Recently we discussed whether directors of public companies face potential liability for not preventing cyber attacks. As we discussed, the answer is generally no, because absent allegations to show a director had a “conscious disregard” for her responsibilities, directors do not breach their fiduciary duties by failing to properly manage and oversee the company.
That well-established rule was again affirmed last week by the Delaware Court of Chancery in In re China Automotive Systems Inc. Derivative Litigation, a case that concerned an accounting restatement by a Chinese automotive parts company. Plaintiffs there alleged that the company’s directors breached their fiduciary duties by failing to manage and oversee the company’s accounting practices and the company’s auditors, who improperly accounted for certain convertible notes from 2009 to 2012. When the error was uncovered, the company restated its financials for two years and its stock price dropped by 15%. Read More
Several weeks ago we asked whether directors of public companies face potential liability for not preventing cyber attacks. But what about liability for other acts of oversight? Can directors be held personally liable for money damages when they have done nothing affirmatively wrong?
Generally, the answer is no. Many states, like Delaware, allow corporate charters to include provisions that protect directors (and sometimes officers) from money damages for certain breaches of fiduciary duty. Acts that are not protected include breaches of the duty of loyalty, intentional misconduct, knowing violations of the law or receiving an improper personal benefit. But where plaintiffs seek money damages for breaches of the duty of care, exculpatory provisions in corporate charters typically provide directors a defense to the claims.
Practically speaking, these provisions protect directors against claims of negligence, and some courts have held the provisions even go so far as to protect against “reckless indifference.” The protection stops, however, when a director consciously disregards his or her duties. For example, and with reference to the earlier discussion on cyber attacks, an exculpatory provision might not shield a director from money damages where (i) a damaging cyber attack occurred, and (ii) it could be proven that the director exhibited a “sustained or systematic failure to exercise reasonable oversight” over the company’s cybersecurity, such that it evidenced the director’s conscious disregard of cybersecurity. Read More
Some of the SEC’s enforcement targets are no longer in denial, or at least they won’t be if a recent policy shift at the regulator takes hold. In a widely-reported letter on June 17, 2013 and then again in public remarks the next day, SEC Chairperson Mary Jo White indicated that the Commission would step up efforts to secure actual admissions of guilt in some cases rather than relying on the far more typical no-admit/no-deny settlements which have the advantage of avoiding litigation but which have also left some judges, politicians, and the public flat.
The purported change comes at a time when the SEC is facing criticism from a number of circles for settling high-profile cases. Among the loudest critics of the SEC’s settlement policy has been U.S. District Judge Jed Rakoff, who in November 2011 would not approve a $285 million settlement between the SEC and Citigroup in which Citigroup did not admit liability. As Judge Rakoff explained: “Here, the S.E.C.’s long-standing policy—hallowed by history, but not by reason—of allowing defendants to enter into Consent Judgments without admitting or denying the underlying allegations, deprives the Court of even the most minimal assurance that the substantive injunctive relief it is being asked to impose has any basis in fact.”
Apparently, the SEC was listening to Judge Rakoff and others, but the consequences of this policy shift are unclear. For example, in her public remarks, Ms. White explained that “public accountability” cases were “quite important”—“and if you don’t get them, you litigate them.” Ms. White elaborated, adding that, “to some degree it turns on how much harm has been done to investors, [and] how egregious the fraud is.” As to any specific criteria the SEC would apply in seeking admissions of guilt, the regulator explained that such admissions might be appropriate in instances to safeguard against risks posed by the defendant to the investing public or where the defendant obstructed the SEC’s investigative process. In addition, two recent nominees to the SEC, Kara M. Stein and Michael Piwowar, stated during their confirmation hearings that they supported the policy shift. Read More
In the past weeks, we’ve reported that while most companies are properly disclosing their exposure to cybersecurity threats, the increasing occurrence and severity of cyber attacks has the SEC considering even more stringent cybersecurity disclosure requirements. Now, another study reports that while 38% of Fortune 500 companies have disclosed that a potential cyber event would “adversely” impact their business, only six percent of those companies purchase cyber security insurance.
What of the other 94%? Should they be doing more to protect themselves against the growing cyber threat? Do their directors have a fiduciary obligation to do more?
In re Caremark International Inc. Derivative Litigation, a Delaware decision from 1996, sets forth a director’s obligations to monitor against threats such as cyber attacks. In short, as long as a director acts in good faith, as long as she exercises proper due care and does not exhibit gross negligence, she cannot be held liable for failing to anticipate or prevent a cyber attack. However, if a plaintiff can show that a director “failed to act in the face of a known duty to act, thereby demonstrating a conscious disregard for [her] responsibilities,” it could give rise to a claim for breach of fiduciary duty. Read More
Rule 10b5-1, enacted in August 2000, codified the SEC’s position that trading while in possession of material non-public information is sufficient to establish liability for insider trading. The rule also provided an affirmative defense for individuals who could prove that the purchase or sale of stock was made pursuant to a pre-existing written plan executed before the individual became aware of the material non-public information. These so-called 10b5-1 plans have long been considered to be an efficient way to trade company stock without raising suspicion of insider trading or another improper motive.
However, recent news stories have reignited concerns that corporate insiders may be abusing 10b5-1 trading plans to trade on material non-public information. An April Wall Street Journal article reported that not only has the use of 10b5-1 plans by non-executive directors nearly doubled between 2006 and 2011, but a significant percentage of the plans were being used to unload all or a large percentage of the directors’ holdings in a short period of time. An earlier November 2012 Wall Street Journal article analyzing thousands of trades made by corporate executives found evidence that company insiders did statistically much better than expected in realizing trading profits. Together, these articles suggest that the lack of transparency and regulation of 10b5-1 trading plans has allowed them to be misused as vehicles to effectuate opportunistic trades.
In any change-of-control business transaction, the decision by the target company’s board of directors to approve the deal is subject to heightened scrutiny by the courts. These days, virtually every M&A deal is sure to attract at least one strike suit challenging the board’s decision, so it is essential that the board’s decision-making process be robust and untainted by any conflicts of interest.
One way in which a board can insulate its decision-making process is to employ a special committee of independent, outside directors to evaluate and negotiate any potential sale. Although boards are not required by law to use special committees when brokering change of control transactions, Delaware courts have repeatedly held that the use of a special committee can be powerful evidence of a fair and adequate process. That is especially true where (i) the contemplated transaction is with a controlling stockholder or (ii) a majority of the directors are conflicted, two situations where courts will employ the even-more exacting “entire fairness” standard of review. As the Delaware Supreme Court recently noted, “the effective use of a properly functioning special committee of independent directors” is an “integral” part “of the best practices that are used to establish a fair dealing process.” Read More
Four derivative lawsuits against Facebook’s directors relating to alleged disclosure issues surrounding the company’s initial public offering have a new status: Dismissed. Last month, Judge Robert Sweet of the Southern District of New York dismissed the suits on standing and ripeness grounds, finding that IPO purchasers have no standing to pursue claims related to alleged misconduct that took place before the IPO. The dismissed derivative suits were “tag-along” actions that largely parroted allegations made by investors in a parallel securities class action also pending before Judge Sweet, and had sought to hold Facebook’s directors liable for damages the company might incur as a result of the securities class action.
In dismissing the suits, Judge Sweet held that plaintiffs who buy stock in an IPO lack standing to pursue derivative claims based on alleged misstatements in an IPO registration statement. As Judge Sweet explained, in order to have standing to sue derivatively on behalf of a company, a plaintiff must have owned stock in the company at the time of the alleged misconduct. The registration statement that the plaintiffs allege to have been misleading, however, was finalized and filed with the SEC two days before the IPO. Judge Sweet rejected plaintiffs’ attempts to create standing by arguing that the wrong continued through the date of the IPO because the directors did not correct the allegedly misleading statements by that date. Read More
When a shareholder makes a demand on a company to pursue litigation, the company’s board can look to generally well-developed law to determine how to evaluate the demand. Though there is no one particular procedure a board must employ, there are numerous cases that explain how the board must inform itself about the demand in order to reach a good faith, “rational business decision” about whether to accept or refuse.
The rules for considering a shareholder demand are pragmatic, and afford corporate boards a dependable road map for responding to shareholder requests.
One open question (at least in Delaware, where it matters most) has been whether a board’s informed, good faith decision to defer action on a demand constitutes a “rational business decision” that is protected by the business judgment rule. Delaware courts have long held that while an informed board can refuse a demand, the one thing a board cannot do is nothing. At the same time, however, corporations often face the circumstance where there are follow-on shareholder litigation demands entirely duplicative of existing litigations or investigations. In those circumstances, a board could have any number of business justifications for wanting to defer action on the demand until the ongoing proceedings are resolved, but that would seem to violate the rule against doing nothing.
Genius rock lyricist Geddy Lee of RUSH once wrote “If you choose not to decide, you have still made a choice.”
Accordingly, the Ninth Circuit and certain federal district courts have recognized that a board’s informed, good faith decision to defer action on a demand during pending litigation or investigations is itself a decision that can be shielded by the business judgment rule. For example, in 2009, the Ninth Circuit found there was a “compelling” business justification for deferring action on a demand where the company’s pursuit of the demand’s allegations could be cast as an admission of wrongdoing in ongoing litigation. Read More