In our recent episode, we explored corporate director liability in the wake of the Department of Justice’s (DOJ) Yates Memo. In these September 2015 guidelines, the DOJ announced a change in policy, which would require companies to disclose the names of individuals involved in any cases of corporate misconduct that the DOJ was investigating.
Americans should never believe, even incorrectly, that one’s criminal activity will go unpunished simply because it was committed on behalf of a corporation.
We invited Damian Brew (Marsh USA Inc.) to Inside America’s Boardrooms to examine how the Yates Memo has impacted the personal liability of directors. Brew outlined three trends, which we’ve summarized below. Be sure the catch the full episode here.
1. More Shareholders are Demanding Suits Against Corporate Directors.
Demand is up. More shareholders are are demanding that corporate directors be held accountable following incidents that range from a data breach to a failure to follow executive compensation policies. Quite frankly, it’s no surprise that more shareholders are clamoring for board member accountability in the wake of events like the 2008 financial crisis. The question is, how has the increasing demand impacted board members?
While the DOJ’s Yates Memo increases director accountability, the number of cases in which board members have been held personally liable can be counted on one hand. In our recent episode, Brew informed us that roughly 40% of cases get dismissed by the court; another 40% are handled using D&O policy proceeds or through corporate indemnification.
The cases where we see individuals reaching into their pocket to settle are increasingly rare.
Ultimately, the board of directors is responsible for ensuring that procedures have been put in place to prevent any corporate wrongdoing. The best defense is in the creation of detailed processes, which fall under the board’s oversight responsibilities. In a recent episode, we outlined how a board can assess their organization’s enterprise risk management (ERM).
2. We’re Seeing an Increase in Section 220 Demands to Provide Books & Information.
Section 220 of the Delaware General Corporate Law ensures that shareholders are able to obtain information under the control of company leadership.
Corporate boards are experiencing an increase in demands to present their books and records—presumably to provide fodder for the plaintiffs bar to bring these derivative lawsuits. How is this affecting corporate directors?
Now more than ever, board members need to understand what kind of coverage their D&O policy offers regarding investigations. Historically, questions of D&O coverage have revolved around lawsuits or defense counsels; yet, recent cases have demonstrated a significant increase in costs associated with Section 220 investigations.
Corporate boards must be aware of whether their current D&O policy protects them from the latest dangers posed by today’s corporate legal arena. In our episode with Wilson Sonsini’s Katherine Henderson, we dive deeper into what board members should know about their D&O policy.
3. Cyber Risk Cases Have Yet to Pose Serious Threat to Directors.
Commentators have suggested that board members will be the next target of cyber risk lawsuits. We’ve seen several cases revolving around cyber privacy within the last couple of years. Thus far, however, the court cases have not fulfilled this unnerving prophecy.
Brew explains that there have been two major court decisions regarding cyber risk—one involving Wyndham and the other involving Target. Both cases were ultimately dismissed given the amount of cyber security preparations that both boards had undergone and documented. In Target’s case, the company was able to extensively demonstrate the board’s procedural care: the establishment of a special litigations committee (which included a former judge and a law professor), extensive interviews for qualified board members, etc.
When it comes to the personal liability of corporate directors, the moral of the story is preparation and documentation.
“Make sure you have a process in place, and make sure that process is documented. In the end, maybe it’s a wrong process, but you have to show that you’ve carefully and strategically worked through all the steps.”