M. Todd Scott

Senior Associate

San Francisco


Read full biography at www.orrick.com

M. Todd Scott is a Senior Associate in the Securities Litigation & Corporate Governance team. His practice focuses on defending companies and their officers and directors in securities class actions, shareholder derivative suits, mergers and acquisition litigation, and other shareholder-related disputes, and advising clients on corporate governance and disclosure matters.

Todd regularly advises companies and their boards on corporate governance best practices and fiduciary and disclosure duties, and has extensive experience in responding to shareholder litigation demands and other shareholder activism.

Before joining the firm, Todd was an associate at the San Francisco office of Clifford Chance US LLP. In his spare time, Todd is a musician, screenwriter and father to three fantastic kids.

Posts by: M. Todd Scott

When Are Directors Liable for Failing to Exercise Proper Oversight?

Recently we discussed whether directors of public companies face potential liability for not preventing cyber attacks.  As we discussed, the answer is generally no, because absent allegations to show a director had a “conscious disregard” for her responsibilities, directors do not breach their fiduciary duties by failing to properly manage and oversee the company.

That well-established rule was again affirmed last week by the Delaware Court of Chancery in In re China Automotive Systems Inc. Derivative Litigation,  a case that concerned an accounting restatement by a Chinese automotive parts company.  Plaintiffs there alleged that the company’s directors breached their fiduciary duties by failing to manage and oversee the company’s accounting practices and the company’s auditors, who improperly accounted for certain convertible notes from 2009 to 2012.  When the error was uncovered, the company restated its financials for two years and its stock price dropped by 15%. READ MORE

A Ponzi of A Different Color

Cuffed Hands

High profile schemes perpetrated by Bernie Madoff, Allen Stanford, Nevin Shapiro, and others have brought, or at least reinforced, a general understanding of the term “Ponzi scheme” into the public lexicon.  But what, legally, is a Ponzi scheme?  In SEC v. Management Solutions, Inc., 2013 WL 4501088 (D. Utah Aug. 22, 2013), Judge Bruce Jenkins endeavored to answer that question and, in the process, authored an encyclopedic account of the term and key court opinions, from seven federal circuits, that have construed it.

Management Solutions was an SEC enforcement action against a father-and-son team that had allegedly raised over $200 million through a “classic Ponzi scheme.”  According to the SEC’s complaint, investors in the scheme were sold “membership interests” in an apartment-flipping business and were guaranteed a return of five to eight percent.  In reality, the funds were allegedly deposited into a general account and were used to pay a variety of expenses, including returns to other investors.  Each of the defendants in the SEC case settled without admitting or denying the allegations.

A hearing was held in 2013 to determine whether, as argued by the court-appointed receiver, the scheme was properly classified as a “Ponzi scheme” and, if so, at what point that designation became applicable.  The receiver sought such a finding in order to obtain the so-called “Ponzi presumption,” which is sufficient to establish actual intent to defraud.  READ MORE

Shareholder Books and Records Requests to Become More Frequent, and More Potent

Spreadsheet

As we previously detailed, a shareholder’s request for corporate books and records can raise competing concerns for the company and its directors.  On the one hand, shareholders have a legal right under Section 220 to seek company records, and have been repeatedly encouraged by Delaware courts to exercise that right. On the other hand, because Section 220 requests are often a precursor to litigation – and because even innocuous documents can sometimes be used to bolster an otherwise baseless lawsuit – fiduciaries must ensure their response protects shareholder interests as a whole.

A string of recent Delaware decisions have added a new layer of complexity to these concerns.  Going forward, Section 220 requests will likely become more common, and will potentially carry a larger downside for companies that fail to properly respond.

First, Delaware courts are increasingly insistent that shareholders seek corporate records before filing suit.  In fact, the Delaware Court of Chancery recently went so far as to hold that if a shareholder fails to seek books and records before filing a derivative complaint, the court can assume that shareholder is unable to “provide adequate representation for the corporation.”  That decision was later overturned by the Delaware Supreme Court, but by acknowledging “the trial court’s concerns,” the Supreme Court yet again reiterated its expectation that shareholders should request company records as a matter of first course. READ MORE

Does A Board Need To Put A “For Sale” Sign On The Company When Considering A Change-of-Control Transaction?

Chairs Around a Table

When a board of directors decides to enter the company into a change-of-control transaction, the board is charged with the duty to act reasonably to secure the best value reasonably attainable for its shareholders. As the Delaware Supreme Court put it in its seminal decision in Revlon, Inc. v. MacAndrews & Forbes Holdings, in the change-of-control context, the directors’ role changes “from defenders of the corporate bastion to auctioneers charged with getting the best price for the stockholders at a sale of the company.”

But is an “auction” of the company always necessary to comply with this duty? No – there is no bright-line rule that directors must conduct a pre-agreement market check or shop the company. Delaware courts have repeatedly emphasized that there is no single “blueprint” that a board must follow to fulfill its duties in connection with a change-of-control transaction and, in fact, a board may pursue a single-bidder sales process so long as it has reliable evidence with which to evaluate the fairness of the transaction without an active survey of the market and retains flexibility to consider potential topping bids after the merger agreement is signed.

That is not say that a single-bidder approach will always pass judicial muster, as demonstrated in Koehler v. NetSpend Holdings, Inc., a recent case in which the Delaware Court of Chancery found that NetSpend’s directors acted unreasonably by not engaging in a market check before agreeing to sell the company. The court in NetSpend acknowledged that a single-bidder process is not unreasonable per se, and found that the board’s initial decision to adopt a “not-for-sale” strategy that sought to maximize value by inducing the sole bidder to bid against itself was reasonable. According to the court, however, the board’s approach to the transaction was not reasonable. In support of this finding, the court pointed to a “weak” fairness opinion, as well as acquiescence to potentially preclusive deal protection provisions, including a “No-Shop” clause and “Don’t Ask-Don’t Waive” provisions that precluded NetSpend from waiving any standstill agreement without the buyer’s consent. These factors precluded an effective post-agreement market check to assess the fairness of the deal price. READ MORE

How Corporate Charters Can Protect Directors from Money Damages for Acts of Negligence

Several weeks ago we asked whether directors of public companies face potential liability for not preventing cyber attacks. But what about liability for other acts of oversight? Can directors be held personally liable for money damages when they have done nothing affirmatively wrong?

Generally, the answer is no. Many states, like Delaware, allow corporate charters to include provisions that protect directors (and sometimes officers) from money damages for certain breaches of fiduciary duty. Acts that are not protected include breaches of the duty of loyalty, intentional misconduct, knowing violations of the law or receiving an improper personal benefit. But where plaintiffs seek money damages for breaches of the duty of care, exculpatory provisions in corporate charters typically provide directors a defense to the claims.

Practically speaking, these provisions protect directors against claims of negligence, and some courts have held the provisions even go so far as to protect against “reckless indifference.” The protection stops, however, when a director consciously disregards his or her duties. For example, and with reference to the earlier discussion on cyber attacks, an exculpatory provision might not shield a director from money damages where (i) a damaging cyber attack occurred, and (ii) it could be proven that the director exhibited a “sustained or systematic failure to exercise reasonable oversight” over the company’s cybersecurity, such that it evidenced the director’s conscious disregard of cybersecurity. READ MORE

Does Your Director Have a Guilty Conscience? SEC to Press for More Admissions

Some of the SEC’s enforcement targets are no longer in denial, or at least they won’t be if a recent policy shift at the regulator takes hold.  In a widely-reported letter on June 17, 2013 and then again in public remarks the next day, SEC Chairperson Mary Jo White indicated that the Commission would step up efforts to secure actual admissions of guilt in some cases rather than relying on the far more typical no-admit/no-deny settlements which have the advantage of avoiding litigation but which have also left some judges, politicians, and the public flat.

The purported change comes at a time when the SEC is facing criticism from a number of circles for settling high-profile cases. Among the loudest critics of the SEC’s settlement policy has been U.S. District Judge Jed Rakoff, who in November 2011 would not approve a $285 million settlement between the SEC and Citigroup in which Citigroup did not admit liability. As Judge Rakoff explained:  “Here, the S.E.C.’s long-standing policy—hallowed by history, but not by reason—of allowing defendants to enter into Consent Judgments without admitting or denying the underlying allegations, deprives the Court of even the most minimal assurance that the substantive injunctive relief it is being asked to impose has any basis in fact.”

Apparently, the SEC was listening to Judge Rakoff and others, but the consequences of this policy shift are unclear. For example, in her public remarks, Ms. White explained that “public accountability” cases were “quite important”—“and if you don’t get them, you litigate them.” Ms. White elaborated, adding that, “to some degree it turns on how much harm has been done to investors, [and] how egregious the fraud is.” As to any specific criteria the SEC would apply in seeking admissions of guilt, the regulator explained that such admissions might be appropriate in instances to safeguard against risks posed by the defendant to the investing public or where the defendant obstructed the SEC’s investigative process. In addition, two recent nominees to the SEC, Kara M. Stein and Michael Piwowar, stated during their confirmation hearings that they supported the policy shift. READ MORE

Do A Deal and You’re Sure to Get Sued; Now, at Least, You Can Get Sued in Just One Place

Merge Sign

These days almost every public company that announces an agreement to sell itself can expect to be the subject of multiple shareholder class actions challenging the transaction – even if shareholders will be receiving a blowout price for their shares under the terms of the agreement. Many of these cases are baseless, and are brought by plaintiffs hoping to leverage a quick settlement. Their strategy, in blunt terms, is to force a speedy payment by threatening to disrupt or stall the deal. Unfortunately, even if the litigation presents only a small risk of disrupting or delaying the deal, many companies feel obligated to settle rather than risk upsetting the deal.

It’s bad enough that target companies and their boards are forced to deal with these “worthless” “sue-on-every-deal cases,” as Delaware Vice Chancellor Travis Laster once described them, but they often have to deal with them in multiple jurisdictions. Indeed, rarely are shareholder class actions challenging a merger brought in a single forum. Instead, companies and their boards are forced to expend time and money defending against duplicative lawsuits in multiple fora around the country. READ MORE

Do Directors Face Potential Liability for Not Preventing Cyber Attacks?

Email

In the past weeks, we’ve reported that while most companies are properly disclosing their exposure to cybersecurity threats, the increasing occurrence and severity of cyber attacks has the SEC considering even more stringent cybersecurity disclosure requirements. Now, another study reports that while 38% of Fortune 500 companies have disclosed that a potential cyber event would “adversely” impact their business, only six percent of those companies purchase cyber security insurance.

What of the other 94%? Should they be doing more to protect themselves against the growing cyber threat? Do their directors have a fiduciary obligation to do more?

In re Caremark International Inc. Derivative Litigation, a Delaware decision from 1996, sets forth a director’s obligations to monitor against threats such as cyber attacks. In short, as long as a director acts in good faith, as long as she exercises proper due care and does not exhibit gross negligence, she cannot be held liable for failing to anticipate or prevent a cyber attack. However, if a plaintiff can show that a director “failed to act in the face of a known duty to act, thereby demonstrating a conscious disregard for [her] responsibilities,” it could give rise to a claim for breach of fiduciary duty. READ MORE

Do Trades Made Pursuant to 10b5-1 Plans Still Offer A Defense to Insider Trading?

Chairs Around a Table

Rule 10b5-1, enacted in August 2000, codified the SEC’s position that trading while in possession of material non-public information is sufficient to establish liability for insider trading. The rule also provided an affirmative defense for individuals who could prove that the purchase or sale of stock was made pursuant to a pre-existing written plan executed before the individual became aware of the material non-public information. These so-called 10b5-1 plans have long been considered to be an efficient way to trade company stock without raising suspicion of insider trading or another improper motive.

However, recent news stories have reignited concerns that corporate insiders may be abusing 10b5-1 trading plans to trade on material non-public information. An April Wall Street Journal article reported that not only has the use of 10b5-1 plans by non-executive directors nearly doubled between 2006 and 2011, but a significant percentage of the plans were being used to unload all or a large percentage of the directors’ holdings in a short period of time. An earlier November 2012 Wall Street Journal article analyzing thousands of trades made by corporate executives found evidence that company insiders did statistically much better than expected in realizing trading profits. Together, these articles suggest that the lack of transparency and regulation of 10b5-1 trading plans has allowed them to be misused as vehicles to effectuate opportunistic trades.

READ MORE

Recent Study Finds Cybersecurity Disclosures May Fail to Meet SEC Guidelines

Hackers aren’t the only ones after company information. Earlier this week, Wills Fortune 500, a unit of Wills Group Holdings, a global insurance broker providing insurance and risk management services, made available its own report  tracking the response by Fortune 500 companies to the SEC’s October 2011 guidelines for cybersecurity disclosures. The report’s key findings include that, as of April 2013, 85% of Fortune 500 companies were following the SEC guidelines and providing some level of disclosure of cyber exposures. However, close to 40% of the companies failed to provide details on the size of their exposure, stating only that the risk would have an impact on the company without further discussing the extent of the impact. As such, the report concluded that the question whether company disclosures rise to the level mandated by the SEC is debatable, given the paucity of information regarding the probability of incidents and their quantitative and qualitative magnitude.

In light of the findings of the Willis Fortune 500 report, it’s not surprising that SEC Chairman Mary Jo White had previously asked the Commission to evaluate compliance with current guidelines for cybersecurity disclosures, assemble a report on the general practice and compliance with the existing guidelines, and make recommendations for further guidance.