Law firms that specialize in suing directors will scrutinize nearly every major transaction, public offering, stock drop, restatement, and press release filed by public companies. For instance, according to Cornerstone Research, stockholders file lawsuits challenging the majority of public company transactions valued at more than $100 million, with an average of three lawsuits per transaction. An effective defense of these almost-inevitable lawsuits can begin long before they are filed. With a few simple steps, directors can reduce the burden of these lawsuits and protect themselves from the most common tactics utilized by stockholders’ attorneys.
1. Vet conflicts early and often. Perhaps the easiest way to avoid fiduciary duty liability is to avoid situations where you have conflicting interests in a transaction or other board decision. Due to various protections under Delaware law, directors are rarely held liable for poor or ill-informed decisions if the directors are not self-interested (unless they are grossly negligent), and articles of incorporation almost universally protect directors from monetary damages for such decisions. By contrast, Delaware fiduciary duty law imposes exacting standards for directors who participate in board decisions when they have a material self-interest in that decision. Thus, any major board initiative should begin with a full analysis of each director’s potential self-interests, and this analysis should be updated throughout the initiative. Of course, this analysis requires you to stay organized with your outside business interests (e.g., your employer’s customers, suppliers, and competitors) and personal financial situation (e.g., ownership interests). Recusing yourself can be the stitch in time that saves nine.
2. Treat all board communications formally. The documents that often cause the most trouble in litigation are informal e-mails between two directors. Even if e-mails contain nothing objectively negative regarding the board decision at issue, such e-mails can raise questions about the board’s deliberative process, especially if the issue raised in an e-mail was not discussed with the full board. A skilled plaintiff’s counsel can often interpret a casually written message in an unintended manner. In most instances, if a director raises any concern outside of a board meeting, the full board should resolve that concern and memorialize the process in a contemporaneous document (e.g., the minutes). If you have said anything in an e-mail that is inconsistent with your ultimate vote on an issue—even if you were just playing “devil’s advocate”—you should be prepared to square your communications with your vote. In other words, make sure your concerns are resolved through the deliberative process before making your decision.
3. Maximize efficiency in pressing circumstances. Perhaps underestimating how quickly and diligently directors and their advisors can work in exigent circumstances, plaintiffs’ attorneys often allege that board decisions were too rushed. For instance, in one of the more infamous Delaware fiduciary duty decisions, a financial advisor did not send any valuation materials to a board of directors until 9:42 p.m. on the night that the directors met to vote on a merger. The board met at 11 p.m. and approved the merger that night. Tight deadlines are often unavoidable, but directors can take steps to maximize the efficiency of the process. For instance, request early drafts of meeting materials, make your advisors work around-the-clock when necessary, and don’t wait until the board meeting to ask questions. At the end of the day, you need to be able to honestly state that you had enough time to fully consider any issues or concerns and come to a reasoned decision. Use your resources efficiently to get to that point.
4. Make your advisors an asset, not a liability. The quality and independence of a board’s advisors is a direct reflection on the quality and independence of the board’s process. This scrutiny begins when a board (or committee) selects its outside advisors. Stockholders may cry foul if directors simply accept management’s recommended advisor, especially if any member of management may have a self-interest in the relevant transaction.
To avoid these common allegations, interview multiple advisory firms, thoroughly inspect their potential conflicts, and negotiate for a fee structure that aligns the advisor’s incentivizes with the best interests of the stockholders. Stockholders also regularly allege that advisors are “deal cheerleaders” who bend their analysis to support the board’s wishes. To rebut these allegations, insist that your advisors objectively analyze the relevant issues, and ask them to obtain the board’s approval for any significant assumptions, methodology decisions, and other subjective portions of their analyses. To the extent possible, you should also resist your advisors’ efforts to load their work-product with disclaimers. Above all, carefully analyze your advisors’ work-product, ask questions, and do not rely on their opinions until you understand and approve of the efforts and reasoning underlying those opinions.
5. Ensure that the meeting minutes fully reflect the process. We cannot overstate the importance of minutes in litigation against directors. First, judges and juries typically place more weight on contemporaneous records of a board decision than after-the-fact testimony. Second, depositions often happen several months (if not years) after a challenged board decision, and minutes are an important tool for refreshing directors’ memories. Ask the board secretary to draft minutes promptly after a board meeting so that you can review them while the meeting is still fresh on your mind. When reviewing minutes, make sure that they accurately reflect a summary of the issues discussed, the specifics of any decisions reached, and a list of all attendees (plus mid-meeting arrivals and departures). Not every single statement made during a meeting can or should be part of the minutes, but it is important for the minutes to reflect every topic discussed at the meeting. Ask yourself: “If I’m questioned about this meeting at a deposition next year, will these minutes help me answer questions and show the court that we fulfilled our duties?”
6. Know the boundaries of the attorney-client privilege. The attorney-client privilege is not a guarantee that all correspondences with counsel are shielded from discovery. For instance, contrary to many directors’ (and attorneys’) beliefs, the attorney-client privilege does not protect every e-mail on which an attorney is copied. Rather, an e-mail is generally privileged only if the correspondence is sent in furtherance of requesting or providing legal advice. Parties in litigation are often required to redact the “legal advice” portion of e-mails and produce the remaining portions. Thus, an e-mail (or a portion of an e-mail) concerning purely business issues might not be shielded from production. Additionally, communications with certain persons that would ordinarily be privileged, including in-house and outside counsel, may not be privileged under certain circumstances. Further, even if a document is undisputedly privileged, litigants sometimes waive the attorney-client privilege for strategic reasons, such as when the board asserts that it made a challenged decision in reliance on advice from counsel. While it is vital to have open and honest communications with your counsel, it is also important to remember that those communications may be shown to an opposing party. If there is something you would not write down in a non-privileged e-mail, then consider calling your attorney instead of sending an e-mail.
7. Use a board-specific e-mail address. By exclusively using a non-personal e-mail address for board-related correspondences, you can significantly reduce the odds of personal e-mails (or e-mails concerning your other business endeavors) becoming subject to discovery. Too often, we see directors using their “day job” e-mail addresses for their directorial correspondences; this can lead to situations where your employer’s confidential information must be copied, reviewed by your outside counsel, or (worse yet) produced to the opposing party in litigation. The same holds true for personal e-mail addresses, which some directors use for their family’s bank statements and board-related e-mails. The best way to potentially avoid this situation is to proactively segregate board-related e-mails to a different e-mail account. Some companies create e-mail addresses for their directors. If yours does not, consider creating an e-mail account and conducting board-related business solely from that address.
Craig Zieminski and Andrew Jackson are litigation attorneys at Vinson & Elkins LLP. They specialize in representing companies and their directors in lawsuits alleging breaches of fiduciary duties, partnership agreement duties, merger agreements, and federal securities laws.
Directors and officers of both public and private companies operate in difficult, complex, and evolving business, legal, and regulatory environments. Challenges and risk exposures are unavoidable, and the speed of change shows no sign of slowing. Accordingly, it is imperative that directors and officers stay abreast of issues impacting the risk landscape and continually analyze how best to protect themselves. The recently released NACD Board Leadership report prepared with Marsh, “Evolving Directors & Officers Liability Environment Emerging Issues & Considerations,” identifies core areas of change and associated insurance concerns for directors & officers (D&O).
Four areas being closely watched today are discussed below.
Securities regulations and resulting enforcement and claims will change over the course of President Trump’s administration, although the extent of the change remains to be seen. Deregulation for financial institutions and other organizations is likely. Although deregulation may ease the regulatory burden on businesses in an effort to stimulate growth, it could lead to a rise in resulting claims due a potential decrease in transparency and mandated corporate guidelines.
We may also see a shift in how government regulatory agencies handle purported wrongdoing—perhaps with the assessment of fewer corporate penalties while continuing to hold culpable individuals accountable. Based on some of the recent U.S. Securities and Exchange Commission appointments — including the SEC Chair and co-heads of the SEC Division of Enforcement —many expect that the agency will continue to aggressively pursue culpable individuals.
Generally speaking, activism is on the rise, including environmental activism, shareholder activism, and other forms. The first climate change-related securities class action was filed in late 2016, and more are expected to follow. Some anticipate that, as a result of the Trump administration’s withdrawal from the Paris Agreement, environmental activists’ drive to advance their agenda—whether through civil litigation, shareholder resolution initiatives, or other means—will increase. In addition, we expect there to be more initiatives driven by state regulatory actions and non-governmental organizations.
Increase in Securities Claims
According to NERA Economic Consulting, the number of securities class action filings in the first quarter of 2017 was significantly higher than in past years. The number for the first quarter of 2017 stood at 144 filings of federal securities class actions, which is up from 102 filings in the first quarter of 2016. If filings continue at this rate, we expect there to be close to 500 securities class action filings in 2017 alone, a 66 percent increase from 2016. The rise in filings can be attributed to several factors including, but not limited to: the increase in merger objection-related filings in federal court; the increase in the number of securities plaintiff firms; and, arguably, a race to the courthouse before any new regulatory changes are implemented.
Cybersecurity-related losses continue to be one of the most worrisome potential exposures for companies. Despite some significant recent cyberbreaches, the first traditional securities class action litigation against directors and officers was only recently filed. The complaint generally alleges that the defendants made materially false and/or misleading statements about the breach. It also claims failure to disclose material adverse facts about the company’s business and operations specific to data protection, and the discovery and potential impact of the data breaches.
On the other hand, there have been a number of derivative lawsuits filed against companies’ directors and officers for alleged mismanagement of cybersecurity incidents. To date, defendants in this type of litigation have largely been successful in getting these cases dismissed by invoking the business judgement rule, among other defenses. However, a notable, recent settlement of one of these derivative actions while on appeal will likely continue to fuel the plaintiff’s bar’s drive to pursue cybersecurity-related D&O claims.
While each of the above can be viewed as discrete risks, they each share a common thread: increased exposure to directors and officers. As a best practice, all directors should regularly review their D&O insurance program with their insurance advisors to ensure adequate protection in the wake of the increasingly risky environment in which we live. Directors and the officers of their companies should ask themselves probing questions about their insurance coverage:
Does my D&O insurance program provide sufficient limits of liability?
Am I protected by Side-A Difference In Conditions insurance? If so, are those limits sufficient?
How will my D&O insurance coverage respond in connection with a regulatory investigation? Will I be covered to the extent there is an internal investigation associated with an external regulatory investigation?
Does the selection of insurers on my company’s D&O “tower” make the most sense should I need to turn to the insurers for coverage?
How narrowly tailored is the exclusionary language in my policies? How favorable is the severability language?
By reviewing these questions in conjunction with their insurance programs on at least an annual basis, directors and officers will be more adequately prepared for the scenarios outlined above.
Corporate directors are confronted with a variety of recently proposed governance standards, while activist investor campaigns are challenging both board composition and board effectiveness by targeting individual directors. Given the high level of personal reputational risk and the associated long-term financial consequences now faced by directors, a hard look at the adequacy of company-sponsored director and officer (D&O) risk mitigation and board compensation strategies is timely.
The Bedrock of Certainty Shifts
Shifting stakeholder expectations are codified in the frequently conflicting governance standards published in recent years. Following the National Association of Corporate Director’s own 2011 Key Agreed Principles, there are now draft voting guidelines from Institutional Shareholder Services (ISS) and Glass Lewis & Co.; standards from groups such as the Office of the Comptroller of the Currency (regulator), CalSTRS (investor), the G20, and the Organisation for Economic Co-operation and Development (influencer); and, most recently, the Commonsense Corporate Governance Principles from a group of CEOs led by JPMorgan Chase & Co.’s Jamie Dimon.
This proliferation of standards reflects differing stakeholder expectations and gives direct rise to new risks for directors. With these new risks and expectations emerge associated questions about the adequacy of current governance strategies, company-sponsored reputation-risk-mitigation packages, and director compensation.
Because the board is the legal structure administering governance, the standards that boards choose to guide their oversight have legal force. Furthermore, detailed, prescriptive standards have instrumental force.
For instance, ISS and CalSTRS are promoting highly prescriptive standards. ISS is exploring specific “warning signs” of impaired governance, including monitoring boards that have not appointed a new director in five years, where the average tenure of directors exceeds 10 or 15 years, or where more than 75 percent of directors have served 10 years or longer. CalSTRS expects two-thirds of a board to be comprised of independent directors, and defines director independence specifically as having held no managerial role in the company during the past five years, equity ownership of less than 20 percent equity, and having a commercial relationship with the company valued at no more than $120,000 per year.
The Commonsense Corporate Governance Principles released this summer was an effort to share the thoughts of the 5,000 or so public companies “responsible for one-third of all private sector employment and one-half of all business capital spending.” Certain background facts may lead some stakeholders to discount the Principles. For example, in addition to Dimon, the list of signatories was comprised mostly of executives who hold the dual company roles of chair and CEO. Also, according to the Financial Times, eyebrows have been raised by CEO performance-linked bonuses of about 24 to 27 times base pay at BlackRock and T. Rowe Price, two asset manager companies with executives who were signatories. Coincidentally, these asset manager companies were ranked among the most lenient investors with respect to the executive pay of their investee companies, according to the research firm Proxy Insight.
These standards can be deployed by checklist, and boards can be audited for compliance to the specifics of the adopted standards. But, more importantly, the very existence of these standards lends them authority through expressive force. What they express—or signal, in behavioral economic parlance—is intent, goodwill, and values. Signaling is valuable in the court of public opinion.
Personal Protection Strategies
As reported in NACD Directorshipmagazine earlier this year, activists often wage battle in the court of public opinion to garner public support when mounting an attack against a company. Emphasizing the personal risks, the Financial Times reported in August that “Corporate names are resilient: when their images get damaged, a change of management or strategy will often revive their fortunes. But personal reputations are fragile: mess with them and it can be fatal.”
Make no mistake: this risk is personal. A director’s damaged personal reputation comes with material costs. Risk Management reported in September that the opportunity costs to the average corporate director arising from public humiliation were estimated at more than $2 million.
Among the many governance standards, pay issues are the third rail of personal reputation risks. “If companies don’t use common sense to control pay outcomes, [shareholders have to question] what else is going on at the organization and the dynamic between the chief executive and the board,” an asset manager with Railpen Investments told the Financial Times recently. Clawbacks may be the most disconcerting pay issue because the tactic places directors personally between both the investment community and regulators.
Governance standards just over the horizon may give boards succor, and reputation-risk-transfer solutions may have immediate benefits. Since 2014, the American Law Institute (ALI) has been developing a framework titled, “Compliance, Enforcement, and Risk Management for Corporations, Nonprofits, and Other Organizations.” Members of the project’s advisory committee include representatives from Goldman Sachs & Co., HSBC, Google, Clorox, and Avon Products; diverse law firms offering governance advisory services; law schools; regulators including the Department of Justice; and representatives from a number of prominent courts. According to the ALI, the project is likely to hold an authority close to that accorded to judicial decisions.
The ALI work product remains a well-protected secret, but the project is expected to recommend standards and best practices on compliance, enforcement, risk management, and governance. It can be expected that the ALI standards will reflect the legal community’s newly acquired recognition of the interactions between the traditional issues of compliance, director and officer liabilities, and economics; and the newer issues of cognitive and behavioral sciences. Such governance standards will likely speak to the fact that while director and officer liability will be adjudicated in the courts of law, director and officer culpability will be adjudicated in the courts of public opinion.
Insurance Solutions Available Now
Boards that qualify for reputational insurances and their expressive force can mitigate risks in the court of public opinion. An NACDDirectorshiparticle noted earlier this year, “ . . . these reputation-based indemnification instruments, structured like a performance bond or warranty with indexed triggers, communicate the quality of governance, essentially absolving board members of damaging insinuations by activists.”
Given the increased personal reputational risks facing directors and the long-term financial consequences arising, it may be time for an omnibus revisit of the adequacy of both director compensation and company-sponsored D&O risk mitigation strategies in the context of an enhanced, board-driven approach to governance, compliance, and risk management.
Following the guidelines of the ALI’s project once they are published is a rational strategy. After all, the work product will be one that will have already been “tested” informally in the community comprising the courts of law, and will be designed to account for the reality of the courts of public opinion. And no firm today has natural immunity to reputation damage—even Warren Buffett’s Berkshire Hathaway appears to be in the ISS crosshairs. Reputational insurances which, like vaccines, boost immunity, are available to qualified boards to counter all that is certain to come at them in this upcoming proxy season. And for those who insist on both belts and suspenders, hazardous duty pay may seal the deal.
Nir Kossovsky is CEO of Steel City Re and an authority on business process risk and reputational value. He can be contacted at email@example.com. Paul Liebman is chief compliance officer and director of University Compliance Services at the University of Texas at Austin. He can be contacted at firstname.lastname@example.org.