintiff’s case. The plaintiff appealed to the Second Circuit.

 

The September 6 Opinion

In an opinion written by Judge Barrington Parker on behalf of a three-judge panel, the Second Circuit held that the plaintiff has class standing to assert claims of purchasers of securities backed by mortgages originated by the same lenders that originated the mortgages backing the plaintiff’s securities.

 In reaching this conclusion, the Second Circuit relied on the U.S. Supreme Court’s opinion in Gratz v. Bollingerin whcih the Supreme Court held in a case involving the University of Michigan’s admission practices that a claimant could represent a class of plaintiffs where the claimant’s claims implicate "the same set of concerns" rather than a "significantly different set of concerns." ,

 

The Second Circuit said that in a securities case where the alleged misrepresentation involved the mortgage lenders’ origination practices, the plaintiff had standing to represent a class of investors in the offerings in which the same mortgage lenders were involved, because the plaintiffs’ claims and the other investors’ claims implicate the “same set of concerns.” The purchasers of securities backed by mortgages originated by different mortgage originators were “different in character and origin” and so the plaintiff did not have class standing to represent those investors. As a result the Court concluded that the plaintiff had standing to represent investors in seven out of the 17 offerings.

 

The Second Circuit also rejected the defendants’ argument that the plaintiff lacked class standing to represent investors in different tranches. The Court said that it did not believe that the “varying levels of payment priority raise such a ‘fundamentally different set of concerns’ as to defeat class standing.”

 

Finally, the Second Circuit concluded that the plaintiffs had “plausibly pled a cognizable injury – a decline in value” as a result of the securities credit downgrade, which exposed the plaintiff to much more risk concerning future payments of interest and principle. The Court specifically rejected the defendants arguments that the plaintiff had suffered no loss because it had not alleged that there had been any missed payments under the securities, and also rejected the defendants argument that the plaintiff had not sufficiently alleged injury because the plaintiff had not sufficiently alleged the existence of secondary market for the securities. The Court said that the district court had “conflated the price of a security and its ‘value,” adding that the absence of an actual market price for a security at the time of the suit “does not defeat an investor’s plausible claim of injury.”

 

Discussion

The Second Circuit’s decision in this case not only represents a substantial victory for this plaintiff, but also for the plaintiffs in all of the cases involving mortgage-backed securities where the plaintiffs seek to represent a class of investors who purchased securities in multiple offerings. The Second Circuit made it clear that the mere fact that the plaintiff did not purchase securities in another related offering is not determinative of whether or not the plaintiff has class standing to represent investors in the other offerings. The Second Circuit also made it clear that the plaintiff has class standing to represent investors in other tranches as well.

 

Plaintiffs in the other cases will undoubtedly be studying this opinion closely and will try to use it to support their claims to represent a larger class of investors. However, this opinion is not going to help all plaintiffs, at least not in the same way. The Second Circuit did not conclude that the plaintiff here had standing to represent investors in all of the 17 offerings, but only in those offerings that involve “the same set of concerns.” The plaintiff lacked class standing to represent investors whose claims represent a fundamentally different set of concerns

 

In other works, the extent of a plaintiff’s standing to represent investors who purchased securities in multiple mortgage-backed securities offerings will depend on a complex interaction between the specifics of the misrepresentation that plaintiff is alleging and the relation of the misrepresentation to the various offerings.

 

This requirement to determine whether or not the other offerings implicate the “same set of concerns” as presented in the plaintiff’s claim will be more helpful to some plaintiffs than others. But at least they will not categorically barred from representing investors who purchased securities in other offerings. And they will not be barred from representing investors who purchased securities in other tranches as well.

 

The Second Circuit’s holding on the cognizable injury issue is also significant. From the early stages of the subprime litigation wave, commentators had been suggesting that the “paper losses” of the plaintiffs in the mortgage-backed securities cases did not represent the type of injury for which the protections of the federal securities laws were designed. The district court’s dismissal of the plaintiffs’ case for failure to plead a sufficiently cognizable injury seemed to be a significant affirmation of this argument. However, the Second Circuit seems to have clearly rejected this approach, and may in fact remove a significant potential pleading obstacle for the plaintiffs in these mortgage-backed securities cases.

 

I have updated my running tally of subprime and credit crisis securities lawsuit dismissal motion ruling to reflect the Second Circuit’s ruling. The tally can be accessed here.

 

David Bario’s September 6, 2012 Am Law Litigation Daily Article about the Second Circuit’s opinion can be found here.

 

Very special thanks to a loyal reader for sending me a copy of the Second Circuit’s opinion.

 

Every fall since I first started writing this blog, I have assembled a list of the current hot topics in the world of directors’ and officers’ liability. This year’s list is set out below. As should be obvious, there is a lot going on right now in the world of D&O, with further changes just over the horizon. The year ahead could be very interesting and eventful. Here is what to watch now in the world of D&O:

 

How Significant Will the Libor Scandal-Related Litigation Be?: The Libor scandal itself first began to unfold more than four years ago, following a series of articles in the Wall Street Journal. But with the dramatic announcements in late June of the imposition of fines and penalties of over $450 million against Barclays PLC, the scandal has shifted into a higher gear and has become one of the leading stories in financial papers around the world. At this point, it is apparent that the Libor scandal is going to be one of the hot topics for months and perhaps years to come. An overview of the scandal and of the key developments in recent months can be found here.

 

As is often the case when scandal breaks, the investigative and regulatory developments have been followed by litigation. As discussed here, some of the litigation began to emerge over a year ago, but with the Barclays regulatory settlements, there has been a raft of more recent litigation. Many of the lawsuits have raised antitrust allegations, but at least one of the recent lawsuits – one brought by Barclays shareholders – involves claims under the federal securities laws.

 

It does seem probable that by the time this scandal plays itself out, there will be many more regulatory settlements, some of which might make the Barclays settlements look like pocket change. A related question is whether the banks’ civil litigation exposures are going to be similarly enormous. It is clearly far too early to know for sure. But there are a number of factors that should be kept in mind on the question of what the Libor-scandal litigation might mean for the D&O insurance industry.

 

First, many of the undoubtedly huge costs that are looming likely will not represent insured amounts. The regulatory fines and penalties will not be insured. The company investigative costs also are likely not covered. In addition, most of the antitrust litigation filed to date has named only corporate defendants. Under the typical D&O insurance policy, the companies themselves are only insured for securities claims. So the antitrust litigation, for example, would likely not be covered under the typical D&O insurance policy.

 

In addition, many of these large banks do not carry traditional D&O insurance or may only have restricted insurance. In some instances, the banks’ insurance may include a substantial coinsurance percentage or a massive self-insured retention. Other banks may only carry so-called Side A only insurance, which covers individual directors and officers only and is only available when the corporate entity is unable to indemnify the individuals due to insolvency or legal prohibition. Given that none of the potentially involved banks have failed, it seems unlikely that this Side A only coverage would be triggered.

 

In the end, while the Libor scandal related follow-on litigation could be massive, the Libor scandal may not prove to be a significant event for the D&O insurance industry. Of course, developments could prove this analysis wrong. The plaintiff lawyers may come up with creative ways to expand the universe of defendants, or claimants may meet with unexpected success in asserting claims outside the U.S. If these kinds of things were to happen, then the Libor scandal could prove to be a more serious event for the D&O insurance industry. But as things stand, it does not appear that this scandal is, by itself, going to change the market.

 

What Will the Impact of the JOBS Act Be?: On April 5, 2012, President Obama signed into law the Jumpstart Our Business Startups Act (commonly referred to as the JOBS Act). As discussed at greater length here, the JOBS Act contains a number of IPO “on ramp” procedures designed to ease the process and burdens of the “going public process” for Emerging Growth Companies (EGCs). For example, EGCs can elect to submit their IPO registration statement for SEC review on a confidential, nonpublic basis, although the registration statement must be publicly filed at least 21 days before the IPO roadshow. Among the other features of Act that has attracted the most attention are the legislation’s provisions for “crowdfunding.” Under these provisions, a company is permitted to raise up to $1 million during any 12-month period through an SEC-registered crowdfunding portal

 

It was hoped that the legislation would encourage EGCs and facilitate job creation. However, as discussed in Jason Zweig’s August 4, 2012 Wall Street Journal article entitled “When Laws Twist Markets” (here), at least so far the one thing the Act seems to have produced is “unintended consequences.”

 

By way of illustration, Zweig cites as an example of one company trying to take advantage of the JOBS Act’s streamlined IPO procedures and reduced reporting requirements the 132 year-old British football club, Manchester United. Zweig also refers to “blind pools” and “blank check” investment funds that are angling to take advantage of the JOBS Act’s provisions. Neither type of company is likely to contribute to job creation in the United States. Zweig also reports that at least seven Chinese companies are converting to JOBS Act reporting provisions, in order to be able to reduce the disclosures they are required to file; as Zweig points out, this is “no trivial matter since several other Chinese-based companies have recently been accused by U.S. regulators of filing misleading financial statements.”

 

The Act’s reduced reporting requirements are also producing some unintended consequences.  A number of commentators have noted that while these JOBS Act provisions may serve the laudable goal of easing the IPO process, these provision also introduce risks for investors. Nor are these remarks just coming from sideline commentators. Many of the most specific warnings are coming from the companies themselves.

 

In her May 15, 2012 CFO.com article entitled “A New Risk Factor: The JOBS Act” (here), Sarah Johnson reports that for many of the companies taking advantage of the JOBS Act IPO on-ramp provisions, the fact that the companies are relying in the JOBS Act “is itself a risk factor.” Her article notes that recently a number of companies “have warned investors in their prospectuses filed with the Securities and Exchange Commission that the JOBS Act’s breaks on SEC rules could actually be a turnoff.” By way of example, she quotes Cimarron Software’s recently filed S-1, in which the company states that “we cannot be certain if the reduced disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.”

 

A common assumption about the new crowdfunding procedure is that it will be most beneficial to start-up companies. But at least according to a May 9, 2012 CFO.com article (here), due to the procedural burdens and costs associated with the JOBS Act’s crowdfunding provisions, crowdfunding is unlikely to be an attractive alternative for start-up companies.

 

According to the article, the crowdfunding provisions in the JOBS Act may be “too complex and onerous” and “not very cost-effective”   for an early-stage company. Among other things, entrepreneurs launching a new venture “may lack the financial acumen and robust business plans they’ll need to comply with the JOBS Act” and they also “may not have the cash to hire the accountants and lawyers they will need to navigate the law.”  In addition, as discussed here, many commentators are concerned that the potential for fraud on the crowd may outweigh the promise of new financing for legitimate startups. Among other reasons for these concerns is that with crowdfunding, “the risk of fraud increases because the pool of investors includes those who have no personal relationship with the business owner and who may be geographically remote from and thus unable to oversee the business itself.

 

From the perspective of the directors and officers of companies seeking to raise capital through crowdfunding, it is important to note that the crowdfunding activity entails its own liability exposures. The JOBS Act expressly incorporates provisions imposing liability on crowdfunding issuers for misrepresentations and omissions in the offerings, on terms similar to the existing provisions of Section 12 of the Securities Act of 1933. Under these provisions, a person who purchases securities issued under the crowdfunding exemption may bring an action based on any material misrepresentation or omission against the issuer, directors and executives for a full refund or damages.

 

It is also worth noteworthy that these crowdfunding provisions may blur the clarity of the division between private and public companies. The crowdfunding provisions seem to expressly contemplate that a private company would be able to engage in crowdfunding financing activities without assuming public company reporting obligations. Yet at the same time, that same private company will be required to make certain disclosure filings with the SEC in connection with the offering and could potentially incur liability under Section 302(c) of the JOBS Act

 

Private companies interested in taking advantage of the crowdfunding provisions once they become effective will want to review their D&O insurance policies’ public offering exclusions to determine whether or not these exclusions would preclude coverage for a crowdfunding liability action under Section 302(c) of the Jobs Act. The wordings of this exclusion vary widely among different policies, and some wordings could be sufficiently broad to preclude coverage.

 

Going forward, however, carriers may seek to adjust the wordings of these exclusions or other policy provisions in light of the crowdfunding liability exposure. Some carriers may try to take the position that crowdfunding liability is a kind of risk that they did not intend to cover in a private company D&O insurance policy. Indeed, some private company D&O Insurers have already introduced “Crowdfunding” endorsements designed to narrow or eliminate the carriers’ potential exposure to liability incurred in connection with crowdfunding activities.

 

As was the case with the Sarbanes-Oxley Act and the Dodd-Frank Act, the D&O insurance industry may face a long period where it must assess the impact of changes introduced by this broad, new legislation. It may be some time before all of the Act’s implications and ramifications can be identified and understood. It will be important for companies and their advisors to monitor these developments as they unfold

 

What Will Happen to the Pace of Banking Closures and FDIC Failed Bank Litigation Filings?: The pace of bank failures has slowed considerably during 2012. Year to date through August 31, 2012, there have been a total of 40 bank closures, compared to 74 during the period January 1, 2011 through August 31, 2011. Since January 1, 2008, 454 banks have failed, but during the month of August 2012 only a single bank failed. In addition, the number of banks the FDIC has ranked as problem institutions has also declined for five consecutive quarters.

 

But though both the number of bank failures and the number of problem institutions are declining, the FDIC’s most recent Quarterly Banking Profile shows that the FDIC still ranks over ten percent of the nation’s depository institutions as problem institutions. In other words, though the pace of bank failures may have slowed, there may be much further to go before the current banking crisis is completely behind us. 

 

As was the case during the S&L crisis two decades ago, the current wave of bank failures has also led to an influx of lawsuits brought by the FDIC, as receiver for the failed banks, against the banks’ former directors and officers. Through August 31, 2012, the FDIC had filed a total of 32 failed bank lawsuits, including 14 so far during 2012. The pace of the FDIC’s lawsuits filings has slowed considerably as the year has progressed. During the first four months of the year, the FDIC filed eleven lawsuits. However, between April 20, 2012 and August 31, 2012, the FDIC filed only three additional lawsuits. Indeed, since mid-July, the FDIC has not filed any additional failed bank lawsuits.

 

This apparent lull in lawsuit filings is surprising, for a couple of reasons. First, during the equivalent period three years prior to the apparent filing lull, there were a host of bank closures, over 50 in all. In light of the three year statute of limitations, one would have expected the last few months to have been a period of heightened filing activity.

 

The filing lull is even more surprising given that the FDIC itself has indicated that it has approved many more lawsuits than have actually been filed so far. As of August 14, 2012, the last date on which the FDIC updated its website, the agency indicated that his has now authorized suits involving 73 failed institutions; against 617 individuals for D&O liability. So far the agency has filed 32 suits involving 31 failed institutions, involving 268 individuals.

 

In view of the substantial gap between the number of authorized lawsuits and the number filed so far, it seems likely that the pace of failed bank lawsuit filings will pick back up at some point. But given the current lull, it does start to seem that perhaps there will not be as much overall failed bank litigation as had originally seemed likely. Even just a short time ago, some commentators had been predicting there might be a total of 86 FDIC lawsuits against the directors and officers of failed banks as part of the current bank failure wave. The final number may prove to be lower than projected.

 

Now That the First Dodd-Frank Whistleblower Bounty Has Been Paid, Will We See More Enforcement Actions and Follow-On Civil Litigation Based on Whistleblower Report?: When the whistleblower bounty provisions in the Dodd-Frank Act were enacted, there were concerns that the provisions – allowing whistleblowers an award between 10% and 30% of the money collected when information provided by the whistleblower leads to an SEC enforcement action in which more than $1 million in sanctions is ordered – would encourage a flood of reports from would be whistleblowers who hope to cash in on the potentially rich rewards.

 

We may now be closer to finding out whether or not these concerns were valid. As reflected in the SEC’s August 21, 2012 press release (here), the agency has now made its first whistleblower award for the relatively modest amount of $50,000. According to the press release, “the award represents 30 percent of the amount collected in an SEC enforcement action against the perpetrators of the scheme, the maximum percentage payout allowed by the whistleblower law.”

 

The press release also explains that the whistleblower’s assistance led to a court ordering more than $1 million in sanctions, of which approximately $150,000 has been collected thus far. The court is considering whether to issue a final judgment against other defendants in the matter. Any increase in the sanctions ordered and collected will increase payments to the whistleblower.

 

The recent award may be the first under the bounty program, but it is clear that there will be many more to come. The SEC’s August 21 press release quotes SEC Chairman Mary Schapiro as saying that “The whistleblower program is already becoming a success. We’re seeing high-quality tips that are saving our investigators substantial time and resources.” The press release also quotes the head of the SEC’s whistleblower office as saying that since the program was established in August 2011, about eight tips a day are flowing into the SEC, adding that “the fact that we made the first payment after just one year of operation shows that we are open for business and ready to pay people who bring us good, timely information.”

 

It seems obvious that whistleblowers, motivated by the bounty program, are coming forward to report securities law violations. It also seems probable that some (perhaps many) of the situations reported would not otherwise come to the attention of the SEC, and that with these reports the pace of enforcement activity will increase.

 

These developments have companies worried. As discussed in an August 29, 2012 CFO.com article (here), some companies are worried that because of the lure of the bounty award, company employees will bypass internal reporting mechanisms and go straight to the SEC. And not only is it a concern that more companies could find themselves having to deal with SEC enforcement activity, it is entirely possible that the enforcement activity will in turn lead to follow-on litigation in the form of shareholder derivative suits, and even in some cases increased securities class action litigation.

 

It is far too early to tell whether and to what extent any of these concerns actually will come to pass, especially since there has still only been just one whistleblower bounty award. Nevertheless, there definitely so seem to be reasons for companies to be concerned.

 

Will Congress Take Steps to Increase Corporate Officials’ Liability Exposures and Narrow Their Protection?: As if it were not enough that through the Dodd-Frank whistleblower provisions that Congress has enacted provisions to increase the likelihood of SEC enforcement action, a bill now pending in Congress could increase the size of the penalties the SEC can impose.

 

As discussed in greater detail here, on July 23, 2012, Democratic Rhode Island Senator Jack Reed and Republican Senator Charles Grassley introduced a bill titled The Stronger Enforcement of Civil Penalties Act of 2012 to increase the SEC’s civil monetary penalties authority and to directly link the size of those penalties to the scope of the harm and investor losses. The Senators’ joint July 23, 2012 press release about the Bill can be found here. The Bill has been referred to the Senate Committee on Banking, Housing, and Urban Affairs.

 

The Bill proposes to update the maximum money penalties the SEC can obtain from both individuals and from entities, and further provides that the penalties may be obtained both in enforcement actions filed in federal court and in the agency’s own administrative actions (currently the SEC must file a civil enforcement action in order to seek penalties).

 

The increased penalties proposed by the new Bill are scaled to the seriousness of the offense. For the most serious offenses (specified as the third tier violations involving fraud, deceit or manipulation) the per violation penalty for individuals may not exceed the greater of $1 million; three times the gross pecuniary gain; or the losses incurred by victims that result from the violation. The maximum per violation penalty the SEC can seek from entities is limited to the greater of $10 million; three times the gross pecuniary gain; or the losses incurred by victims.

 

For less serious violations, the maximum amount the SEC may seek is correspondingly lower. For individuals, the per violation penalty may not exceed the greater of $100,000 or the gross pecuniary gain as a result of the violation. The equivalent per violation limit for entities is the greater of $500,000 or the amount of the pecuniary gain. The maximum per violation penalty amount for violations not involving fraud or deceit is the greater of $10,000 for individuals or the amount of the pecuniary gain, and for entities, the greater of $100,000 of the amount of the pecuniary gain

 

The bill was submitted at the request of SEC Chairman Shapiro, enjoys bipartisan support, and represents policies that President Obama has advocated, so it seems likely to pass into law. The practical implication seems to be not just that the SEC will seek higher penalties, but will seek penalties more often, given the proposed new authority to seek penalties in administrative actions. With greater firepower at its disposal, the SEC may become even more active, and perhaps even more aggressive.

 

In a separate development, on May 30, 2012, Representative Barney Frank introduced a bill entitled the “Executive Compensation Clawback Full Enforcement Act” (here) that by its own terms is designed to “prohibit individuals from insurance against possible losses from having to repay illegally-received compensation or from having to repay civil penalties.” The proposed Act’s appears primarily addressed to the compensation clawback sections in the FDIC’s “orderly liquidation authority” in the Dodd-Frank Act. However, the proposed Act’s separate prohibition of insurance for “civil money penalties” appears to address the long-standing question of insurance for civil money penalties imposed on bank officials by the FDIC. Rep. Frank’s bill is discussed in greater detail here. The bill has been referred to the House Subcommittee on Financial Institutions and Consumer Credit.

 

From news coverage of Rep. Frank’s introduction of the bill, the proposed Act appears to be expressly addressed to certain compensation clawback insurance products that have been introduced into the marketplace. Frank himself is quoted as saying “"the creation of insurance policies to insulate financial executives from claw-backs is one more effort by some in the industry to perpetuate a lack of accountability.”

 

The proposed Act’s provisions also seem expressly designed to address the question of insurance for the FDIC’s imposition of “civil money penalties” against senior officials at depositary institutions. The question of insurability of civil money penalties is a long-standing one. As discussed in a prior guest post on this site, the FDIC has taken the position on an individual institution level basis that insurance protecting individual bank directors and officer from civil money penalties is prohibited. But while there was some discussion of and concern about these issues, the question of insurability of civil money penalties remained an uncertain issue (at least for the banks themselves, if not for the FDIC). However, if Rep. Frank’s bill becomes law, or at least of its provisions prohibiting insurance of civil money penalties becomes law, the question would obviously be resolved.

 

What Will Be the Impact of the Amgen Case, Now Pending Before the U.S. Supreme Court?: Over the course of the past several years, the U.S. Supreme Court has shown an unusual willingness to take up securities cases. During the upcoming term, the Court will once again be considering an important securities case. As discussed here, on June 11, 2012, the Court granted the petition of Amgen for a writ of certiorari in a securities lawsuit pending against the company. As a result, next term the Court will be addressing the question of whether securities plaintiffs must establish in their class certification petition that the alleged misrepresentation on which they rely was material.

 

In the Amgen case, the plaintiff had sued Amgen and certain of its directors and officers seeing damages under the federal securities laws based on alleged misrepresentations about the safety of certain of the company’s products. The plaintiff moved to certify a class of Amgen shareholders. The defendants opposed the motion, arguing that the plaintiff was not entitled to a class-wide presumption of reliance based on the fraud-on-the-market theory, because the plaintiff could not show that the alleged misrepresentations were material. To the contrary, the defendants argued that as a result of analyst reports and public documents, the market was aware of the information that the plaintiff alleged had been concealed. The district court rejected the defendants’ arguments and certified a plaintiff class, rulings that the Ninth Circuit affirmed.

 

Amgen then filed a petition to the Supreme Court for a writ of certiorari. In its petition, a copy of which can be found here, Amgen argued that there is an “irreconcilable conflict” in the federal judicial circuits on the question of whether or not a plaintiff must establish materiality at the class certification stage. According to the cert petition, the Second and Fifth Circuits have held that a plaintiff must prove materiality for class certification and that defendants may present evidence to rebut the applicability of the fraud-on-the-market theory at the class certification. The Seventh and Ninth Circuits, by contrast, hold that district courts are barred from considering materiality at the class certification stage.

 

The Third Circuit, according to the petition, has adopted an “intermediate approach” which holds that a plaintiff does not need to demonstrate materiality as part of an initial showing before class certification, but that defendants may rebut the applicability of the fraud-on-the market theory by disproving the materiality of the alleged misrepresentation.

 

In its cert petition, Amgen stressed the “in terrorem power of certification” in the securities litigation context, which often compels defendants to enter into massive settlements. The presence or absence of this kind of pressure will, Amgen argued, depend on the circuit in which the case was filed. In the Seventh and Ninth Circuits, the company argued, defendants “will frequently be forced by practical realities, to settle cases for enormous sums regardless of whether they have a meritorious materiality defense,” while in the Second and Fifth Circuits, the plaintiffs would have to establish materiality as a precondition to class certification, and in the Third Circuit, the defendants would have the opportunity to rebut any materiality showing.

 

As the Morrison & Foerster firm said in its June 11, 2012 memorandum about the Supreme Court’s cert grant in the Amgen case,

 

A clear answer from the Supreme Court to these questions could have a significant impact on securities litigation. A decision that endorses the Ninth Circuit’s approach could made securities litigation more costly for defendants, particularly in circuits where plaintiffs are presently required to prove materiality at class certification. Conversely, a decision rejecting the Ninth Circuit’s approach could provide defendants an early opportunity to challenge the viability of class action claims.

 

In addition, there is the possibility here that the Supreme Court — rather than narrowly interpreting the existing standard for the applicability of the fraud-on-the-market presumption — does something more radical instead, like entirely redefining whether, when and how the fraud-on-the market presumption might apply. Indeed, this case presents the Court with its first clear chance to revisit the doctrine since it was first articulated nearly a quarter of a century ago.

 

In other words, the Roberts court has once again agreed to hear a case that at least potentially could have an enormous impact on the class action securities litigation exposures of public companies and their directors and officers. The case will be argued and decided during the Supreme Court term commencing in October.

 

How (and When) Will the Long-Running Credit Crisis Litigation Wave Finally Play Out?: The first of the subprime and credit crisis related securities suits was filed in February 2007. Over the course of the following years over 240 credit crisis securities class action lawsuits ultimately were filed, and during the past five years the cases have slowly been making there way through the system.

 

Many cases have been dismissed, and of the cases that have survived dismissal motions many have been settled. The latest case to settle was the high profile Citigroup case, which the parties announced on August 29, 2012 (here) had been settled for $590 million. A number of other cases have settled in recent months, including the Bear Stearns case, which settled earlier this summer for $275 million. My running tally of subprime and credit crisis-related securities suit resolutions, including settlements, can be accessed here.

 

The securities litigation related to the subprime meltdown and credit crisis has not produced any settlements on the scale of the mammoth, multi-billion dollar settlements in the era of corporate scandals a decade ago, but in the aggregate and on average, the credit crisis litigation has produced very significant settlement numbers. With these latest settlements, the aggregate amount of all of the subprime and credit crisis-related lawsuit settlements to date is about $5.5 billion. The average settlement is about $103.8 million, but if the three settlements over $500 million are taken out of the equation, the average drops to about $73.22 million.

 

The pace of settlements in these cases appears to have slowed somewhat during 2012 compared to a year ago. During 2011, 22 of the subprime meltdown and credit crisis securities suits settled, including sixteen between January 1, 2011 and August 31, 2011. However, during the same eight month period during 2012, only eleven cases settled.

 

Though the pace of settlements may have slowed, that does not necessary we are reaching the conclusion of this aggregate litigation event. Many cases continue to work their way through the system, and some of the highest profile cases are yet to be resolved, including the BofA/Merrill Lynch merger case, the AIG case, and the Citigroup bondholders’ case. As these cases and others work themselves out, they will continue to weigh on the results of the affected D&O insurers. It will be some time yet before we can calculate the final tally on the subprime and credit crisis litigation wave.

 

Will the Many Other Scandals Roiling the Financial Industry Lead to Additional Claims?: The Libor-scandal is far from the only financial scandal in which the financial industry had become mired recently. Unfortunately, a host of other scandals involving the industry have also emerged or expanded over the summer. These recent scandals may also lead to claims, and some cases already has.

 

First, there’s the money laundering scandal. In July, the U.S. Senate released a report alleged that over the last decade HSBC failed to implement anti-money-laundering protections and evaded Treasury sanctions against Iran, Myanmar, and others. The Senate report says HSBC facilitated the flow of billions of dollars between Mexico and the U.S. despite warnings drug money was involved, and provided cash to banks with ties to terrorist groups. The report also faulted the government’s Office of the Comptroller of the Currency for taking virtually no action against the bank despite being aware of problems for years. In late July, HSBC said that HSBC said that it had set aside $700 million to cover the potential fines, settlements and other expenses related to the money-laundering inquiry.

 

Second, in early August, the New York Department of Financial Services raised allegations that Standard Chartered had disregarded Treasury sanctions by allowing transactions with Iranian banks worth as much as $250 billion to pass through its New York office and that the bank had deliberately obscured the country of origin. On August 14, 2012, the New York regulator announced that Standard Chartered had agreed to a civil penalty of $340 million to resolve the charges. Investigations into the bank by other authorities including the Department of Justice and the Office of Foreign Assets Control continue. The Standard Chartered settlement followed the June 2012 announcement of the Office of Foreign Assets control that ING had agreed to pay a settlement of $619 million to settle allegations that the company had violated U.S. sanctions.

 

Third, a host of regulators are investigating the losses J.P Morgan suffered as a result of derivatives trades in the company’s London office that went seriously awry. At last report, the company’s losses from the trades (which were known in the financial markets as the “London Whale” trade) be as much as $5.8 billion.

 

Beyond these headline grabbing scandals, there have also been a host of smaller scale scandals involving the financial services industry, including Wells Fargo’s $173 million settlement with the Department of Justice of allegations that the company engaged in discriminatory residential home mortgage lending practices; Capitol One’s $210 million settlement with the Consumer Financial Protection Bureau of  allegations that the credit-card issuer pressured customers into buying consumer-credit-protection products such as identity-theft-monitoring services; and Capitol One’s $12 million settlement with the Department of Justice that the company had violated certain statutory protections for veterans, among other things, through wrongful foreclosures.

 

Indeed, this past summer so many scandals involving the financial services industry that you needed a scorecard just to keep track of them all.

 

Litigation has already followed in the wake of at least some of these scandals. As discussed here, following the initial disclosure of J.P. Morgan’s losses from the London Whale trades, shareholders filed a securities class action lawsuit against the company and certain of its directors and officers, alleging that the company’s statements regarding its trading practices and internal controls were misleading. In addition, following Standard Chartered’s settlement with the New York regulator, families of the victim’s of the 1983 bombing of the Marine barracks in Beirut sued the bank seeking compensation for its concealment of its Iran-linked transactions.

 

Investigations in connection with some of these various scandals are continuing. It remains to be seen whether as further details and developments emerge there will be further follow-on civil litigation. The sheer number of scandals seems to suggest the likelihood that there will be further lawsuits. There certainly does seem to be limit to the capacity of the financial industry to produce scandals.

 

What are the Implications of All of This for the D&O Insurance Marketplace?: After several years in which D&O insurance purchasers have enjoyed declining premiums and expanding coverage, the marketplace seems to have reached an inflection point. At a minimum, almost all of the private company management liability carriers are attempting to increase premium or otherwise add coverage restrictions to their renewals.   Based on current trends, most private company insurance buyers can expect to see increases of from 5% to 10 % (and in some cases, more) at their next renewal, with financially troubled companies and companies with adverse claims histories potentially seeing even larger increases.

 

The public company D&O insurance marketplace has also shifted recently. Economic turmoil and increased governmental regulation and enforcement activity continue to pose a challenging environment for companies and their directors and officers. At the same time, merger objection suits and other negative claims trends have led some carriers to complain of premium inadequacy. Public company D&O carriers in some case are attempting to increase in premium and retention levels. Companies that are likeliest to see upward pressure on their insurance premiums are those that have an adverse claims history or are experiencing financial challenges. Although the carriers for many kinds of companies may be pushing to increase premiums, companies in the following industries are likelier to experience premium pressure: financial services, including commercial banking; extractive natural resources; life sciences; and technology.

 

Some carriers are also attempting to add coverage restrictions, at least in some cases. Among other restrictive provisions that some carriers are seeking in at least some cases are:  separate retentions for mergers and acquisitions activity; separate retentions or other restrictive provisions relating to “crowdfunding”; and in private company management liability policies that have an employment practices coverage section providing sublimited defense cost coverage for wage and hour claims, a reduction in the sublimit.

 

Though the market environment clearly has shifted in recent months, we are not in a true “hard market.” The insurance marketplace continues to be characterized by significant levels of insurance capacity. Given the current high capacity levels, it is possible that competitive forces could undermine many of the market changes noted above. The current, more disciplined underwriting climate could either represent a transition to a sustained period of higher insurance prices and more restrictive terms, or it could merely be a temporary phase before softer market conditions resume. For the present, however, insurance buyers should be prepared for the possibility that they will see premium increases at their next renewal.

 

Labor Day has come and gone. The kids are back in school. The air is cooler and the nights are longer. There’s a definite autumnal feeling in the air. It is time to get back to work. Fortunately, The D&O Diary kept its eye on things over the summer. So if you are feeling the need to get caught up on what happened while you were out, don’t worry, we’ve got you covered. Here is a quick summary of what you missed on The D&O Diary while you were away.

 

Libor Scandal Surges, Litigation Emerges: The unfolding scandal moved into the headlines of business pages around the world in late June after Barclays agreed to over $450 million in regulatory fines and penalties. Inevitably, litigation has followed; indeed, it had begun to accumulate well before the Barclays settlements were announced.  An overview of the scandal itself  can be found here, and the details of the follow-on  litigation can be found here, here and here. Although many of the lawsuits filed so far have been based on antitrust claims, there has been at least one securities class action lawsuit filed as well, involving Barclays and its former CEO and its former Chairman (about which refer here). The scandal clearly has further to run, and there will likely be further litigation as well. As Stanford Law Professor Joe Grundfest put it, “the Libor-litigation industry is clearly a sector to watch for years to come.”

 

Mid-Year Securities Litigation Studies Released: All of the leading statistical services have issued their respective studies of securities class action lawsuit filings for the first six months of 2012. My post about the Cornerstone Research study can be found here; the NERA Economic Consulting study, here; and the Advisen study can be found here. My own analysis of the first half filings can be found here.

 

Key Insurance Coverage Decisions: In a case that addressed one of the perennial D&O insurance coverage issues, on June 27, 2012 Central District of California Judge R. Gary Klausner ruled that subsequent lawsuits related to the collapse of IndyMac bank were interrelated with an earlier suit and therefore there is no coverage under a second tower of D&O insurance for the subsequent claims. A discussion of the case and the interrelatedness issue can be found here.

 

In a different case, on June 29, 2012, the Seventh Circuit, applying Illinois law, held that when the defendants in a lawsuit include both persons who are insureds under the defendant company’s D&O policy and persons are not insureds, the policy’s Insured vs. Insured exclusion does not preclude coverage for the entire lawsuit, but only the portion attributable to the claims brought against the non-insured person defendants. The extent of coverage available when the defendants include both insured persons and non-insureds is to be determined by the policy’s allocation provisions. A discussion of the Seventh Circuit’s opinion can be found here.

 

In the latest of what is now a lengthening line of cases, on June 12, 2012, the New York Supreme Court, Appellate Division, First Department, applying Illinois law, ruled in a coverage case brought by JPMorgan Chase that owing to settlements reached with underlying carriers in a professional liability insurance program, the excess insurers in the program have no payment obligation because conditions precedent to coverage under the excess carriers’ policies had not been met. The New York case and the earlier line of cases are discussed here.

 

And as discussed here, in a decision that gives broad effect to a D&O insurance policy’s contractual liability exclusion, on August 17, 2012, Middle District of Pennsylvania Judge William Nealon granted the insurer’s motion for summary judgment, holding under Pennsylvania law that the insurer had no obligation to defend or indemnify the policyholder for negligent and fraudulent misrepresentation claims in the underlying action.

 

Finally, In an August 21, 2012 opinion, Central District of California Judge James V. Selna, applying California law, rejected the insured’s efforts to have the malpractice insurer’s duty to advance obligations determined under duty to defend principles. The court concluded that the insurer did not have the duty to advance the insured’s defense expenses incurred in a dispute between the insured and his former law firm. Judge Selna’s opinion is discussed here.

 

The FDIC’s Pace of Failed Bank of Lawsuit Filing Slows: As I noted when the FDIC filed two new failed bank lawsuits in mid-July, those two new lawsuits represented the first lawsuits the agency had filed in two months. Although it seemed at the time as if the two new suits might represent an end to the lull, in time following the July filing of the two lawsuits, the FDIC has not filed any further new failed bank lawsuits. Indeed, between April 20, 2012 and today, the FDIC has filed only three lawsuits, after filing eleven in the first four months of the year.

 

This apparent slowdown in FDIC failed bank lawsuit filings during the last four months is all the more surprising given that during the equivalent period three years prior well over 50 banks closed. In addition, according to its website, the agency has authorized so many more lawsuits than it has filed – and it has been increasing the number of authorized lawsuits each month. In the latest update to its website on August 14, 2012, the agency indicated that his has now authorized suits involving 73 failed institutions; against 617 individuals for D&O liability (those figures represented an increase from the prior month’s numbers of with 68 failed institutions against 576 individuals). So far the agency has filed 32 suits involving 31 failed institutions, involving 268 individuals.

 

Courts Wrestle With Business Judgment Rule and the Scope of Potential Failed Bank Director and Officer Liability: When the FDIC has initiated litigation against the former directors and officers of a failed bank, in many instances, the FDIC has included in its complaint a claim against the individual defendants for ordinary negligence. However, in several instances, individual defendants have successfully argued that their conduct is protected by the business judgment rule and accordingly, that they cannot be held liable for ordinary negligence.

 

The most significant holding is the August 14, 2012 decision in the Northern District of Georgia in the Haven Trust case, in which Judge Steve C. Jones dismissed the claims against both the director and officer defendants, because of his determination that under Georgia law the directors’ and officers’ conduct is protected by the business judgment rule. The Haven Trust case is discussed here. Earlier in August, a judge in the Middle District of Florida, ruled in the FDIC’s failed bank lawsuit relating to the failed Florida Community Bank of Immokalee, Florida, that under Florida law directors cannot be held liable for ordinary negligence, as discussed here. The ruling in that case did not reach the question of whether or not officers can be held liable for ordinary negligence under Florida law.

 

However, as California attorney Jon Joseph wrote in his April 11, 2012 guest post on this blog (here), courts applying California law on the issue and considering whether corporate officers as well as directors can rely on the business judgment rule have split on the issue. Most recently, on June 7, 2012, Eastern District of California Judge Lawrence O’Neill held that the defendant officers cannot rely on the statutorily codified business judgment rule under California Corporations Code Section 309, because the statute by its terms refers only to officers not directors Judge O’Neill’s ruling is discussed here (second item).

 

Keynote Addresses at the Stanford Directors’ College: Once again this summer, I participated in the annual Stanford Directors’ College, held at Stanford Law School in Palo Alto, California. Though I was there as a faculty member, I also attended in my capacity as a blogger, and I reported on the keynote address of NASDAQ CEO Robert Greifeld and the keynote addresses of venture capitalists Marc Andreessen and Ben Horowitz here. I separately reported on the keynote addresses of Delaware Chancellor Leo Strine and Netflix CEO Reed Hastings here.

 

Interview with Professional Liability Insurance Industry Leader: On June 21, 2012, I published my interview of my good friend and industry colleague David Bell. David announced earlier this year that he was leaving Bermuda to return to Montana, where he was taking up a position as President and Chief Operating Officer of ALPS Corporation. The interview not only covers David’s reasons for making the move, but also reflects his thoughts about the industry and about life.

 

U.S. Supreme Court Grants Cert in the Amgen Case:  As discussed here, on June 11, 2012, the U.S. Supreme Court agreed to hear an appeal of a securities class action lawsuit in the Amgen v Connecticut Retirement Plans case. The Supreme Court will address a significant split in the Circuits on the question whether securities plaintiffs must establish in their class certification petition that the alleged misrepresentation on which they rely was material.  The case, which will be argued and presumably decided during the upcoming Supreme Court term, may also give the Court the opportunity to take a look at the fraud on the market theory as well.

 

Chinese Cases Face Pleading Obstacles, Settle Modestly: A number of the securities suits filed against U.S.-listed Chinese companies have survived motions to dismiss. First, the Second Circuit revived the suit against China North Petroleum Holdings, which the district court had dismissed. And on August 8, 2012, Southern District of New York Judge Katherine Forrest denied the motion to dismiss the securities class action lawsuit that had been filed against China Automotive Holdings. A copy of Judge Forrest’s opinion can be found here. And as discussed here, on August 24, 2012, Southern District of New York Judge George Daniels denied in part the company’s motion to dismiss in the Duoyuan Global Water and two of its officers.

 

Not all of the suits against the Chinese companies have fared as well. For example, on August 1, 2012, Southern District of Florida Judge Marcia Cook, in the securities class action lawsuit involving Jiangbo Pharmaceuticals, granted the motions to dismiss of the company’s CFO, Elsa Sung, and of its auditor. The dismissals are without prejudice. A copy of her opinion can be found here.  

 

The claimants that have managed to get their suits against U.S.-listed Chinese companies all the way to the settlement stage have found that they often are forced to accept only modest settlements, often because the Chinese companies carry only very modest levels of D&O insurance (about which refer here).

 

Congressional Bill Would Increase SEC’s Penalty Authority: As discussed here, on July 23, 2012, Democratic Rhode Island Senator Jack Reed and Republican Senator Charles Grassley introduced a bill titled The Stronger Enforcement of Civil Penalties Act of 2012 to increase the SEC’s civil monetary penalties authority and to directly link the size of those penalties to the scope of the harm and investor losses. The Senators’ joint July 23, 2012 press release about the Bill can be found here.

 

And Finally: It may be that everyone here at The D&O Diary has attention deficit disorder. From time to time, we do seem to have trouble staying on topic. For example, my reflections on Time and Summer probably distracted me a lot more than anything else I posted this summer. I confess that I like the Time and Summer post (which can be found here) better than anything I have written for this site. Some day I will have the courage to explain why I wrote it, but not yet. If you have not yet read it, please take a moment and at least look at the pictures and read the many readers’ comments. The post’s concluding message seems apt even as summer draws to a close.

 

Anyway, I think my favorite off-topic foray of the summer was when I posted the new Matt is Dancing video. The Where the Hell is Matt 2012 video is embedded below. The video opens with a short commercial (sorry) but stick with it, the video is so much fun. Cue it up and prepare to smile.

 

The parties to the Citigroup subprime-related securities class action lawsuit – one of the highest profile of the remaining subprime cases – have agreed to settle the suit for $590 million, in what is the third largest settlement so far out of the subprime and credit crisis litigation wave. Southern District of New York Judge Sidney Stein preliminarily approved the settlement on August 29, 2012, and scheduled a hearing for final approval on January 13, 2013.

 

A copy of the parties’ stipulation of settlement can be found here. The plaintiffs’ lawyers’ August 29, 2012 press release about the settlement can be found here.

 

The Citigroup case was among the most prominent of the subprime cases because of Citigroup’s role in the mortgage-backed securities industry that contributed so significantly to the subprime meltdown, as well as because of the high-profile individuals involved in the case, including former Citigroup CEO Charles Prince and former Treasury secretary and Citigroup board member Robert Rubin. In addition, Citigroup’s attempt to settle the subprime-related SEC enforcement action for a payment of $285 was famously rejected by Southern District of New York Judge Jed Rakoff, a decision that is now on appeal before the Second Circuit.

 

As discussed in detail here, in a November 9, 2010 Judge Sidney Stein narrowed the shareholders’ action against Citigroup and dismissed a number of the individual defendants. But what Judge Stein called the plaintiffs’ “principal” allegations survived the dismissal motion and remained in the case, as did seven of the individual defendants, including Prince and Rubin. The surviving allegation was the plaintiffs’ claim that Citigroup “did not disclose that it held billions of dollars of super-senior tranche CDOs.”

 

The basic thrust of the plaintiffs’ CDO-related allegations is that though the company disclosed that it was deeply involved in underwriting CDOs, the company did not disclose that billions of dollars of the CDOs had not been purchased at all but instead had been retained by Citigroup. In November 2007, the company disclosed that it was exposed to super-senior CDO tranches in the amount of $43 billion and that it estimated a write down of $8 to $11 billion of those assets. The plaintiff alleged that this disclosure omitted an additional $10.5 billion worth of holdings that the company had hedged in swap transactions. 

 

Judge Stein found that the plaintiffs had adequately alleged that Citigroup’s CDO valuations were false between February 2007 and October 2007. In concluding that these statements were made with scienter, Judge Stein noted that the plaintiffs’ claims "concern a series of statements denying or diminishing Citigroup’s CDO exposure and the risks associated with it." These statements, Judge Stein found were "inconsistent with the actions Citigroup was allegedly undertaking between February 2007 and October 2007."

 

Among the subprime and credit crisis cases that have settled so far, the $590 Citigroup settlement has been exceeded only by the $627 million Wachovia bondholders’ settlement and the $624 million Countrywide settlement. As Jan Wolfe points out in his August 29, 2012 Am Law Litigation Daily article about the Citigroup settlement (here), the $590 settlement in the Citigroup case may represent the largest settlement by a single financial institution.

 

Among the remaining subprime and credit crisis cases, there are several that at least potentially present the possibility of similarly large settlements, including the BofA/Merrill Lynch merger case, the AIG case and the Citigroup bondholders’ case. It remains to be seen how the Citigroup settlement will stack up when all of these cases have settled. But as I had to remind several people in telephone conversations yesterday about the Citigroup settlement, at well over half a billion dollars, the Citigroup settlement is unquestionably represents a big number. Others will have to wrestle with the question whether it is “big enough.”

 

I have in any event added the Citigroup settlement to my running tally of subprime and credit-crisis case resolutions, which can be accessed here.

 

FDIC Releases Quarterly Banking Profile: If you have not yet seen it, on August 28, 2012, the FDIC released the Quarterly Banking Profile for the quarter ending June 30, 2012. In general, the report reflects a generally improving banking industry. Among other things, the report shows that the industry had collective net income of $34.5 billion, a figure that would have been even larger were it not for the J.P. Morgan “London Whale” trading losses. This net income figure represents the 12th consecutive quarter over quarter increase in industry net income.

 

Consistent with this overall picture of improving industry health, the number of problem  banking institutions decreased during the quarter, from 772 to 732. However, because the number of reporting institutions overall also decreased, the number of troubled institutions at quarter’s end still represents a significant percentage (10.1%) of all banks. The number of troubled banks at the end of the first quarter represented 10.5% of all reporting institutions. The second quarter number does represent a significant decline in the number of problem institutions compared to the end of the second quarter of 2011, when there were 865. The FDIC notes that the second quarter 2012 decline in the number of problem institutions represents the fifth consecutive quarterly decline.

 

One interesting additional note in the FDIC’s report is that there were no new bank charters granted in the second quarter of 2012, which represents the fourth consecutive quarter in which there were no new charters. Through closure and merger, and the lack of additions of any new banks, the number of banking institutions is shrinking significantly