In an August 27, 2012 post (here), I discussed Central District of California Judge James Selna’s August 21, 2012 decision in Petersen v. Columbia Casualty, and in particular Judge Selna’s consideration of the insurer defendant’s duty to advance under its liability policy. Following my publication of the post, I was contacted by Jeffrey Kiburtz of the Shapiro, Rodarte & Forman law firm. Jeff had a differing perspective on Judge Selna’s opinion and he suggested the possibility of a guest post on the topic, to which I readily agreed. Jeff’s guest post discussing Judge Selna’s opinion is set forth below.

 

I would like to thank Jeff for his willingness to set out his views as a guest post on this site. I welcome guest posts from responsible commentators on topics of interest to this blog. Any readers who are interested in publishing a guest post on this site are encourage to contact me directly. Here is Jeff’s guest post:

 

 

 

As a regular reader of Kevin’s blog, I always find it be well-written, informative and timely – it is truly a great resource and I am thankful to him for helping me stay up-to-date on a variety of management liability issues (as well as the opportunity to submit this guest blog). And while I also find myself in agreement with the majority of his substantive commentary, I felt compelled to provide a different perspective on the Petersen v. Columbia Casualty he discussed here. (For the record, I had no involvement in the Petersen case.)

 

 

As discussed in greater detail there, Petersen ostensibly addressed the standard for determining whether an insurer must advance defense costs under a non-duty to defend policy. For Kevin, “the court [in Petersen] correctly understood the insurer’s defense obligations and correctly declined to apply principles derived from duty to defend cases to the determination of the insurer’s obligations.” From my perspective, however, the court’s decision on the standard applicable to non-duty to defend policies did not expressly consider, and is in any event difficult to reconcile with, established Ninth Circuit precedent. (I’ll leave for others the issue of whether there is any actual conflict between our two stated perspectives.)

 

 

In refusing to apply duty to defend principles (most notably the principle that defense obligations are triggered by a “mere potential” for coverage) to the analysis of whether an insurer must advance defense costs, the court in Petersen appears to have relied nearly exclusively on Jeff Tracy, Inc. v. U.S. Specialty Ins. Co., 636 F. Supp. 2d 995 (C.D.Cal. 2009). Further, both Petersen and Jeff Tracy suggested that the only support for the insured’s “mere potential” argument was Gon v. First State Ins. Co. 871 F.2d 863 (9th Cir. 1989), which both courts distinguished as addressing the timing of when an insurer must begin to advance defense costs, not the method of determining whether such a duty exists in the first instance. Thus, in both Jeff Tracy and Petersen, the Central District concluded in one form or another that “the Ninth Circuit did not hold [in Gon] that the duty to defend or ‘potential for coverage’ standard still applied” to non-duty to defend policies. Jeff Tracy at 1003.

 

 

Now, admittedly, the specific reach of Gon (and a similar case, Okada v. MGIC Indem. Corp., 823 F.2d 276, 282 (9th Cir.1986)) is a little unclear, but the Ninth Circuit itself regards Gon and Okada as “circuit precedent requiring the advancement of defense costs for potentially covered claims.” Pan Pacific Retail Properties, Inc. v. Gulf Ins. Co., 471 F.3d 961, 970 (9th Cir. 2006). Moreover, although the court in Pan Pacific distinguished Gon and Okada on grounds that those cases are inapplicable when, as in Pan Pacific, the coverage action was brought after the conclusion of the underlying matter, the court made reasonably clear in a separate case that potentiality remains the test when contemporaneous advancement of defense costs is the issue. Unified Western Grocers, Inc. v. Twin City Fire Ins. Co., 457 F.3d 1106, 1112 (9th Cir. 2006).

 

 

Unified Western Grocers involved alleged fraudulent transfers in the context of a leveraged buyout. The insurer declined coverage on grounds that the underlying suit effectively constituted an action for restitution based on allegations of intentionally wrongful conduct. And, while the insured countered that the asserted breach of fiduciary duty was at least potentially covered, the insurer argued that the claim for breach of fiduciary duty and its related allegations were, in effect, inseparably intertwined with the non-covered, intentionally wrongful conduct and demand for restitution. Reversing the district court, the Ninth Circuit agreed with the insured, holding that the breach of fiduciary duty claim gave rise to a potential for coverage and the broad allegations of intentionally wrongful conduct did “not automatically subsume all allegations of a negligent character.” Id. at 1114.      

 

 

As most relevant to this discussion, the Ninth Circuit stated that “[i]n determining whether an unproven claim is covered by an applicable insurance policy, we are reluctant to frame coverage based on isolated allegations in an underlying complaint.” Id. at 1112 (citingGon and the seminal California duty to defend case Gray v. Zurich Ins. Co. (1966) 65 Cal.2d 263 for the proposition that “the third party complainant, who may overstate the claims against the insured, should not be the arbiter of the policy’s coverage.”) Based on this, the court applied a potentiality test to the two coverage issues raised by the insurer (intentionally wrongful conduct and restitution), ultimately holding that there remained a possibility of covered liability based on the not-necessarily-intentional conduct alleged in connection with the breach of fiduciary claim and that the relief sought was not necessarily restricted to restitution.   

 

 

Further, lest one think that the Ninth Circuit missed that it was dealing with what appears to have been a pretty standard D&O policy that did not provide for a duty to defend, the court made clear that while “Gon and Gray involved interpretations of an insurer’s duty to defend potentially covered claims” and are “not directly applicable to determining an insurer’s duty to indemnify loss,” the determination that the district court’s decision below that there were “no covered claims as a matter of law . . . is closely analogous to the question of whether there is a potentially covered claim.” Id. at 1112 fn.8.  

 

 

Returning to Petersen, it is difficult to reconcile the court’s apparent rejection of any form of a potentiality test with the precedent discussed above, especially Unified Western Grocers. For example, like Unified Western Grocers and unlike Pan Pacific, coverage in Petersen was determined during the pendency of the underlying litigation. Further, while it appears that the court in Petersen implicitly distinguished Olympic Club v. Those Interested Underwriters at Lloyd’s London, 991 F.2d 497 (9th Cir. 1993) (an earlier Ninth Circuit decision in which the court explicitly held that potentiality is the test for non-duty to defend policies) on grounds that the policy in Olympic Club did not expressly disclaim the insurer’s duty to defend, that would not be sufficient to distinguish Unified Western Grocers as the policy there plainly had no duty to defend. The Petersen court also appears to have distinguished Olympic Club on grounds that the policy in Petersen did not provide coverage for allegations of wrongful conduct, an assertion which does not appear factually accurate, as the definition of “Act” quoted in the Petersen decision encompassed allegations of wrongful conduct.  

 

 

The court in Petersen also appears to have been swayed by the presence of allocation provisions in the policy, which seems to suggest that the court viewed potentiality and allocation as mutually exclusive, i.e., that one cannot have a potentiality standard without also requiring the insurer to fund 100% of the defense of a mixed suit. Irrespective of the rationale, the policy’s allocation provisions would not in any event appear to be an adequate basis for distinguishing United Western Grocers, as the policy at issue there also contained an allocation provision. Lastly, while Unified Western Grocers did not mention the final policy attribute cited as militating against a potentiality standard in Petersen (i.e., that the policy required the insured to consult with the insurer before incurring defense costs), it is hard to imagine that factor being significant, especially since the “power of the purse” control that language provides the insurer makes the policy more akin to a duty to defend policy, arguably making it more appropriate to apply principles developed under duty to defend policies. 

 

 

It seems worth noting that the Petersen court’s decision on the standard applicable to determining whether an insurer must advance defense costs could be considered dicta, as it is not clear from the recited facts that application of a potentiality standard would have yielded a different result. Nevertheless, whether dealt with on that basis or otherwise, I would question the suggestion that Petersen (or Jeff Tracy for that matter) represents the law in California federal courts concerning the duty to advance defense costs. 

 

 

        

            

I am pleased to publish below an article by my good friend Richard J. Bortnick (pictured left) concerning the directors’ and officers’ liability issues related to cyber security and data breaches. Rick is a Member of the Cozen O’Connor law firm and he is also the co-author of the CyberInquirer blog. This article first appeared as a chapter in the July 2012 publication Willis’ Executive Risks – A Boardroom Guide 2012/2013. I would like to thank Rick for his willingness to publish the article here.

 

I welcome guest posts from responsible commentators on topics of interest to this blog. Any readers who are interested in publishing a guest post on this site are encourage to contact me directly. Here is Rick’s guest post: 

 

 

Cyber insurance has become a necessity. Every company that maintains, houses or moves sensitive information is at risk of a data breach, primarily due to the growth and increased sophistication of hackers, malicious software and, most recently, ‘hacktavists’. Even mere employee negligence can lead to a data breach. High-profile companies such as Sony can attest that cyber-intrusions can lead to hundreds of millions, if not billions, of dollars in legal exposure.

 

 

Equally troublesome, our expanding online society has introduced new financial risks and exposures that may not be covered under general and professional liability insurance products, including standard directors’ and officers’ (D&O) policies. As such, corporate directors and officers, and their risk-management professionals, must ensure that they buy appropriately tailored policies that provide protection against the rapidly expanding risks to which they could be vulnerable, both personally and professionally.

 

 

The risks and costs of a data breach

 

It has become known as the Year of the Breach: in 2011, companies of all sizes experienced malicious intrusions or employee negligence that affected their operations and/or businesses. For example, in April 2011, computer hacktavists unlawfully accessed the Sony PlayStation Network (PSN) and obtained the personal and financial information of roughly 77 million PSN users. Since then, Sony and its insurers likely have spent tens, if not hundreds, of millions of dollars to remedy and mitigate the resulting security and commercial crises — an amount that grows by the day as lawyers prosecute class action lawsuits on behalf of allegedly affected users whose personal and financial information was improperly accessed. 

 

 

Equally problematic for Sony, it has been sued by its commercial general liability (CGL) insurer, Zurich American, which is seeking to avoid coverage by arguing that its general liability policies do not and never were intended to cover data breaches.

The TJX Companies also fell victim to a cyber intrusion that security experts predict will have long-term costs of between US$4 billion and US$8 billion in fines, legal fees, notification expenses and brand impairment. In the TJX case, the retail group reported that 45.6 million credit and debit card numbers were stolen from one of its systems during the period July 2005 to January 2007. Of critical import, the January 2007 intrusion occurred after TJX already had knowledge of the initial breaches. 

 

 

Of course, big corporations are not the only entities that are vulnerable to hackers and hactavisits; indeed, half of all companies that have experienced data breaches have fewer than 1,000 employees. 

 

 

NetDiligence, a US company that specialises in assessing cyber risks and data breaches, released a study in June 2011 summarising its survey of data-breach insurance claims made between 2005 and 2010 in a variety of industries in the US (see the panels on the next three pages). Based on the claims payout data submitted for the study, the average cost for a data breach was US$2.4 million. Topping the list of the most frequently breached sectors were healthcare and financial services. 

 

 

Moreover, the study found that 95 per cent of the breaches were caused by one of three things: hackers, rogue employees and loss/theft of equipment. For the most part, the information stolen consisted of personal identification information (PII) — name, address, email address, telephone number, social security number and credit card information — or personal health information (PHI).

 

 

 

Similarly troubling, in 2011 nearly 23 million confidential records were exposed in the US as a result of over 419 reported security breaches, according to the non-profit Identity Theft Resource Center (ITRC).

 

 

These numbers are likely to hold steady; at the start of April 2012, the ITRC reported 105 breaches and roughly 4.5 million exposed records in the first three months of the year. In turn, the Ponemon Institute, a data-security research firm, reported that the average cost of a breach to US organisations in 2011 was US$5.5 million, and that the cost per compromised data record stood at $194. These substantial numbers include the attendant costs of retaining forensic experts, attorneys’ fees, customer-notification expenses, fraud monitoring, public relations support, business interruption, loss of customer goodwill, and third-party liability claims.

 

 

Many breaches result in reputational damage, leading to diminished future cash flows. While loss of goodwill is notoriously hard to quantify, its financial impact can be both long-term and substantial.

 

 

Cyber security regulations and compliance

 

SEC guidance

 

On October 13, 2011, in response to the “increasing dependence on digital technologies” and associated risks, the Division of Corporation Finance (DCF) of the US Securities and Exchange Commission (SEC) issued a ‘Disclosure Guidance’ that presents, for the first time, disclosure recommendations relating to cyber-security risks. It is worth noting the DCF’s own observation in the guidance that it “is not a rule, regulation, or statement of the Securities and Exchange Commission”. The DCF also emphasises that many of its ‘recommendations’ may already be encompassed within corporate disclosure obligations found elsewhere in various SEC regulations.

 

 

While the Disclosure Guidance is designed to be ‘advisory’, its practical implications establish the ‘recommendations’ as best practices and in essence render compliance essential, if not mandatory. To put it another way: non-compliance would be ill-advised. 

 

 

At the same time, the DCF counsels that “material information regarding cyber-security risks and cyber incidents” may need to be disclosed “in order to make other required disclosures, in light of the circumstances under which they are made, not misleading.” It cites Basic Inc v Levinson (1988) for the proposition that “information is considered material if there is a substantial likelihood that a reasonable investor would consider it important in making an investment decision or if the information would significantly alter the total mix of information made available.”

 

 

Although the Disclosure Guidance is only directed at public companies under the SEC’s jurisdiction, it can be expected to have far-reaching implications for non-public companies and even individuals doing business with public companies.  

 

 

What does the disclosure guidance say?

 

It makes most sense to begin with what the Disclosure Guidance is not. The DCF makes it clear that it is not advising companies to make detailed disclosures of highly technical elements of their cyber-security programme or even the details of an actual cyber attack. Indeed, it is aware that “detailed disclosures could compromise cyber-security efforts — for example, by providing a ‘roadmap’ for those who seek to infiltrate a registrant’s network security — and we emphasize that disclosures of that nature are not required under the federal securities laws”. On the other hand, the DCF advises that companies should avoid offering “generic risk factor disclosure.”

It also highlights the point that existing disclosure obligations may warrant discussion of such risks — in many cases rendering cyber-security disclosures mandatory. For instance, Regulation S-K and Form 20-F of the Securities Act of 1933 require public companies to disclose “risk factors” that would be relevant to a prospective investor. Accordingly, the Disclosure Guidance counsels that companies “should disclose the risk of cyber incidents if these issues are among the most significant factors that make an investment in the company speculative or risky.”

 

 

The DCF further suggests that companies, in determining whether risk disclosure is required, should evaluate their cyber-security risks, taking account of previous incidents, the likelihood of future occurrences, the magnitude of those risks and the adequacy of preventive measures. Depending on the circumstances of individual companies, the DCF says that appropriate disclosures may include:

 

•             discussion of aspects of the company’s business or operations that give rise to material cyber-security risks and the potential costs and consequences

•             description of outsourced functions that have material cyber-security risks, and how the company is addressing those risks

•             description of cyber incidents experienced by the company that are individually or in the aggregate material, including the costs and other consequences

•             risks related to cyber incidents that may remain undetected for an extended period

•             description of relevant insurance coverage.

 

Beyond all of this, the DCF recommends the following (potentially required) disclosures that could implicate cyber issues.

 

 

Discussion and analysis of financial condition

 

The DCF recommends: “Registrants should address cyber-security risks and cyber incidents … if the costs or other consequences associated with one or more known incidents or the risk of potential incidents represent a material event, trend, or uncertainty that is reasonably likely to have a material effect … For example, if material intellectual property is stolen in a cyber attack … the registrant should describe the property that was stolen and the effect of the attack on its … operations, liquidity, and financial condition and whether the attack would cause reported financial information not to be indicative of future operating results or financial condition. If it is reasonably likely that the attack will lead to reduced revenues, an increase in cyber-security protection costs, including related to litigation, the registrant should discuss these possible outcomes, including the amount and duration of the expected costs, if material.”

 

 

Description of business

 

“If one or more cyber incidents materially affect a registrant’s products, services, relationships with customers or suppliers, or competitive conditions, the registrant should provide disclosure … In determining whether to include disclosure, registrants should consider the impact on each of their reportable segments. As an example, if a registrant has a new product in development and learns of a cyber incident that could materially impair its future viability, the registrant should discuss the incident and the potential impact to the extent material.”

 

 

Legal proceedings

 

“If a material pending legal proceeding to which a registrant or any of its subsidiaries is a party involves a cyber incident, the registrant may need to disclose information regarding this litigation …”

 

Financial statement disclosures

 

Noting that “cyber-security risks and cyber incidents may have a broad impact on a registrant’s financial statements”, the DCF sets out some of the costs and losses that may need to be disclosed in statements, depending on the nature and severity of the potential or actual incident:

 

•             the possibly substantial costs incurred in preventing cyber attacks

•             any incentives provided to customers to mitigate damages from a cyber incident and maintain the business relationship

•             losses, in the wake of cyber attacks, from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and replacement, and indemnification of counterparty losses from their remediation efforts

•             potentially diminished future cash flows, therefore requiring consideration of impairment of certain assets including goodwill, intangible assets, trademarks and patents.

 

 

Disclosure controls and procedures

 

The DCF further notes that: “Registrants are required to disclose conclusions on the effectiveness of disclosure controls and procedures. To the extent cyber incidents pose a risk to a registrant’s ability to record, process, summarize, and report information that is required to be disclosed in Commission [SEC] filings, management should also consider whether there are any deficiencies in its disclosure controls and procedures that would render them ineffective.” 

 

 

In short, directors and officers must be attuned to the regulations to protect themselves against the impact of cyber risks and costs in the larger context of their company’s disclosure obligations to investors. Or, to put it another way, those who ignore the Disclosure Guidance do so at the risk of an action by the SEC or by shareholders if a cyber incident occurs.

 

 

Given the increased prevalence and effectiveness of cyber attacks and breaches, and in light of the Disclosure Guidance, it would be difficult to justify why proper protective measures — including sufficient cyber insurance   — were not put in place, and why the risks were not disclosed to the investing public.

 

 

A ‘not so hypothetical’ hypothetical

 

Consider the following case and contemplate whether the court may have reached a different result in light of the Disclosure Guidance. Heartland Payment Systems stores millions of credit and debit card numbers on an internal computer network to facilitate payment processing. In December 2007, hackers launched a Structured Query Language (SQL) attack on Heartland’s payroll management system. To its credit, Heartland was able to repel the attack before any personally identifiable information was stolen.

 

 

Regrettably, however, the company failed to detect malicious software (malware) that had been placed on the network by way of the SQL attack. This malware infected Heartland’s payment processing system, ultimately enabling the hackers to steal 130 million consumer credit and debit card numbers.

 

 

Heartland did not discover the malware until January 2009, at which time it notified government authorities and publicly disclosed the event. 

 

 

Over the course of the following month, Heartland’s stock price plunged in value. Shareholder class actions alleging securities fraud and material non-disclosures followed. 

 

 

In their complaint, the plaintiffs alleged that Heartland and its officers and directors had made material misrepresentations and omissions about the December 2007 SQL attack. For example, the plaintiffs alleged the following material misrepresentations:

 

•             At numerous times, defendants concealed the SQL attack in statements made during earnings conference calls and in 10-K (annual) reports

•             Defendants misrepresented the general state of Heartland’s data security because they were aware that Heartland’s network had been breached and yet they had not fully remedied the problem

•             Notwithstanding its knowledge of the SQL attack, the company failed to disclose that its information systems were extremely vulnerable (rather, it had stated that it took computer security very seriously).  

 

The plaintiffs claimed that Heartland and its directors and officers had violated Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 by failing to disclose material information related to a lack of security and known breaches of its information systems. As a result of the company’s material misrepresentations related to the security breach, the plaintiffs alleged, Heartland’s common stock lost around 80 per cent of its value.

 

 

As is common in security class action lawsuits, the Heartland defendants moved to dismiss the shareholders’ complaint on the basis that it failed to state a claim upon which relief could be granted, because it did not allege the existence of a material mis-statement or omission. In ruling on that motion (see In re Heartland Payment Systems Inc, 2009), the US District Court for the District of New Jersey found that the existence of unresolved network security issues did not, in itself, suggest that the company did not value data security or that it did not maintain a high level of security. The court further found that while knowledge of the 2007 SQL attack may have been material to the plaintiffs’ investment decisions, securities issuers have no general duty to disclose every material fact to investors.

 

 

In addition, the court found that the plaintiffs’ complaint failed to sufficiently plead the necessary elements of scienter, or knowledge of wrongdoing, as it did not allege that defendants knew or had reason to suspect that Heartland’s security systems were so deficient that it was false to say the company placed significant emphasis on maintaining a high level of security. Accordingly, the court granted the defendants’ motion to dismiss. 

 

 

Now, consider the language of the Disclosure Guidance in addressing the following, potentially required ‘risk factor’ disclosures: “A registrant may need to disclose known or threatened cyber incidents to place the discussion of cyber-security risks in context. For example, if a registrant experienced a material cyber attack in which malware was embedded in its systems and customer data was compromised, it likely would not be sufficient for the registrant to disclose that there is a risk that such an attack may occur. Instead, as part of a broader discussion of malware or other similar attacks that pose a particular risk, the registrant may need to discuss the occurrence of the specific attack and its known and potential costs and other consequences.”

 

 

In light of the express reference to ‘malware’, Heartland may have found it more difficult to argue that its failure to detect the malware embedded in its systems was reasonable and that its failure to disclose the extent of other potentially significant risks associated with a known cyber attack adequately satisfied the recommendations in the Disclosure Guidance. At a minimum, the fate of the defendants at the motion-to-dismiss stage may have been different, as the shareholder plaintiffs’ counsel would have been able to cite the company’s failure to abide by the Disclosure Guidance as being allegedly reckless and actionable. 

 

 

Additional theories of liability against officers and directors, and actions against non-public companies Securities Act violations, as alleged by the Heartland plaintiffs, are by far the most likely to be brought by shareholders alleging cyber-related material non-disclosures. However, plaintiffs who choose not to seek federal class-action status are free to assert claims based on state law theories of fraud, breach of fiduciary duty or negligence. Therefore, directors and officers should be aware that, in addition to Securities Act violations, state law remedies could support other types of action   especially against non-public or closely held companies faced with cyber/privacy liabilities. The DCF Disclosure Guidance further highlights that directors and officers continue to face exposure from the possibility of derivative suits.

 

 

The Disclosure Guidance: practical implications for non-public companies

 

Yes, the Disclosure Guidance only applies to public companies; but that doesn’t mean the recommended best practices do not affect private companies. 

 

 

A prudent public company subject to SEC reporting requirements will require its business partners, suppliers, vendors and others to provide it with parallel disclosures in order to avoid direct (or even vicarious) liability to those with whom it is in privity for those companies’ failings. Privately held entities also have business relationships with public corporations and so may find themselves required to perform the analyses and assessments suggested by the Disclosure Guidance, albeit indirectly, simply to maintain their competitive footing in the market. To illustrate, if you were a business client and your prospective public company associate provided you with all of its cyber-related disclosures, would you not insist upon similar disclosures from potential private company partners — irrespective of whether the Guidance applies to them?

 

 

As a private company submitting a business proposal to a prospective client who asks for such information, would you refuse? Of course not. The only practical solution is to evaluate your own cyber risks and exposures — and be in a position to address them. 

 

 

Why technology and cyber insurance has become a necessity

 

A typical CGL insurance policy defines ‘property damage’ as “physical injury to tangible property, including all resulting loss of use of that property”. Regrettably, many policyholders and brokers incorrectly assume that CGL policies extend to losses involving intangible property such as electronic data. This misconception is partially based on the intuition of policyholders and brokers that traditional policy forms should adapt to protect against evolving risks. While this belief may be understandable, it is not correct.

 

 

Beginning in 2001 (in other words, during the early emergence of electronic commerce), certain CGL policy forms added language that specifically excluded electronic data from their definitions of ‘property damage’. Additionally, professional liability policies often do not include coverage for the results of a cyber intrusion, and often contain exclusions when criminal acts are the cause of the loss. 

 

 

Even though a majority of cyber incidents may not be covered by traditional insurance products, 65 per cent of company respondents in a Carnegie Mellon University study indicated that their boards are not reviewing insurance coverage for cyber-related risks, notwithstanding that 86 per cent of respondents agreed that cyber and information-security risks pose at least a moderate danger to their organisation.

 

 

The study, published in March 2012, further found that boards and senior management are not engaging in key oversight activities such as setting policies and budgets to help protect against breaches and mitigate financial losses. Thus, although many corporate executives may appreciate the risks posed by cyber breaches, most do not follow up by taking steps to ensure that their companies purchase technology and cyber liability insurance. 

 

 

Technology insurance is analogous to traditional ‘tangible property’ insurance. It typically covers first-party loss such as business-interruption expense as well as the costs of a forensic expert, who would be retained to identify the cause of the technology breach, and other necessary expert consultants. In turn, cyber liability insurance provides third-party coverage that is designed to protect a company from legal claims brought by those whose personal information has been compromised.

 

 

Technology and cyber insurance can take many forms, with some insurers adding endorsements to a standard CGL policy that extend the coverage to technology and cyber risks. For example, Insurance Service Office (ISO) endorsements provide first-party coverage for loss of electronic data resulting from physical damage to tangible property. That, however, means companies may not be adequately protected against substantial risks if there is a different cause for the loss. Additionally, endorsements do not cover the crisis-management costs of lawyers, forensic experts, breach-notification letters etc.

 

 

Standalone technology and cyber insurance products are far more comprehensive and, typically, cost-effective. Although they may be marketed under various names, they generally cover similar risks and exposures. Covered losses in the first-party context include ‘data-breach expenses’, ‘cyber extortion’, ‘digital asset loss’ and ‘business-interruption loss’. However, as suggested by its name, first-party cyber insurance does not cover claims brought by third parties. Additionally, few products cover the expenses incurred to correct system problems and prevent future data breaches. 

 

 

In turn, third-party cyber insurance often fills in these gaps and may be referred to as ‘privacy liability insurance’, ‘network security liability insurance’ or ‘internet media liability insurance’. Despite the differing labels, each provides similar cover for third-party liability after a data breach, namely: ‘crisis-management expenses’, including notification costs, fraud monitoring, forensic investigations, public relations consultants and the costs of pursuing third parties responsible for the breach, ‘liability expenses’, including the costs of defending and settling lawsuits, and ‘regulatory expenses’, including the cost of compliance with SEC regulations.

 

 

Regardless of what form of insurance is purchased, companies and their insurance professionals must ensure that their policies are tailored to their own unique needs.

 

 

Why directors and officers’ insurance should supplement cyber insurance

 

In addition to purchasing tech/cyber insurance covering first-party and third-party exposure, both public and private companies should ensure that their D&O liability policies respond to cyber-related claims based on allegations of securities fraud, breach of fiduciary duty and alternative theories of liability. 

 

 

In the event of a data breach or a catastrophic first-party loss, it would not be surprising for shareholders’ counsel to file securities fraud and/or derivative suits against a company’s directors and officers alleging failure to properly disclose and manage risks and/or breach of fiduciary duty. Given the defence costs associated with such suits, even in the absence of liability exposure, it is essential to have a D&O policy that complements a cyber insurance policy. In this respect, a specialist insurance broker is not just helpful, it is a necessity.

 

 

Methods of preventing data breaches, and strategies in the event of an intrusion  

 

Ultimately, the responsibility for preventing cyber breaches falls on each individual company whose reputation is on the line. While government regulation may have advanced in addressing the problem of data breaches, it has been estimated that 85 to 90 per cent of a company’s assets are maintained on an electronic platform and susceptible to a tech/cyber crisis — and regulations alone cannot protect them. In some cases, they may be self-defeating, as the cost of regulatory compliance can consume much of a company’s ‘security’ budget. 

 

 

Of course, it is far less costly, from both a financial and reputational point of view, to prevent a cyber breach than to attempt after-the-fact mitigation of its negative effects.. This point is made clear by the 2012 ‘Data Protection & Breach Readiness Guide’, published by the Online Trust Alliance (OTA). The report advocates several ‘security best practices’ that could significantly reduce the likelihood of a tech/cyber loss. While the OTA provides 19 guidelines on ‘data governance and loss prevention’, four in particular bear mention. 

 

 

First, according to the OTA, companies should engage in data classification according to the level of the data’s sensitivity and tailor their software protection schemes accordingly. Next, the OTA advises that data minimisation can prevent a breach, as hackers cannot obtain information that is not kept on a system. Companies should review any sensitive information on their system and eliminate non-essential data that poses an unnecessary risk of data breach.

 

 

Third, companies should destroy data that is no longer in use. And fourth, the OTA suggests that companies provide employee awareness and readiness training to ensure that staff understand company policies on data collection and retention, and data-loss reporting procedures. 

 

 

In addition to taking steps to prevent an incident, organizations need to be ready to identify and deal with the results of any breach. They should have in place a data response team trained to respond to a breach in a co-ordinated and prompt fashion. This trained response team should include representatives from key groups within the company, including legal, information technology, information security, human resources, public relations and customer service. The data response team should have broad decision-making authority and be available 24/7. The initial goal of the group should be to evaluate systems and create plans and procedures to prevent and, if necessary, manage a tech/cyber incident.

 

 

Additionally, companies should determine the notification requirements that govern their industry. Since many state, federal and foreign regulations require prompt notification, it is important to work out in advance how the relevant individuals should be contacted, as it will significantly improve the company’s ability to mitigate consumer frustration and increase compliance. Should a breach occur, the response team and dedicated employees can move quickly to contain and repair the damage.

 

 

Conclusion

 

Although the DCF says the Disclosure Guidance is ‘advisory,’ it makes it equally clear that cyber-security risks may fall under existing SEC disclosure obligations in certain circumstances. Accordingly, a public company would be ill-advised to disregard the best practices provided by the DCF. 

 

 

The essential message is simple: if companies are aware of material cyber-security risks and/or incidents, and if disclosure of those risks or incidents would be material to investors, a company risks SEC action (not to mention shareholders’ and derivative actions) by failing to publicly disclose this information as part of its routine reporting requirements.    

 

 

Companies also should follow prudent security practices to reduce the likelihood of a data breach, and have a data response team ready to deal with and mitigate potential future damage in the event of a cyber incident. Perhaps most importantly, businesses should ensure that they have virtually seamless insurance coverage to deal with any such events. Just as our economy is evolving, so are the types of insurance available to meet a policyholder’s changing needs. 

 

 

Understanding the components of these new-age policies is critical, and executives should devote the time and resources needed to identify a specialist insurance broker who can assess a company’s vulnerabilities and ensure that it purchases the right products.

 

 

Data is a prized asset that warrants its own specific protection. Now is the time to ensure that your data and corporate executives are properly insured so that, when a cyber incident occurs tomorrow, your company and its directors and officers are not burdened with exorbitant costs and huge, uncovered potential exposures.

 

On Friday September 7, 2012, the University of Michigan Law School dedicated its new South Building, an impressive new facility that beautifully complements the school’s venerable Law Quadrangle (see picture below). U.S. Supreme Court Justice Elena Kagan delivered the keynote address at the dedication ceremony. (I attended the event because it coincided with my 30th law school class reunion.) Prior to the ceremony, Justice Kagan appeared on the stage with Michigan Law School Dean Evan Caminker for a question and answer session. The session is summarized below.

 

Kagan has been serving on the Court since August 2010, after a relatively short stint as Solicitor General. She previously served as Dean of Harvard Law School, following her service in various positions in the Clinton White House. She began her academic career at the University of Chicago Law School, after her judicial clerkship with U.S. Supreme Court Justice Thurgood Marshall.

 

Several of the initial questions for Justice Kagan concerned the way the Court has changed since her days as a judicial clerk. She noted that the Court is a “slow-moving institution’ Information technology “has not reached the Court,” and the justices still communicate with each other using written memoranda. The practices have not changed with technology because overall the Court “works well as an institution” and it has developed practices that “allow us to do our job.”

 

Justice Kagan did identify two things about the Court that have changed. First, a Supreme Court bar has developed, consisting of specialized lawyers who “understand what the exercise is all about” and who are “extremely good at it.” It means that the justices “get answers to our questions” and can “engage in the kind of dialog that we all want.” She commented that with the experienced practitioners, “there’s a kind of comfort level” and “informality.” She noted that states “are really getting their act together,” and that the quality of the representation of the states’ interests “has really gone up.”

 

She added that it is” frustrating” when “we don’t get good lawyers.” She noted one particularly area of weakness “on the criminal defense side” She commented that she hoped in the future that the criminal defense bar would do something along the lines of what the states have done.

 

Another thing Justice Kagan said has changed is that Court now has “a more active bench.” She noted that the current practices began with Justice Antonin Scalia who “wanted to try to make the hour more useful.” All of the more recent appointees, she observed, are more active questioners than the justices they replaced, noting as an example that she asks more questions than did Justice Stevens (whose place she took on the Court). She did allow, with respect to the justices’ questions, that it may be getting “into the place where” the level of questioning “is too much.” She said that Chief Justice Roberts is an effective “traffic cop,” but she wonders whether “he should have to do that,” adding that perhaps “we should step it back a little.”

 

She did say that the oral arguments do matter. She said that the briefs are more important, but that the arguments “can make a difference—both ways, you can sway or you can lose a case.” The lawyers know the crux of the case, and “when you hear them say it,” the justices ask themselves – particularly in cases where they are not yet sure where they stand – “how does that sound to me?” She added that oral argument can make a difference even sometimes in cases where going into the argument "you think you have it figured out.”

 

Another difference at the Court that she noted comparing to what she observed as a law clerk is that there are differences in the amount of communication around the Court. Her observation is that the level of communication between the justices outside of the conference has changed. She added that she has noted that even in the conference, there is a great deal of “back and forth,” particularly when they justices have not “yet arrived at a theory that can get five votes.” She added the observation that “it is a great court full of thoughtful and smart people.”

 

In response to a question, she commented on the role of the judicial clerks. She said that they “do what they ought to be doing.” They “are not deciding cases,” adding that the “notion” that has been advanced in certain parts of the popular press that judicial clerks get involved in deciding cases is “an unfounded idea.” She said one very important role that the clerks play is helping to winnow the thousands of petitions the court receive, adding that the clerks “principal role” is helping to “figure out what cases to take.” The clerks sort through the 10,000 petitions to “identify “the 200 to 300 cases worth looking at.” She added that they do “an extremely good job” at that.

 

She took pains to emphasize that she writes her own opinions, and while she asks her clerks to draft position statements, she warns her clerks that “if you see a single sentence you wrote in the Supreme Court Reporter, that will be a big day in your life.”

 

She did acknowledge that it does have an effect when the Court takes up a high profile case. She noted that it is “hard not to be aware there’s a lot of scrutiny.” She said that she “doesn’t think it affects the way we go about our work and they way we do our function.” Those who believe that the things they are saying “have some effect” on the Court “would be disappointed.” Even if there is “political controversy,” it “does not affect our consideration of the cases.” She felt that in a democracy, people “should be free to criticize the Court” but the Court “shouldn’t be pressured to do things,” and she is “100% certain we are not pressured.”

 

A student questioner raised the concern that recent polls had shown that the public respect for the Court as an institution has declined and that there are increasing concerns that the Court is deciding cases with decision splits determined according to the party of the Presidents that appointed the various justices. The student asked what the Court could do to eliminate these perceptions.

 

Justice Kagan responded (noting, after a lengthy pause, that it was a “very serious question”) that she is aware of the polls. She commented that in general people’s “trust in all institutions has declined,” so the decline in the public respect for the Court may “not have anything to do with what the Court has done.” She did say that she “wouldn’t want to discount the feeling that the Court has become divided politically.” She added that “it is really bad thing if the public thinks” cases are being decided on a political basis, and that it is “worth thinking about why this is and what can be done.”

 

One reason for this public view may be the number of 5-4 decisions. The cases that are decided by a 5-4 vote only represent about ten out of the 80 cases decided in a term, but some of these are “important cases.” The concerns can arise when there is perception that the votes are “consonant” with “who has nominated the justices,” something that “has not been the case historically.” She stressed that “there is not … a single vote that is made because of whether I like the President or not, or because I do or do not want to help one party or another.” She acknowledged that given the various justices’ different backgrounds and points of view, “we approach cases in different way” adding that “we may have different views on how we regard precedents.” It would be, she allowed, better “if there were fewer of these [5-4] decisions.” But as “each case comes along, you have to decide it, you can’t decide it in a way to avoid these kinds of splits.”

 

She noted that many people believe that the Court is polarized, often because of colloquy or commentary that may appear in published opinions. She said that one justice advised her that “if you take those things personally, you are going to have a long life tenure.” She understands that some people may read statements in some opinions and think “they must hate each other.” She said that, to the contrary, “we like each other a lot,” that the Court is “quite collegial,” that all of her colleagues are “quite warm.” The disagreement that occurs is “part of the job,” and she believes that all of the justices “are operating in good faith.” Besides, she noted, “life tenure is long” and it “would not be pleasant or useful to hold big grudges.”

 

Justice Kagan noted, in response to a question, that there are now three female justices and that it “would be even better if there were five” (a comment that drew audience applause). She said, however, that it makes “precious little difference in what happens in the conference room.” The value she sees from the presences of women on the Court is that it “changes how the Court looks to the outside world.”

 

When asked her views about the possibility of cameras in the Supreme Court’s courtroom she said that before she went on the Court she would have said, “Sure, why not?” She believes that “transparency is good.” However, now that she is on the Court, she wonders whether the presence of the cameras might “make me think about how I ask a question.” She also noted that following the oral arguments in the health care case, the Court issued audio tapes of the arguments, and almost immediately parts of the arguments were made into political advertisements. She worries that if there were video of the arguments, there would be much greater use of that type. She is “hopeful” that other courts will experiment to see what works best, but “wouldn’t volunteer the Court to be the first.”

 

She did have some interesting comments on her role as the most junior member of the Court. Because she has the shortest tenure on the bench, she does have certain duties. One is that she must answer the door if someone knocks while the justices are meeting in conference, and she is also responsible for taking notes in conference (two duties that she notes have a certain incompatibility). She added that she also serves on the Court’s cafeteria committee, where one of her greatest accomplishments has been to arrange to have a frozen yogurt machine installed in the cafeteria. (This statement drew applause from the audience, with respect to which Justice Kagan noted that “That was the reaction of the Court staff as well.”)

 

The New South Building at the University of Michigan Law School::

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The Pre-Game Ceremony from the Michigan-Air Force Football Game: You have to watch this short but totally awesome video tape of an event that occured during the pre-game ceremony at the Michigan-Air Force Football Game on Saturday. The event was even more awesome live because it was completely unexpected;there was absolutely no warning of what was about to happen.

Many of the toxic mortgage-backed securities that were a key part of the subprime mortgage meltdown were sold in multiple separate offerings based on the same shelf registration statement but separate prospectuses. Each separate offering included multiple securities at varying tranches of seniority and subordination. In the litigation following the subprime meltdown, defendants in suits bought by mortgage-backed securities investors have had considerable success in arguing that the claimants have standing only to assert claims only with respect to the specific offerings and tranches in which the claimant had invested, and lacked standing to assert class claims on behalf of investors who purchased securities in other offerings and tranches.

 

The plaintiffs may now have a potent tool to try to fight these standing arguments. In a September 6, 2012 opinion (here), the Second Circuit ruled  — in a case involving mortgage-backed securities issued by a unit of Goldman Sachs — that the investor plaintiff had standing to assert claims relating not only to the specific offerings in which the plaintiff invested but also the claims of investors in other related offerings, to the extent that the securities in the other offerings were backed by mortgages originated by the same lenders that originated the mortgages backing the plaintiff’s securities. The Second Circuit also rejected the argument that the plaintiff lacked standing to assert claims on behalf of investors in  the different tranches. Finally, the Second Circuit also held the plaintiff need not plead an out-of-pocket loss in order to allege a cognizable diminution in the value of an illiquid security under Section 11.

 

Background

During the period of 2006 to 2007, a unit of Goldman Sachs sold mortgage-backed certificates in 17 separate offerings, using a single shelf registration statement and a separate prospectus for each of the offerings. Each offering included securities at varying tranches of seniority or subordination. The mortgages backing the offerings had been originated by different mortgage originators. For example, mortgage issued by National City Mortgage Corp. backed six of the seventeen offerings, and Countrywide originated mortgages backed five of the offerings and so on.

 

The plaintiff had purchased securities in two of the offerings. As the mortgage meltdown unfolded all of the securities were downgraded. Believing that the securities were now worth substantially less than their cost, and believing that they had been misled about the mortgage origination practices of the mortgage originators, the plaintiff filed an action against the Goldman Sachs entities asserting claims on behalf of investors who purchased securities in all 17 offerings.

 

The district court ruled that the plaintiff had standing to assert claims only on behalf of investors i n the offerings and tranches in which the plaintiff had invested, but lacked standing to represent investors who purchased shares in the other offerings and tranches. As discussed here, the district court also held that because the plaintiff had not alleged that they had failed to receive payments due under the certificates, they had failed to allege injuries cognizable under the federal securities laws. The district court dismissed the plaintiff’s case. The plaintiff appealed to the Second Circuit.

 

The September 6 Opinion

In an opinion written by Judge Barrington Parker on behalf of a three-judge panel, the Second Circuit held that the plaintiff has class standing to assert claims of purchasers of securities backed by mortgages originated by the same lenders that originated the mortgages backing the plaintiff’s securities.

 In reaching this conclusion, the Second Circuit relied on the U.S. Supreme Court’s opinion in Gratz v. Bollingerin whcih the Supreme Court held in a case involving the University of Michigan’s admission practices that a claimant could represent a class of plaintiffs where the claimant’s claims implicate "the same set of concerns" rather than a "significantly different set of concerns." ,

 

The Second Circuit said that in a securities case where the alleged misrepresentation involved the mortgage lenders’ origination practices, the plaintiff had standing to represent a class of investors in the offerings in which the same mortgage lenders were involved, because the plaintiffs’ claims and the other investors’ claims implicate the “same set of concerns.” The purchasers of securities backed by mortgages originated by different mortgage originators were “different in character and origin” and so the plaintiff did not have class standing to represent those investors. As a result the Court concluded that the plaintiff had standing to represent investors in seven out of the 17 offerings.

 

The Second Circuit also rejected the defendants’ argument that the plaintiff lacked class standing to represent investors in different tranches. The Court said that it did not believe that the “varying levels of payment priority raise such a ‘fundamentally different set of concerns’ as to defeat class standing.”

 

Finally, the Second Circuit concluded that the plaintiffs had “plausibly pled a cognizable injury – a decline in value” as a result of the securities credit downgrade, which exposed the plaintiff to much more risk concerning future payments of interest and principle. The Court specifically rejected the defendants arguments that the plaintiff had suffered no loss because it had not alleged that there had been any missed payments under the securities, and also rejected the defendants argument that the plaintiff had not sufficiently alleged injury because the plaintiff had not sufficiently alleged the existence of secondary market for the securities. The Court said that the district court had “conflated the price of a security and its ‘value,” adding that the absence of an actual market price for a security at the time of the suit “does not defeat an investor’s plausible claim of injury.”

 

Discussion

The Second Circuit’s decision in this case not only represents a substantial victory for this plaintiff, but also for the plaintiffs in all of the cases involving mortgage-backed securities where the plaintiffs seek to represent a class of investors who purchased securities in multiple offerings. The Second Circuit made it clear that the mere fact that the plaintiff did not purchase securities in another related offering is not determinative of whether or not the plaintiff has class standing to represent investors in the other offerings. The Second Circuit also made it clear that the plaintiff has class standing to represent investors in other tranches as well.

 

Plaintiffs in the other cases will undoubtedly be studying this opinion closely and will try to use it to support their claims to represent a larger class of investors. However, this opinion is not going to help all plaintiffs, at least not in the same way. The Second Circuit did not conclude that the plaintiff here had standing to represent investors in all of the 17 offerings, but only in those offerings that involve “the same set of concerns.” The plaintiff lacked class standing to represent investors whose claims represent a fundamentally different set of concerns

 

In other works, the extent of a plaintiff’s standing to represent investors who purchased securities in multiple mortgage-backed securities offerings will depend on a complex interaction between the specifics of the misrepresentation that plaintiff is alleging and the relation of the misrepresentation to the various offerings.

 

This requirement to determine whether or not the other offerings implicate the “same set of concerns” as presented in the plaintiff’s claim will be more helpful to some plaintiffs than others. But at least they will not categorically barred from representing investors who purchased securities in other offerings. And they will not be barred from representing investors who purchased securities in other tranches as well.

 

The Second Circuit’s holding on the cognizable injury issue is also significant. From the early stages of the subprime litigation wave, commentators had been suggesting that the “paper losses” of the plaintiffs in the mortgage-backed securities cases did not represent the type of injury for which the protections of the federal securities laws were designed. The district court’s dismissal of the plaintiffs’ case for failure to plead a sufficiently cognizable injury seemed to be a significant affirmation of this argument. However, the Second Circuit seems to have clearly rejected this approach, and may in fact remove a significant potential pleading obstacle for the plaintiffs in these mortgage-backed securities cases.

 

I have updated my running tally of subprime and credit crisis securities lawsuit dismissal motion ruling to reflect the Second Circuit’s ruling. The tally can be accessed here.

 

David Bario’s September 6, 2012 Am Law Litigation Daily Article about the Second Circuit’s opinion can be found here.

 

Very special thanks to a loyal reader for sending me a copy of the Second Circuit’s opinion.

 

Every fall since I first started writing this blog, I have assembled a list of the current hot topics in the world of directors’ and officers’ liability. This year’s list is set out below. As should be obvious, there is a lot going on right now in the world of D&O, with further changes just over the horizon. The year ahead could be very interesting and eventful. Here is what to watch now in the world of D&O:

 

How Significant Will the Libor Scandal-Related Litigation Be?: The Libor scandal itself first began to unfold more than four years ago, following a series of articles in the Wall Street Journal. But with the dramatic announcements in late June of the imposition of fines and penalties of over $450 million against Barclays PLC, the scandal has shifted into a higher gear and has become one of the leading stories in financial papers around the world. At this point, it is apparent that the Libor scandal is going to be one of the hot topics for months and perhaps years to come. An overview of the scandal and of the key developments in recent months can be found here.

 

As is often the case when scandal breaks, the investigative and regulatory developments have been followed by litigation. As discussed here, some of the litigation began to emerge over a year ago, but with the Barclays regulatory settlements, there has been a raft of more recent litigation. Many of the lawsuits have raised antitrust allegations, but at least one of the recent lawsuits – one brought by Barclays shareholders – involves claims under the federal securities laws.

 

It does seem probable that by the time this scandal plays itself out, there will be many more regulatory settlements, some of which might make the Barclays settlements look like pocket change. A related question is whether the banks’ civil litigation exposures are going to be similarly enormous. It is clearly far too early to know for sure. But there are a number of factors that should be kept in mind on the question of what the Libor-scandal litigation might mean for the D&O insurance industry.

 

First, many of the undoubtedly huge costs that are looming likely will not represent insured amounts. The regulatory fines and penalties will not be insured. The company investigative costs also are likely not covered. In addition, most of the antitrust litigation filed to date has named only corporate defendants. Under the typical D&O insurance policy, the companies themselves are only insured for securities claims. So the antitrust litigation, for example, would likely not be covered under the typical D&O insurance policy.

 

In addition, many of these large banks do not carry traditional D&O insurance or may only have restricted insurance. In some instances, the banks’ insurance may include a substantial coinsurance percentage or a massive self-insured retention. Other banks may only carry so-called Side A only insurance, which covers individual directors and officers only and is only available when the corporate entity is unable to indemnify the individuals due to insolvency or legal prohibition. Given that none of the potentially involved banks have failed, it seems unlikely that this Side A only coverage would be triggered.

 

In the end, while the Libor scandal related follow-on litigation could be massive, the Libor scandal may not prove to be a significant event for the D&O insurance industry. Of course, developments could prove this analysis wrong. The plaintiff lawyers may come up with creative ways to expand the universe of defendants, or claimants may meet with unexpected success in asserting claims outside the U.S. If these kinds of things were to happen, then the Libor scandal could prove to be a more serious event for the D&O insurance industry. But as things stand, it does not appear that this scandal is, by itself, going to change the market.

 

What Will the Impact of the JOBS Act Be?: On April 5, 2012, President Obama signed into law the Jumpstart Our Business Startups Act (commonly referred to as the JOBS Act). As discussed at greater length here, the JOBS Act contains a number of IPO “on ramp” procedures designed to ease the process and burdens of the “going public process” for Emerging Growth Companies (EGCs). For example, EGCs can elect to submit their IPO registration statement for SEC review on a confidential, nonpublic basis, although the registration statement must be publicly filed at least 21 days before the IPO roadshow. Among the other features of Act that has attracted the most attention are the legislation’s provisions for “crowdfunding.” Under these provisions, a company is permitted to raise up to $1 million during any 12-month period through an SEC-registered crowdfunding portal

 

It was hoped that the legislation would encourage EGCs and facilitate job creation. However, as discussed in Jason Zweig’s August 4, 2012 Wall Street Journal article entitled “When Laws Twist Markets” (here), at least so far the one thing the Act seems to have produced is “unintended consequences.”

 

By way of illustration, Zweig cites as an example of one company trying to take advantage of the JOBS Act’s streamlined IPO procedures and reduced reporting requirements the 132 year-old British football club, Manchester United. Zweig also refers to “blind pools” and “blank check” investment funds that are angling to take advantage of the JOBS Act’s provisions. Neither type of company is likely to contribute to job creation in the United States. Zweig also reports that at least seven Chinese companies are converting to JOBS Act reporting provisions, in order to be able to reduce the disclosures they are required to file; as Zweig points out, this is “no trivial matter since several other Chinese-based companies have recently been accused by U.S. regulators of filing misleading financial statements.”

 

The Act’s reduced reporting requirements are also producing some unintended consequences.  A number of commentators have noted that while these JOBS Act provisions may serve the laudable goal of easing the IPO process, these provision also introduce risks for investors. Nor are these remarks just coming from sideline commentators. Many of the most specific warnings are coming from the companies themselves.

 

In her May 15, 2012 CFO.com article entitled “A New Risk Factor: The JOBS Act” (here), Sarah Johnson reports that for many of the companies taking advantage of the JOBS Act IPO on-ramp provisions, the fact that the companies are relying in the JOBS Act “is itself a risk factor.” Her article notes that recently a number of companies “have warned investors in their prospectuses filed with the Securities and Exchange Commission that the JOBS Act’s breaks on SEC rules could actually be a turnoff.” By way of example, she quotes Cimarron Software’s recently filed S-1, in which the company states that “we cannot be certain if the reduced disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.”

 

A common assumption about the new crowdfunding procedure is that it will be most beneficial to start-up companies. But at least according to a May 9, 2012 CFO.com article (here), due to the procedural burdens and costs associated with the JOBS Act’s crowdfunding provisions, crowdfunding is unlikely to be an attractive alternative for start-up companies.

 

According to the article, the crowdfunding provisions in the JOBS Act may be “too complex and onerous” and “not very cost-effective”   for an early-stage company. Among other things, entrepreneurs launching a new venture “may lack the financial acumen and robust business plans they’ll need to comply with the JOBS Act” and they also “may not have the cash to hire the accountants and lawyers they will need to navigate the law.”  In addition, as discussed here, many commentators are concerned that the potential for fraud on the crowd may outweigh the promise of new financing for legitimate startups. Among other reasons for these concerns is that with crowdfunding, “the risk of fraud increases because the pool of investors includes those who have no personal relationship with the business owner and who may be geographically remote from and thus unable to oversee the business itself.

 

From the perspective of the directors and officers of companies seeking to raise capital through crowdfunding, it is important to note that the crowdfunding activity entails its own liability exposures. The JOBS Act expressly incorporates provisions imposing liability on crowdfunding issuers for misrepresentations and omissions in the offerings, on terms similar to the existing provisions of Section 12 of the Securities Act of 1933. Under these provisions, a person who purchases securities issued under the crowdfunding exemption may bring an action based on any material misrepresentation or omission against the issuer, directors and executives for a full refund or damages.

 

It is also worth noteworthy that these crowdfunding provisions may blur the clarity of the division between private and public companies. The crowdfunding provisions seem to expressly contemplate that a private company would be able to engage in crowdfunding financing activities without assuming public company reporting obligations. Yet at the same time, that same private company will be required to make certain disclosure filings with the SEC in connection with the offering and could potentially incur liability under Section 302(c) of the JOBS Act

 

Private companies interested in taking advantage of the crowdfunding provisions once they become effective will want to review their D&O insurance policies’ public offering exclusions to determine whether or not these exclusions would preclude coverage for a crowdfunding liability action under Section 302(c) of the Jobs Act. The wordings of this exclusion vary widely among different policies, and some wordings could be sufficiently broad to preclude coverage.

 

Going forward, however, carriers may seek to adjust the wordings of these exclusions or other policy provisions in light of the crowdfunding liability exposure. Some carriers may try to take the position that crowdfunding liability is a kind of risk that they did not intend to cover in a private company D&O insurance policy. Indeed, some private company D&O Insurers have already introduced “Crowdfunding” endorsements designed to narrow or eliminate the carriers’ potential exposure to liability incurred in connection with crowdfunding activities.

 

As was the case with the Sarbanes-Oxley Act and the Dodd-Frank Act, the D&O insurance industry may face a long period where it must assess the impact of changes introduced by this broad, new legislation. It may be some time before all of the Act’s implications and ramifications can be identified and understood. It will be important for companies and their advisors to monitor these developments as they unfold

 

What Will Happen to the Pace of Banking Closures and FDIC Failed Bank Litigation Filings?: The pace of bank failures has slowed considerably during 2012. Year to date through August 31, 2012, there have been a total of 40 bank closures, compared to 74 during the period January 1, 2011 through August 31, 2011. Since January 1, 2008, 454 banks have failed, but during the month of August 2012 only a single bank failed. In addition, the number of banks the FDIC has ranked as problem institutions has also declined for five consecutive quarters.

 

But though both the number of bank failures and the number of problem institutions are declining, the FDIC’s most recent Quarterly Banking Profile shows that the FDIC still ranks over ten percent of the nation’s depository institutions as problem institutions. In other words, though the pace of bank failures may have slowed, there may be much further to go before the current banking crisis is completely behind us. 

 

As was the case during the S&L crisis two decades ago, the current wave of bank failures has also led to an influx of lawsuits brought by the FDIC, as receiver for the failed banks, against the banks’ former directors and officers. Through August 31, 2012, the FDIC had filed a total of 32 failed bank lawsuits, including 14 so far during 2012. The pace of the FDIC’s lawsuits filings has slowed considerably as the year has progressed. During the first four months of the year, the FDIC filed eleven lawsuits. However, between April 20, 2012 and August 31, 2012, the FDIC filed only three additional lawsuits. Indeed, since mid-July, the FDIC has not filed any additional failed bank lawsuits.

 

This apparent lull in lawsuit filings is surprising, for a couple of reasons. First, during the equivalent period three years prior to the apparent filing lull, there were a host of bank closures, over 50 in all. In light of the three year statute of limitations, one would have expected the last few months to have been a period of heightened filing activity.

 

The filing lull is even more surprising given that the FDIC itself has indicated that it has approved many more lawsuits than have actually been filed so far. As of August 14, 2012, the last date on which the FDIC updated its website, the agency indicated that his has now authorized suits involving 73 failed institutions; against 617 individuals for D&O liability. So far the agency has filed 32 suits involving 31 failed institutions, involving 268 individuals.

 

In view of the substantial gap between the number of authorized lawsuits and the number filed so far, it seems likely that the pace of failed bank lawsuit filings will pick back up at some point. But given the current lull, it does start to seem that perhaps there will not be as much overall failed bank litigation as had originally seemed likely. Even just a short time ago, some commentators had been predicting there might be a total of 86 FDIC lawsuits against the directors and officers of failed banks as part of the current bank failure wave. The final number may prove to be lower than projected.

 

Now That the First Dodd-Frank Whistleblower Bounty Has Been Paid, Will We See More Enforcement Actions and Follow-On Civil Litigation Based on Whistleblower Report?: When the whistleblower bounty provisions in the Dodd-Frank Act were enacted, there were concerns that the provisions – allowing whistleblowers an award between 10% and 30% of the money collected when information provided by the whistleblower leads to an SEC enforcement action in which more than $1 million in sanctions is ordered – would encourage a flood of reports from would be whistleblowers who hope to cash in on the potentially rich rewards.

 

We may now be closer to finding out whether or not these concerns were valid. As reflected in the SEC’s August 21, 2012 press release (here), the agency has now made its first whistleblower award for the relatively modest amount of $50,000. According to the press release, “the award represents 30 percent of the amount collected in an SEC enforcement action against the perpetrators of the scheme, the maximum percentage payout allowed by the whistleblower law.”

 

The press release also explains that the whistleblower’s assistance led to a court ordering more than $1 million in sanctions, of which approximately $150,000 has been collected thus far. The court is considering whether to issue a final judgment against other defendants in the matter. Any increase in the sanctions ordered and collected will increase payments to the whistleblower.

 

The recent award may be the first under the bounty program, but it is clear that there will be many more to come. The SEC’s August 21 press release quotes SEC Chairman Mary Schapiro as saying that “The whistleblower program is already becoming a success. We’re seeing high-quality tips that are saving our investigators substantial time and resources.” The press release also quotes the head of the SEC’s whistleblower office as saying that since the program was established in August 2011, about eight tips a day are flowing into the SEC, adding that “the fact that we made the first payment after just one year of operation shows that we are open for business and ready to pay people who bring us good, timely information.”

 

It seems obvious that whistleblowers, motivated by the bounty program, are coming forward to report securities law violations. It also seems probable that some (perhaps many) of the situations reported would not otherwise come to the attention of the SEC, and that with these reports the pace of enforcement activity will increase.

 

These developments have companies worried. As discussed in an August 29, 2012 CFO.com article (here), some companies are worried that because of the lure of the bounty award, company employees will bypass internal reporting mechanisms and go straight to the SEC. And not only is it a concern that more companies could find themselves having to deal with SEC enforcement activity, it is entirely possible that the enforcement activity will in turn lead to follow-on litigation in the form of shareholder derivative suits, and even in some cases increased securities class action litigation.

 

It is far too early to tell whether and to what extent any of these concerns actually will come to pass, especially since there has still only been just one whistleblower bounty award. Nevertheless, there definitely so seem to be reasons for companies to be concerned.

 

Will Congress Take Steps to Increase Corporate Officials’ Liability Exposures and Narrow Their Protection?: As if it were not enough that through the Dodd-Frank whistleblower provisions that Congress has enacted provisions to increase the likelihood of SEC enforcement action, a bill now pending in Congress could increase the size of the penalties the SEC can impose.

 

As discussed in greater detail here, on July 23, 2012, Democratic Rhode Island Senator Jack Reed and Republican Senator Charles Grassley introduced a bill titled The Stronger Enforcement of Civil Penalties Act of 2012 to increase the SEC’s civil monetary penalties authority and to directly link the size of those penalties to the scope of the harm and investor losses. The Senators’ joint July 23, 2012 press release about the Bill can be found here. The Bill has been referred to the Senate Committee on Banking, Housing, and Urban Affairs.

 

The Bill proposes to update the maximum money penalties the SEC can obtain from both individuals and from entities, and further provides that the penalties may be obtained both in enforcement actions filed in federal court and in the agency’s own administrative actions (currently the SEC must file a civil enforcement action in order to seek penalties).

 

The increased penalties proposed by the new Bill are scaled to the seriousness of the offense. For the most serious offenses (specified as the third tier violations involving fraud, deceit or manipulation) the per violation penalty for individuals may not exceed the greater of $1 million; three times the gross pecuniary gain; or the losses incurred by victims that result from the violation. The maximum per violation penalty the SEC can seek from entities is limited to the greater of $10 million; three times the gross pecuniary gain; or the losses incurred by victims.

 

For less serious violations, the maximum amount the SEC may seek is correspondingly lower. For individuals, the per violation penalty may not exceed the greater of $100,000 or the gross pecuniary gain as a result of the violation. The equivalent per violation limit for entities is the greater of $500,000 or the amount of the pecuniary gain. The maximum per violation penalty amount for violations not involving fraud or deceit is the greater of $10,000 for individuals or the amount of the pecuniary gain, and for entities, the greater of $100,000 of the amount of the pecuniary gain

 

The bill was submitted at the request of SEC Chairman Shapiro, enjoys bipartisan support, and represents policies that President Obama has advocated, so it seems likely to pass into law. The practical implication seems to be not just that the SEC will seek higher penalties, but will seek penalties more often, given the proposed new authority to seek penalties in administrative actions. With greater firepower at its disposal, the SEC may become even more active, and perhaps even more aggressive.

 

In a separate development, on May 30, 2012, Representative Barney Frank introduced a bill entitled the “Executive Compensation Clawback Full Enforcement Act” (here) that by its own terms is designed to “prohibit individuals from insurance against possible losses from having to repay illegally-received compensation or from having to repay civil penalties.” The proposed Act’s appears primarily addressed to the compensation clawback sections in the FDIC’s “orderly liquidation authority” in the Dodd-Frank Act. However, the proposed Act’s separate prohibition of insurance for “civil money penalties” appears to address the long-standing question of insurance for civil money penalties imposed on bank officials by the FDIC. Rep. Frank’s bill is discussed in greater detail here. The bill has been referred to the House Subcommittee on Financial Institutions and Consumer Credit.

 

From news coverage of Rep. Frank’s introduction of the bill, the proposed Act appears to be expressly addressed to certain compensation clawback insurance products that have been introduced into the marketplace. Frank himself is quoted as saying “"the creation of insurance policies to insulate financial executives from claw-backs is one more effort by some in the industry to perpetuate a lack of accountability.”

 

The proposed Act’s provisions also seem expressly designed to address the question of insurance for the FDIC’s imposition of “civil money penalties” against senior officials at depositary institutions. The question of insurability of civil money penalties is a long-standing one. As discussed in a prior guest post on this site, the FDIC has taken the position on an individual institution level basis that insurance protecting individual bank directors and officer from civil money penalties is prohibited. But while there was some discussion of and concern about these issues, the question of insurability of civil money penalties remained an uncertain issue (at least for the banks themselves, if not for the FDIC). However, if Rep. Frank’s bill becomes law, or at least of its provisions prohibiting insurance of civil money penalties becomes law, the question would obviously be resolved.

 

What Will Be the Impact of the Amgen Case, Now Pending Before the U.S. Supreme Court?: Over the course of the past several years, the U.S. Supreme Court has shown an unusual willingness to take up securities cases. During the upcoming term, the Court will once again be considering an important securities case. As discussed here, on June 11, 2012, the Court granted the petition of Amgen for a writ of certiorari in a securities lawsuit pending against the company. As a result, next term the Court will be addressing the question of whether securities plaintiffs must establish in their class certification petition that the alleged misrepresentation on which they rely was material.

 

In the Amgen case, the plaintiff had sued Amgen and certain of its directors and officers seeing damages under the federal securities laws based on alleged misrepresentations about the safety of certain of the company’s products. The plaintiff moved to certify a class of Amgen shareholders. The defendants opposed the motion, arguing that the plaintiff was not entitled to a class-wide presumption of reliance based on the fraud-on-the-market theory, because the plaintiff could not show that the alleged misrepresentations were material. To the contrary, the defendants argued that as a result of analyst reports and public documents, the market was aware of the information that the plaintiff alleged had been concealed. The district court rejected the defendants’ arguments and certified a plaintiff class, rulings that the Ninth Circuit affirmed.

 

Amgen then filed a petition to the Supreme Court for a writ of certiorari. In its petition, a copy of which can be found here, Amgen argued that there is an “irreconcilable conflict” in the federal judicial circuits on the question of whether or not a plaintiff must establish materiality at the class certification stage. According to the cert petition, the Second and Fifth Circuits have held that a plaintiff must prove materiality for class certification and that defendants may present evidence to rebut the applicability of the fraud-on-the-market theory at the class certification. The Seventh and Ninth Circuits, by contrast, hold that district courts are barred from considering materiality at the class certification stage.

 

The Third Circuit, according to the petition, has adopted an “intermediate approach” which holds that a plaintiff does not need to demonstrate materiality as part of an initial showing before class certification, but that defendants may rebut the applicability of the fraud-on-the market theory by disproving the materiality of the alleged misrepresentation.

 

In its cert petition, Amgen stressed the “in terrorem power of certification” in the securities litigation context, which often compels defendants to enter into massive settlements. The presence or absence of this kind of pressure will, Amgen argued, depend on the circuit in which the case was filed. In the Seventh and Ninth Circuits, the company argued, defendants “will frequently be forced by practical realities, to settle cases for enormous sums regardless of whether they have a meritorious materiality defense,” while in the Second and Fifth Circuits, the plaintiffs would have to establish materiality as a precondition to class certification, and in the Third Circuit, the defendants would have the opportunity to rebut any materiality showing.

 

As the Morrison & Foerster firm said in its June 11, 2012 memorandum about the Supreme Court’s cert grant in the Amgen case,

 

A clear answer from the Supreme Court to these questions could have a significant impact on securities litigation. A decision that endorses the Ninth Circuit’s approach could made securities litigation more costly for defendants, particularly in circuits where plaintiffs are presently required to prove materiality at class certification. Conversely, a decision rejecting the Ninth Circuit’s approach could provide defendants an early opportunity to challenge the viability of class action claims.

 

In addition, there is the possibility here that the Supreme Court — rather than narrowly interpreting the existing standard for the applicability of the fraud-on-the-market presumption — does something more radical instead, like entirely redefining whether, when and how the fraud-on-the market presumption might apply. Indeed, this case presents the Court with its first clear chance to revisit the doctrine since it was first articulated nearly a quarter of a century ago.

 

In other words, the Roberts court has once again agreed to hear a case that at least potentially could have an enormous impact on the class action securities litigation exposures of public companies and their directors and officers. The case will be argued and decided during the Supreme Court term commencing in October.

 

How (and When) Will the Long-Running Credit Crisis Litigation Wave Finally Play Out?: The first of the subprime and credit crisis related securities suits was filed in February 2007. Over the course of the following years over 240 credit crisis securities class action lawsuits ultimately were filed, and during the past five years the cases have slowly been making there way through the system.

 

Many cases have been dismissed, and of the cases that have survived dismissal motions many have been settled. The latest case to settle was the high profile Citigroup case, which the parties announced on August 29, 2012 (here) had been settled for $590 million. A number of other cases have settled in recent months, including the Bear Stearns case, which settled earlier this summer for $275 million. My running tally of subprime and credit crisis-related securities suit resolutions, including settlements, can be accessed here.

 

The securities litigation related to the subprime meltdown and credit crisis has not produced any settlements on the scale of the mammoth, multi-billion dollar settlements in the era of corporate scandals a decade ago, but in the aggregate and on average, the credit crisis litigation has produced very significant settlement numbers. With these latest settlements, the aggregate amount of all of the subprime and credit crisis-related lawsuit settlements to date is about $5.5 billion. The average settlement is about $103.8 million, but if the three settlements over $500 million are taken out of the equation, the average drops to about $73.22 million.

 

The pace of settlements in these cases appears to have slowed somewhat during 2012 compared to a year ago. During 2011, 22 of the subprime meltdown and credit crisis securities suits settled, including sixteen between January 1, 2011 and August 31, 2011. However, during the same eight month period during 2012, only eleven cases settled.

 

Though the pace of settlements may have slowed, that does not necessary we are reaching the conclusion of this aggregate litigation event. Many cases continue to work their way through the system, and some of the highest profile cases are yet to be resolved, including the BofA/Merrill Lynch merger case, the AIG case, and the Citigroup bondholders’ case. As these cases and others work themselves out, they will continue to weigh on the results of the affected D&O insurers. It will be some time yet before we can calculate the final tally on the subprime and credit crisis litigation wave.

 

Will the Many Other Scandals Roiling the Financial Industry Lead to Additional Claims?: The Libor-scandal is far from the only financial scandal in which the financial industry had become mired recently. Unfortunately, a host of other scandals involving the industry have also emerged or expanded over the summer. These recent scandals may also lead to claims, and some cases already has.

 

First, there’s the money laundering scandal. In July, the U.S. Senate released a report alleged that over the last decade HSBC failed to implement anti-money-laundering protections and evaded Treasury sanctions against Iran, Myanmar, and others. The Senate report says HSBC facilitated the flow of billions of dollars between Mexico and the U.S. despite warnings drug money was involved, and provided cash to banks with ties to terrorist groups. The report also faulted the government’s Office of the Comptroller of the Currency for taking virtually no action against the bank despite being aware of problems for years. In late July, HSBC said that HSBC said that it had set aside $700 million to cover the potential fines, settlements and other expenses related to the money-laundering inquiry.

 

Second, in early August, the New York Department of Financial Services raised allegations that Standard Chartered had disregarded Treasury sanctions by allowing transactions with Iranian banks worth as much as $250 billion to pass through its New York office and that the bank had deliberately obscured the country of origin. On August 14, 2012, the New York regulator announced that Standard Chartered had agreed to a civil penalty of $340 million to resolve the charges. Investigations into the bank by other authorities including the Department of Justice and the Office of Foreign Assets Control continue. The Standard Chartered settlement followed the June 2012 announcement of the Office of Foreign Assets control that ING had agreed to pay a settlement of $619 million to settle allegations that the company had violated U.S. sanctions.

 

Third, a host of regulators are investigating the losses J.P Morgan suffered as a result of derivatives trades in the company’s London office that went seriously awry. At last report, the company’s losses from the trades (which were known in the financial markets as the “London Whale” trade) be as much as $5.8 billion.

 

Beyond these headline grabbing scandals, there have also been a host of smaller scale scandals involving the financial services industry, including Wells Fargo’s $173 million settlement with the Department of Justice of allegations that the company engaged in discriminatory residential home mortgage lending practices; Capitol One’s $210 million settlement with the Consumer Financial Protection Bureau of  allegations that the credit-card issuer pressured customers into buying consumer-credit-protection products such as identity-theft-monitoring services; and Capitol One’s $12 million settlement with the Department of Justice that the company had violated certain statutory protections for veterans, among other things, through wrongful foreclosures.

 

Indeed, this past summer so many scandals involving the financial services industry that you needed a scorecard just to keep track of them all.

 

Litigation has already followed in the wake of at least some of these scandals. As discussed here, following the initial disclosure of J.P. Morgan’s losses from the London Whale trades, shareholders filed a securities class action lawsuit against the company and certain of its directors and officers, alleging that the company’s statements regarding its trading practices and internal controls were misleading. In addition, following Standard Chartered’s settlement with the New York regulator, families of the victim’s of the 1983 bombing of the Marine barracks in Beirut sued the bank seeking compensation for its concealment of its Iran-linked transactions.

 

Investigations in connection with some of these various scandals are continuing. It remains to be seen whether as further details and developments emerge there will be further follow-on civil litigation. The sheer number of scandals seems to suggest the likelihood that there will be further lawsuits. There certainly does seem to be limit to the capacity of the financial industry to produce scandals.

 

What are the Implications of All of This for the D&O Insurance Marketplace?: After several years in which D&O insurance purchasers have enjoyed declining premiums and expanding coverage, the marketplace seems to have reached an inflection point. At a minimum, almost all of the private company management liability carriers are attempting to increase premium or otherwise add coverage restrictions to their renewals.   Based on current trends, most private company insurance buyers can expect to see increases of from 5% to 10 % (and in some cases, more) at their next renewal, with financially troubled companies and companies with adverse claims histories potentially seeing even larger increases.

 

The public company D&O insurance marketplace has also shifted recently. Economic turmoil and increased governmental regulation and enforcement activity continue to pose a challenging environment for companies and their directors and officers. At the same time, merger objection suits and other negative claims trends have led some carriers to complain of premium inadequacy. Public company D&O carriers in some case are attempting to increase in premium and retention levels. Companies that are likeliest to see upward pressure on their insurance premiums are those that have an adverse claims history or are experiencing financial challenges. Although the carriers for many kinds of companies may be pushing to increase premiums, companies in the following industries are likelier to experience premium pressure: financial services, including commercial banking; extractive natural resources; life sciences; and technology.

 

Some carriers are also attempting to add coverage restrictions, at least in some cases. Among other restrictive provisions that some carriers are seeking in at least some cases are:  separate retentions for mergers and acquisitions activity; separate retentions or other restrictive provisions relating to “crowdfunding”; and in private company management liability policies that have an employment practices coverage section providing sublimited defense cost coverage for wage and hour claims, a reduction in the sublimit.

 

Though the market environment clearly has shifted in recent months, we are not in a true “hard market.” The insurance marketplace continues to be characterized by significant levels of insurance capacity. Given the current high capacity levels, it is possible that competitive forces could undermine many of the market changes noted above. The current, more disciplined underwriting climate could either represent a transition to a sustained period of higher insurance prices and more restrictive terms, or it could merely be a temporary phase before softer market conditions resume. For the present, however, insurance buyers should be prepared for the possibility that they will see premium increases at their next renewal.

 

Labor Day has come and gone. The kids are back in school. The air is cooler and the nights are longer. There’s a definite autumnal feeling in the air. It is time to get back to work. Fortunately, The D&O Diary kept its eye on things over the summer. So if you are feeling the need to get caught up on what happened while you were out, don’t worry, we’ve got you covered. Here is a quick summary of what you missed on The D&O Diary while you were away.

 

Libor Scandal Surges, Litigation Emerges: The unfolding scandal moved into the headlines of business pages around the world in late June after Barclays agreed to over $450 million in regulatory fines and penalties. Inevitably, litigation has followed; indeed, it had begun to accumulate well before the Barclays settlements were announced.  An overview of the scandal itself  can be found here, and the details of the follow-on  litigation can be found here, here and here. Although many of the lawsuits filed so far have been based on antitrust claims, there has been at least one securities class action lawsuit filed as well, involving Barclays and its former CEO and its former Chairman (about which refer here). The scandal clearly has further to run, and there will likely be further litigation as well. As Stanford Law Professor Joe Grundfest put it, “the Libor-litigation industry is clearly a sector to watch for years to come.”

 

Mid-Year Securities Litigation Studies Released: All of the leading statistical services have issued their respective studies of securities class action lawsuit filings for the first six months of 2012. My post about the Cornerstone Research study can be found here; the NERA Economic Consulting study, here; and the Advisen study can be found here. My own analysis of the first half filings can be found here.

 

Key Insurance Coverage Decisions: In a case that addressed one of the perennial D&O insurance coverage issues, on June 27, 2012 Central District of California Judge R. Gary Klausner ruled that subsequent lawsuits related to the collapse of IndyMac bank were interrelated with an earlier suit and therefore there is no coverage under a second tower of D&O insurance for the subsequent claims. A discussion of the case and the interrelatedness issue can be found here.

 

In a different case, on June 29, 2012, the Seventh Circuit, applying Illinois law, held that when the defendants in a lawsuit include both persons who are insureds under the defendant company’s D&O policy and persons are not insureds, the policy’s Insured vs. Insured exclusion does not preclude coverage for the entire lawsuit, but only the portion attributable to the claims brought against the non-insured person defendants. The extent of coverage available when the defendants include both insured persons and non-insureds is to be determined by the policy’s allocation provisions. A discussion of the Seventh Circuit’s opinion can be found here.

 

In the latest of what is now a lengthening line of cases, on June 12, 2012, the New York Supreme Court, Appellate Division, First Department, applying Illinois law, ruled in a coverage case brought by JPMorgan Chase that owing to settlements reached with underlying carriers in a professional liability insurance program, the excess insurers in the program have no payment obligation because conditions precedent to coverage under the excess carriers’ policies had not been met. The New York case and the earlier line of cases are discussed here.

 

And as discussed here, in a decision that gives broad effect to a D&O insurance policy’s contractual liability exclusion, on August 17, 2012, Middle District of Pennsylvania Judge William Nealon granted the insurer’s motion for summary judgment, holding under Pennsylvania law that the insurer had no obligation to defend or indemnify the policyholder for negligent and fraudulent misrepresentation claims in the underlying action.

 

Finally, In an August 21, 2012 opinion, Central District of California Judge James V. Selna, applying California law, rejected the insured’s efforts to have the malpractice insurer’s duty to advance obligations determined under duty to defend principles. The court concluded that the insurer did not have the duty to advance the insured’s defense expenses incurred in a dispute between the insured and his former law firm. Judge Selna’s opinion is discussed here.

 

The FDIC’s Pace of Failed Bank of Lawsuit Filing Slows: As I noted when the FDIC filed two new failed bank lawsuits in mid-July, those two new lawsuits represented the first lawsuits the agency had filed in two months. Although it seemed at the time as if the two new suits might represent an end to the lull, in time following the July filing of the two lawsuits, the FDIC has not filed any further new failed bank lawsuits. Indeed, between April 20, 2012 and today, the FDIC has filed only three lawsuits, after filing eleven in the first four months of the year.

 

This apparent slowdown in FDIC failed bank lawsuit filings during the last four months is all the more surprising given that during the equivalent period three years prior well over 50 banks closed. In addition, according to its website, the agency has authorized so many more lawsuits than it has filed – and it has been increasing the number of authorized lawsuits each month. In the latest update to its website on August 14, 2012, the agency indicated that his has now authorized suits involving 73 failed institutions; against 617 individuals for D&O liability (those figures represented an increase from the prior month’s numbers of with 68 failed institutions against 576 individuals). So far the agency has filed 32 suits involving 31 failed institutions, involving 268 individuals.

 

Courts Wrestle With Business Judgment Rule and the Scope of Potential Failed Bank Director and Officer Liability: When the FDIC has initiated litigation against the former directors and officers of a failed bank, in many instances, the FDIC has included in its complaint a claim against the individual defendants for ordinary negligence. However, in several instances, individual defendants have successfully argued that their conduct is protected by the business judgment rule and accordingly, that they cannot be held liable for ordinary negligence.

 

The most significant holding is the August 14, 2012 decision in the Northern District of Georgia in the Haven Trust case, in which Judge Steve C. Jones dismissed the claims against both the director and officer defendants, because of his determination that under Georgia law the directors’ and officers’ conduct is protected by the business judgment rule. The Haven Trust case is discussed here. Earlier in August, a judge in the Middle District of Florida, ruled in the FDIC’s failed bank lawsuit relating to the failed Florida Community Bank of Immokalee, Florida, that under Florida law directors cannot be held liable for ordinary negligence, as discussed here. The ruling in that case did not reach the question of whether or not officers can be held liable for ordinary negligence under Florida law.

 

However, as California attorney Jon Joseph wrote in his April 11, 2012 guest post on this blog (here), courts applying California law on the issue and considering whether corporate officers as well as directors can rely on the business judgment rule have split on the issue. Most recently, on June 7, 2012, Eastern District of California Judge Lawrence O’Neill held that the defendant officers cannot rely on the statutorily codified business judgment rule under California Corporations Code Section 309, because the statute by its terms refers only to officers not directors Judge O’Neill’s ruling is discussed here (second item).

 

Keynote Addresses at the Stanford Directors’ College: Once again this summer, I participated in the annual Stanford Directors’ College, held at Stanford Law School in Palo Alto, California. Though I was there as a faculty member, I also attended in my capacity as a blogger, and I reported on the keynote address of NASDAQ CEO Robert Greifeld and the keynote addresses of venture capitalists Marc Andreessen and Ben Horowitz here. I separately reported on the keynote addresses of Delaware Chancellor Leo Strine and Netflix CEO Reed Hastings here.

 

Interview with Professional Liability Insurance Industry Leader: On June 21, 2012, I published my interview of my good friend and industry colleague David Bell. David announced earlier this year that he was leaving Bermuda to return to Montana, where he was taking up a position as President and Chief Operating Officer of ALPS Corporation. The interview not only covers David’s reasons for making the move, but also reflects his thoughts about the industry and about life.

 

U.S. Supreme Court Grants Cert in the Amgen Case:  As discussed here, on June 11, 2012, the U.S. Supreme Court agreed to hear an appeal of a securities class action lawsuit in the Amgen v Connecticut Retirement Plans case. The Supreme Court will address a significant split in the Circuits on the question whether securities plaintiffs must establish in their class certification petition that the alleged misrepresentation on which they rely was material.  The case, which will be argued and presumably decided during the upcoming Supreme Court term, may also give the Court the opportunity to take a look at the fraud on the market theory as well.

 

Chinese Cases Face Pleading Obstacles, Settle Modestly: A number of the securities suits filed against U.S.-listed Chinese companies have survived motions to dismiss. First, the Second Circuit revived the suit against China North Petroleum Holdings, which the district court had dismissed. And on August 8, 2012, Southern District of New York Judge Katherine Forrest denied the motion to dismiss the securities class action lawsuit that had been filed against China Automotive Holdings. A copy of Judge Forrest’s opinion can be found here. And as discussed here, on August 24, 2012, Southern District of New York Judge George Daniels denied in part the company’s motion to dismiss in the Duoyuan Global Water and two of its officers.

 

Not all of the suits against the Chinese companies have fared as well. For example, on August 1, 2012, Southern District of Florida Judge Marcia Cook, in the securities class action lawsuit involving Jiangbo Pharmaceuticals, granted the motions to dismiss of the company’s CFO, Elsa Sung, and of its auditor. The dismissals are without prejudice. A copy of her opinion can be found here.  

 

The claimants that have managed to get their suits against U.S.-listed Chinese companies all the way to the settlement stage have found that they often are forced to accept only modest settlements, often because the Chinese companies carry only very modest levels of D&O insurance (about which refer here).

 

Congressional Bill Would Increase SEC’s Penalty Authority: As discussed here, on July 23, 2012, Democratic Rhode Island Senator Jack Reed and Republican Senator Charles Grassley introduced a bill titled The Stronger Enforcement of Civil Penalties Act of 2012 to increase the SEC’s civil monetary penalties authority and to directly link the size of those penalties to the scope of the harm and investor losses. The Senators’ joint July 23, 2012 press release about the Bill can be found here.

 

And Finally: It may be that everyone here at The D&O Diary has attention deficit disorder. From time to time, we do seem to have trouble staying on topic. For example, my reflections on Time and Summer probably distracted me a lot more than anything else I posted this summer. I confess that I like the Time and Summer post (which can be found here) better than anything I have written for this site. Some day I will have the courage to explain why I wrote it, but not yet. If you have not yet read it, please take a moment and at least look at the pictures and read the many readers’ comments. The post’s concluding message seems apt even as summer draws to a close.

 

Anyway, I think my favorite off-topic foray of the summer was when I posted the new Matt is Dancing video. The Where the Hell is Matt 2012 video is embedded below. The video opens with a short commercial (sorry) but stick with it, the video is so much fun. Cue it up and prepare to smile.

 

The parties to the Citigroup subprime-related securities class action lawsuit – one of the highest profile of the remaining subprime cases – have agreed to settle the suit for $590 million, in what is the third largest settlement so far out of the subprime and credit crisis litigation wave. Southern District of New York Judge Sidney Stein preliminarily approved the settlement on August 29, 2012, and scheduled a hearing for final approval on January 13, 2013.

 

A copy of the parties’ stipulation of settlement can be found here. The plaintiffs’ lawyers’ August 29, 2012 press release about the settlement can be found here.

 

The Citigroup case was among the most prominent of the subprime cases because of Citigroup’s role in the mortgage-backed securities industry that contributed so significantly to the subprime meltdown, as well as because of the high-profile individuals involved in the case, including former Citigroup CEO Charles Prince and former Treasury secretary and Citigroup board member Robert Rubin. In addition, Citigroup’s attempt to settle the subprime-related SEC enforcement action for a payment of $285 was famously rejected by Southern District of New York Judge Jed Rakoff, a decision that is now on appeal before the Second Circuit.

 

As discussed in detail here, in a November 9, 2010 Judge Sidney Stein narrowed the shareholders’ action against Citigroup and dismissed a number of the individual defendants. But what Judge Stein called the plaintiffs’ “principal” allegations survived the dismissal motion and remained in the case, as did seven of the individual defendants, including Prince and Rubin. The surviving allegation was the plaintiffs’ claim that Citigroup “did not disclose that it held billions of dollars of super-senior tranche CDOs.”

 

The basic thrust of the plaintiffs’ CDO-related allegations is that though the company disclosed that it was deeply involved in underwriting CDOs, the company did not disclose that billions of dollars of the CDOs had not been purchased at all but instead had been retained by Citigroup. In November 2007, the company disclosed that it was exposed to super-senior CDO tranches in the amount of $43 billion and that it estimated a write down of $8 to $11 billion of those assets. The plaintiff alleged that this disclosure omitted an additional $10.5 billion worth of holdings that the company had hedged in swap transactions. 

 

Judge Stein found that the plaintiffs had adequately alleged that Citigroup’s CDO valuations were false between February 2007 and October 2007. In concluding that these statements were made with scienter, Judge Stein noted that the plaintiffs’ claims "concern a series of statements denying or diminishing Citigroup’s CDO exposure and the risks associated with it." These statements, Judge Stein found were "inconsistent with the actions Citigroup was allegedly undertaking between February 2007 and October 2007."

 

Among the subprime and credit crisis cases that have settled so far, the $590 Citigroup settlement has been exceeded only by the $627 million Wachovia bondholders’ settlement and the $624 million Countrywide settlement. As Jan Wolfe points out in his August 29, 2012 Am Law Litigation Daily article about the Citigroup settlement (here), the $590 settlement in the Citigroup case may represent the largest settlement by a single financial institution.

 

Among the remaining subprime and credit crisis cases, there are several that at least potentially present the possibility of similarly large settlements, including the BofA/Merrill Lynch merger case, the AIG case and the Citigroup bondholders’ case. It remains to be seen how the Citigroup settlement will stack up when all of these cases have settled. But as I had to remind several people in telephone conversations yesterday about the Citigroup settlement, at well over half a billion dollars, the Citigroup settlement is unquestionably represents a big number. Others will have to wrestle with the question whether it is “big enough.”

 

I have in any event added the Citigroup settlement to my running tally of subprime and credit-crisis case resolutions, which can be accessed here.

 

FDIC Releases Quarterly Banking Profile: If you have not yet seen it, on August 28, 2012, the FDIC released the Quarterly Banking Profile for the quarter ending June 30, 2012. In general, the report reflects a generally improving banking industry. Among other things, the report shows that the industry had collective net income of $34.5 billion, a figure that would have been even larger were it not for the J.P. Morgan “London Whale” trading losses. This net income figure represents the 12th consecutive quarter over quarter increase in industry net income.

 

Consistent with this overall picture of improving industry health, the number of problem  banking institutions decreased during the quarter, from 772 to 732. However, because the number of reporting institutions overall also decreased, the number of troubled institutions at quarter’s end still represents a significant percentage (10.1%) of all banks. The number of troubled banks at the end of the first quarter represented 10.5% of all reporting institutions. The second quarter number does represent a significant decline in the number of problem institutions compared to the end of the second quarter of 2011, when there were 865. The FDIC notes that the second quarter 2012 decline in the number of problem institutions represents the fifth consecutive quarterly decline.

 

One interesting additional note in the FDIC’s report is that there were no new bank charters granted in the second quarter of 2012, which represents the fourth consecutive quarter in which there were no new charters. Through closure and merger, and the lack of additions of any new banks, the number of banking institutions is shrinking significantly

 

On August 24, 2012, in a decision involving a U.S.-listed Chinese company that is of particular interest because of the significance the court attached to the discrepancies between financial figures the defendant company reported to the Chinese government and the figures it reported to the SEC, Southern District of New York Judge George Daniels denied in part the motions to dismiss of the company and two of its senior officials. He did grant the dismissal motions of the company’s outside auditor and principal outside investor, as well as the control person allegations against the company’s directors. A copy of Judge Daniels opinion can be found here.

 

Background

Duoyuan Global Water (DGW) listed its American Depositary Shares on the NYSE through a June 24, 2009 IPO. In its initial reports following the IPO, DGW reported positive financial results. The first indication of trouble arose when accounting concerns surfaced concerning a separate but affiliated company Duoyuan Printing (which is itself now the subject of a separate securities suit, refer here). Because of the close relationship between the companies (they operate in the same location, and have the same Chairman, among other things), questions arose about DGW. In September 2010, the board’s audit committee retained Skadden Arps to review DGW’s accounting.

 

In April 2011, an online report critical of DGW appeared on the Muddy Waters research analysis website. Among other things, the report accused DGW of replacing the 2009 report to the Chinese State Administration for Industry and Commerce (SAIC) with a forged version to cover up the fact that revenues had been “astronomically inflated.” That same day the company’s CFO resigned. Shortly thereafter, four members of the board resigned to protest the lack of access that Skadden was being given to company documents. Skadden withdrew its representation as well. As detailed here, securities litigation ensured.

 

The plaintiffs based their allegations that the company’s IPO documents and subsequent filings contained financial misrepresentations were based largely on discrepancies between financial figures that two of DGW’s subsidiaries had reported in China to the SAIC and figures the company reported in its SEC filings. The plaintiffs also alleged other misrepresentations, including alleged misstatements concerning the number DGW’s distributors and the number of its employees. The plaintiffs asserted claims under both Section 11 of the ’33 Act and Section 10(b) of the ’34 Act. The defendants moved to dismiss.

 

The August 24 Opinion

In his August 24 opinion, Judge Daniels granted the plaintiffs’ motions to dismiss as to a number of the alleged misrepresentations on which the plaintiffs sought to rely, including the allegations concerning the number of distributors and the number of employees. He denied the motions of the company and its CEO and CFO to dismiss with respect to plaintiffs’ claims of financial misrepresentation based on the discrepancies between the company’s reports to the SAIC and its reports to the SEC.

 

The defendants had argued that the discrepancy in figures did not mean that the SEC reports were false or misleading, particularly given that the SAIC reports were separately filed by each of two of DGW’s Chinese subsidiaries and the SEC reports were consolidated, and given the difference s between accounting conventions involved in the different reporting protocols.

 

Judge Daniels found that:

 

Although Plaintiffs have not proven that the filings were in fact false, the extreme discrepancies alleged in the financial reports, coupled with the logical inference that can be made regarding these figures, at this stage of the proceedings, sufficiently alleges that the statements made in the SEC filings are false. Defendants merely maintaining that the discrepancies are explainable is an insufficient reason to discredit the [amended complaint]. Assuming that that the SAIC filings are true, the CAC states sufficiently that the SEC filings are false. Based on the fact that DGW had more negative disclosures in China and positive disclosures with the SEC, the reasonable conclusion is that there is a fraudulent motive to overstate the numbers yet no fraudulent motive to understate them.

 

In concluding that the plaintiffs’ allegations in this respect were sufficient not only for purposes of their Section 11 claims but also with regard to their Section 10(b) claims, Judge Daniels further concluded that the plaintiffs had satisfactorily alleged scienter.

 

In reaching this conclusion, he noted that the company’s CEO and CFO respectively “knew or should have known that the U.S. reported revenues, operating income and net income were much greater than those in the SAIC filings.” In response to the defense objection that the plaintiffs’ have not alleged that the CEO and CFO even had access to the SAIC reports that DGW’s Chinese subsidiaries had filed, Judge Daniels noted that the two officers “were CEO and CFO of a multinational corporation, and as such, were required to be aware of the Company’s financials.”

 

Judge Daniels noted further that in addition to the two officials’ “executive positions and the large discrepancy between the SEC and SAIC figures,” he also relied on the Muddy Waters report as evidence of the two officials’ scienter, because statements the two provided were “in complete opposition to the alleged facts that were uncovered about DGW by Muddy Waters.” Judge Daniels did note that the Muddy Waters report, while not dispositive, may be relied on as evidence of the two officials’ scienter.

 

Discussion

Because so many of the suits filed against U.S.-listed Chinese companies involved allegations, like those made here against DGW, of discrepancies between figures reported to the SAIC and to the SEC, Judge Daniels’ opinion potentially could boost the plaintiffs in many of those other cases.

 

On the other hand, other courts have been less willing than Judge Daniels to assume that the discrepancies meant the lower figures were false. For example, as noted here, in November 2011, the court in the China Century Dragon Media securities case granted the defendants motions to dismiss in a case alleging similar discrepancies between SAIC and SEC reports. The court in that case did allow the plaintiffs leave to amend, in part to provide further explanation what the discrepancies meant the SEC filings were false. The court said that though the SAIC numbers and the SEC numbers were different, that is “merely consistent with” the possibility that the SEC figures were false, but “does not suffice to make that claim plausible.”

 

Other courts may be more reluctant that Judge Daniels to conclude, based on individual corporate officers’ positions alone, that the officers were aware of the figures reported in China. Judge Daniels seemed particularly willing to make this assumption, even though the figures were filed by separate Chinese subsidiaries. These assumption would be much more convincing if accompanied by allegations concerning the purpose and significance of SAIC reports, in order to show that they were, for example of equal importance as the SEC reports or otherwise so significant that the two officials would have had to have known of their content.

 

It is also worth noting that it is entirely plausible that, contrary to Judge Daniels assumption, that there might be good reasons to falsify the SAIC reports. Although not many defendants would want to make this argument, it is possible that the SAIC reports were falsified for reasons having to do with the purposes of the SAIC reports – for example if they determine taxes due.

 

Perhaps the most interesting aspect of Judge Daniels opinion is his willingness to rely on the Muddy Waters research report as support for his conclusion that the plaintiffs has sufficiently pled scienter. Many of the other securities suits involving U.S. listed Chinese companies also rely on reports of online research analysts like Muddy Waters – indeed, some of the complaints in these cases consist of little more that a recapitulation of the analysts’ reports. The plaintiffs in those other cases will certainly take heart from Judge Daniels’ reliance on the Muddy Waters report in this way.

 

I must confess that I find Judge Daniels reliance on the Muddy Waters report in this regard troublesome. It is well-known that many of the online research analysts also maintained short positions on the shares of the companies they were analyzing and therefore were financially motivated to drive down the company’s share price. There are certainly plausible inferences that might be drawn about motivations of the analysts, but I am uncomfortable with the notion that content from one of these financially motivated third-party online analysts can serve as a basis to establish the state of mind of officials inside the company.

 

In any event, however, and even though a number of the plaintiffs’ claims and a number of the defendants have been dismissed, the plaintiffs’ case against the company and its two senior executives will be going forward. How the plaintiffs will fare remains to be seen, as they, like other plaintiffs in this case will have to overcome procedural hurdles (refer for example here). As I have previously noted, in other cases involving U.S.-listed Chinese companies that have reached the settlement stage, the settlement amounts have proved to be modest. It remains to be seen if these plaintiffs will be an exception to this pattern.

 

Special thanks to a loyal reader for providing me with a copy of the August 24, 2012 opinion.

 

Delaware Supreme Court Affirms Massive Judgment, Attorneys’ Fees in Southern Peru Case: On August 27, 2012, the Delaware Supreme Court affirmed the more that $2 billion judgment and more than $300 million attorneys’ fee awarded in the Southern Peru case. A copy of the Supreme Court’s opinion can be found here (Hat Tip: Delaware Corporate and Commercial Litigation Blog).

 

As discussed here, the lawsuit relates to Southern Peru’s April 2005 acquisition of Minerva México, a Mexican mining company, from Groupo México, Southern Peru’s controlling shareholder. In October 2011, Chancellor Leo Strine concluded that as a result of a “manifestly unfair transaction,” Southern Peru overpaid for Minerva Mexico. A copy of Chancellor Strine’s 106-page opinion can be found here. Chancellor Strine later adjusted the award applying prejudgment interest and awarded attorneys’ fees. Groupo Mexico appealed.

 

There are a number of very good write-ups about the Delaware Supreme Court’s opinion affirming the lower court ruling, particularly Alison Frankel’s August 27, 2012 post on here On the Case blog (here) and David Bario’s August 27, 2012 Am Law Litigation Daily article (here).

 

There is a host of well established legal principles that govern insurers’ defense obligation under the standard liability insurance policy where the insurer has the duty to defend the insureds. But many professional liability insurance policies are not written on with the duty on the insurer to defend (which is usually described as a “duty to defend” basis). Because many professionals want to control their own defense, liability insurance for these professionals often provides that the insured professionals will defend themselves, with the obligation on the insurer to advance defense expenses as they are incurred, subject to all of the policy’s terms and conditions.

 

Because the defense obligations under the more traditional duty to defend coverage are well established and are more familiar to many courts, the courts all too often attempt to resolve issues arising under duty to advance policies by referring to principles developed with regard to duty to defend policies.

 

A recent Central District of California decision in a dispute arising under a legal malpractice policy takes an interesting look at these issues. In an August 21, 2012 opinion (here), Judge James V. Selna, applying California law, rejected the insured’s arguments to have the malpractice insurer’s duty to advance obligations determined under duty to defend principles, and applying the more stringent principles  the court determined to be applicable to the insurer’s duty to advance, the court concluded that the insurer did not have the duty to advance the insured’s defense expenses he incurred in a dispute between the insured and his former law firm.

 

Background

Between May 2007 and March 2008, Gregory Glenn Petersen was an attorney with and shareholder of the Jackson, DeMarco, Tidius & Peckenpaugh law firm (JDTP). Before, during and after the time Petersen was with JDTP, he represented the San Diego Police Officers’ Association (SPDOA), as well as several individual police officers in litigation related to employment benefits and labor negotiations. The SPDOA and the individual officers later terminated Petersen as their counsel, and subsequently brought a legal malpractice action against, inter alia, JDTP and Petersen.

 

JDTP’s professional liability insurer paid all of JDTP’s and Petersen’s defense costs incurred in excess of the policy’s $150,000 retention. JDTP paid the retention amount. The malpractice action ended in a settlement that the insurer funded under the policy.

 

Thereafter, JDTP served an arbitration demand on Petersen, in which, as amended, JDTP sought to recover its payment of the $150,000 retention, as well as about $100,000 in fees the firm allegedly incurred in dealing with Petersen’s departure from JDTP and in connection with the malpractice cases. Petersen submitted the arbitration dispute as a claim under JDTP’s professional liability insurance policy, seeking to have the insurer fund his defense and indemnify him. The insurer denied coverage for the dispute and Petersen filed an action for declaratory judgment against the insurer and for damages. In his declaratory judgment claim, Petersen sought a judicial declaration that the insurer has an immediate duty to advance his expenses incurred in defending against the JDTP arbitration claim. The parties filed cross-motions for summary judgment.

 

Among other things, JDTP’s professional liability insurance policy provides that “the Assureds and not the Company have the duty to defend Claims” (the “Company” being a reference to the insurance company), providing further that, subject to the policy’s other terms and conditions, “the Company on behalf of the Assureds shall Advance Claim Expenses … in excess of the applicable RETENTION, if any, before the final disposition of a Claim against the Assureds.”

 

The August 21 Opinion

In seeking a judicial declaration that the insurer must advance his defense expenses, Petersen argued in reliance on principles established under duty to defend policies that “to prevail on his claims he need only show a possibility that there is a covered claim.” He reasoned that “the duty to advance claims expenses is sufficiently analogous to the duty to defend that the same standard should apply.” The insurer argued that the “possibility of coverage” standard and other rules of law governing a policy with a duty to defend do not apply to a policy containing only a duty to advance claims expenses.

 

The court reviewed several cases on which the parties relied, determining first that the courts have indeed differentiated the duty to advance claims expenses from the duty to defend. Judge Selna also reviewed a decision on which Petersen sought to rely arising out of the WorldCom securities litigation and under New York law. Judge Selna discounted that case because it arose under New York law rather than California law, and concluded in any event that it was not persuasive of Petersen’s position.

 

After considering the cases applying California law and arising under policies providing for a duty to advance defense expenses rather than a duty to defend, Judge Selna turned to the policy in dispute. He noted to the “policy provides for the claims expenses to be advanced subject to several conditions”, including the insured’s obligation to obtain the insurer’s consent to reasonable attorneys’ fees and to settlements; as well as subject to the policy’s allocation provisions. Combined with the policy’s “explicit disclaimer of any duty to defend,” Judge Selna found that the policy “is not consistent with the broader duty to defend.”

 

Accordingly, Judge Selna determined that he “will not apply any legal rule … based on a duty to defend policy to the present case” and concluded that Petersen had the burden of establishing “that the underlying claims are within the basic scope of coverage.”

 

Judge Selna then proceeded to determination that the claims presented within JDTP’s arbitration demand were within the policy’s scope of coverage, he ruled that “the uncontroverted facts show beyond a genuine issue of material fact that the arbitration asserted against Peterson does not require the Insurers to advance claims expenses because he is not covered by the Policy.” Judge Selna granted the insurer’s motion for summary judgment and denied Petersen’s  cross-motion.

 

Discussion

In my current professional role as a representative of policyholders’ interests, I often read cases these days rooting for the policyholders. But for a large part of my career, I represented insurers’ interests, both as an advocate and as an advisor. I recall all too well from those days representing insurers how vexing it was when courts were insufficiently precise in their understanding of insurer’s policy obligations. I found it particularly confounding when courts would blur the lines and apply principles applicable to the duty to defend policies in the determination of insurer’s obligations under duty to advance policies.

 

Even though these days I root for policyholders’ interests when reading case decisions,in the end, what I really want is for coverage disputes to be resolved based on a correct judicial understanding of the parties’ respective obligations under the insurance policy. In this case, the court correctly understood the insurer’s defense obligations and correctly declined to apply principles derived from duty to defend cases to the determination of the insurer’s obligations.

 

In the long haul, all parties’ interests will be served if coverage disputes are resolved based upon a correct judicial understanding of the parties’ policy obligations. In particular, all parties’ interests will be served if courts do not inappropriately seek to determine carriers’ obligations under a duty to advance policy applying principles determined in connection with duty to defend policies.

 

One thing that should be clear from all of this is the basic point that insurers’ obligations under a duty to advance policy are different from insurers’ obligations under duty to defend policies. In some situations, policyholders have a choice of which kind of defense provisions to have in their policies (this is particularly true in the private company D&O insurance context).

 

It is critically important when the policyholder is choosing which kind of defense arrangement to have in its policy for the policyholder to be fully informed about the differences in the kinds of defense arrangements. There are advantages and disadvantages to each type of arrangement; being able to understand and explain these differences requires an informed understanding of the claims process and how the difference defense arrangements might affect future claims. This is one more reason why it is particularly important to have an experienced and knowledgeable advisor involved in the professional liability insurance placement process.

 

Special thanks to a loyal reader for providing me with a copy of the August 21 opinion.

 

Among the more noteworthy aspects of the recently enacted Jumpstart Our Business Startups (JOBS) Act are the legislation’s crowdfunding provisions. These provisions are intended to allow small businesses a new means of raising funds directly from investors using the Internet. But many commentators are concerned about these provisions. Among other things, some have noted that the transaction costs that the Act required fund-raising companies to incur may deter start-ups from using crowdfunding. And a number of other commentators have raised concerns about fraud.

 

The possibility of crowdfunding fraud, and some suggestions about possible means of preventing the fraud, is discussed in an August 22, 2012 Thomson Reuters News & Insight article entitled “Crowdfunding: Small-Business Incubator or Securities Fraud Accelerator?” (here), written by Lyndon Tretter of the Hogan Lovells law firm. The author notes that many commentators are “concerned that the potential for fraud on the crowd may outweigh the promise of new financing for legitimate startups.” Among other reasons for these concerns is that with crowdfunding, “the risk of fraud increases because the pool of investors includes those who have no personal relationship with the business owner and who may be geographically remote from and thus unable to oversee the business itself.”

 

The author notes that, while the JOBS Act expressly provides investors the opportunity to seek a recovery if they believe they have been misled, because each crowdfunding investor will only have a relatively small stake in the enterprise, they may lack the incentive or resources to pursue a recovery. Even in the aggregate, the investors’ collective investments may not be enough to attract the interest of the traditional class action attorney, so the civil liability provisions “may not prove to be very useful in practice.”

 

To address these concerns, the author proposes that the SEC promulgate rules designed to address the likeliest sources of abuse: the promise of unrealistic returns on investment and the ability of insider to use the money they raise for themselves of their own benefit. The author specifically proposes that the SEC use its rulemaking to require the fund raisers to state the personal investments that the insiders have made in the enterprise; require particularized disclosure of the anticipated use of the offering proceeds; require disclosure of any salary, benefits or compensation the issuer is expected to pay in the next year; and require disclosure of any transaction with a related party that the issuer anticipates in the coming year. The author also suggests that the SEC encourage investors to consider the benefits of investing locally, under circumstances when investors might have a better chance to monitor the company directly.

 

The author also proposes augmenting the JOBS Act’s civil liability provisions, among other things by allowing claimants to recover their attorneys fees incurred in pursuing a claim if the claimant can show that an individual insider intended the issuer’s disclosure to be misleading.

 

I think the author has done a commendable job of trying to think of ways to protect investors and to try to make the crowdfunding less susceptible to fraud. Unfortunately, it seems inevitable that there will be those who abuse the crowdfunding mechanism. It is bad enough that the crowdfunding procedure specified in the JOBS Act will be cumbersome and costly, as I noted in a prior post. But if there are highly publicized instances where crowdfunding is abused and investors are defrauded, prospective investors may be deterred altogether, and in the end the process could not only be costly but ineffective.

 

It will be interesting to see the SEC’s rules when they are finally released. But it will be even more interesting to see what becomes of the crowdfunding mechanism – in particular, what kinds of companies use the process, whether they process becomes a standard means of fundraising, and whether or not there are problems with fraud or other abuse. I wonder whether with all of the potential problems crowdfunding will prove to be an important and useful innovation or a just another failed initiative.