Categories
Blog

A Caremark Retrospective: Part II – Holdings and Rationale

Today, I continue my exploration of two of the most significant cases regarding Boards of Directors and corporate compliance; the Caremark and Stone v. Ritter decisions. The former decision was released in 1996 and the latter, some ten years later in 2006. The original Caremark decision laid the foundation for the modern obligations of Boards of Directors in oversight of compliance in general and a company’s risk management profile in particular. Stone v. Ritter confirmed the ongoing vitality of the original Caremark decision. Yesterday, in Part 1, we reviewed the underlying facts of the Caremark decision. Today, in Part II, we consider the holdings and the legal reasoning. Perhaps the most interesting thing about both cases is that even though the Court in Caremark delineated the doctrine and in Stone v. Ritter confirmed it, both Courts ruled against the moving parties and for the defendant corporate Boards.

Caremark

In Caremark, the Court began by noting that director liability for a breach of the duty to exercise appropriate attention can come up in two distinct contexts. In the first, liability can occur from a board decision that results “in a loss because that decision was ill advised or “negligent””. In the second, board liability for a loss “may be said to arise from an unconsidered failure of the board to act in circumstances in which due attention would, arguably, have prevented the loss.”

However, any decision is tempered by the following, what “may not widely be understood by courts or commentators who are not often required to face such questions, is that compliance with a director’s duty of care can never appropriately be judicially determined by reference to the content of the board decision that leads to a corporate loss, apart from consideration of the good faith or rationality of the process employed.” In other words, if there is a process or protocol in place a board cannot be said to have violated its duty, even with “degrees of wrong extending through “stupid” to “egregious” or “irrational”.” To do so would abrogate the Business Judgment Rule.

The Caremark court went so far as to cite Learned Hand for the following, “They are the general advisors of the business and if they faithfully give such ability as they have to their charge, it would not be lawful to hold them liable. Must a director guarantee that his judgment is good? Can a shareholder call him to account for deficiencies that their votes assured him did not disqualify him for his office? While he may not have been the Cromwell for that Civil War, Andrews did not engage to play any such role.”

However, there is a second type of liability which boards can run afoul of under Caremark, and it is the one which seems to the liability under which most boards are found wanting in successful Caremark claims. It is when “director liability for inattention is theoretically possible entail  circumstances in which a loss eventuates not from a decision but, from unconsidered inaction.” This was a departure from prior Delaware case law which said that a board did not have to look for wrongdoing but only had to investigate if informed about it. That was from an old 1963 decision and the Court relied on the 1992 US Sentencing Guidelines to note how such views were no longer accepted. Board obligations had changed by 1996 with the following, “obligation to be reasonably informed concerning the corporation, without assuring themselves that information and reporting systems exist in the organization that are reasonably designed to provide to senior management and to the board itself timely, accurate information sufficient to allow management and the board, each within its scope, to reach informed judgments concerning both the corporation’s compliance with law and its business performance.”

Stone v. Ritter

This case involved money laundering and a bank’s failure to report suspicious activity which led to an employee running a Ponzi scheme. The bank in question was fined over $40 million. Once again, the plaintiffs were not successful in their claims. The Stone v. Ritter court approved the Caremark Doctrine and went on to further specify thatCaremark required a “lack of good faith as a “necessary condition to liability”.” It is because the Court was not focusing simply on the results but in the board’s overall conduct “of the fundamental duty of loyalty.” It follows that because a showing of bad faith conduct, “is essential to establish director oversight liability, the fiduciary duty violated by that conduct is the duty of loyalty.”

Interestingly, the Court added what it termed as “two additional doctrinal consequences.” First, although good faith is a “part of a “triad” of fiduciary duties that includes the duties of care and loyalty, the obligation to act in good faith does not establish an independent fiduciary duty that stands on the same footing as the duties of care and loyalty.” Violations of the duties of care and loyalty may result in direct liability, whereas a failure to act in good faith may do so, but it would only result in indirect liability. The second consequence is that the “duty of loyalty is not limited to cases involving a financial or other cognizable fiduciary conflict of interest. It also encompasses cases where the fiduciary fails to act in good faith. As the Court of Chancery aptly put it in Guttman, “[a] director cannot act loyally towards the corporation unless she acts in the good faith belief that her actions are in the corporation’s best interest.””

The Stone v. Ritter court ended by further refining the Caremark Doctrine to define the necessary conditions for director liability under Caremark. They are:

  1. Directors utterly failed to implement any reporting or information system or controls;
  2. If they have implemented such a system or controls, consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.

In either situation, imposition of liability requires a showing that the directors knew that they were not discharging their fiduciary obligations. Where directors fail to act in the face of a known duty to act, thereby demonstrating a conscious disregard for their responsibilities, they breach their duty of loyalty by failing to discharge that fiduciary obligation in good faith.

As usual, once I get started, I often cannot stop so in my next blog post (or two) I will consider how this has evolved.

Categories
Blog

A Caremark Retrospective: Part I – Background

It is often instructive to look back at old cases which have become so well known for a doctrine that the underlying facts are often forgotten. I did so recently in reading the original Caremark and Stone v. Ritterdecisions. The former decision was released in 1996 and the latter, some ten years later in 2006. They both made interesting reading and the underlying facts could well be drawn from the headlines of anti-corruption and anti-money laundering (AML) enforcement actions today. The original Caremark decision laid the foundation for the modern obligations of Boards of Directors in oversight of compliance in general and a company’s risk management profile in particular. Stone v. Ritter confirmed the ongoing vitality of the originalCaremark decision. Today, in Part 1, we review the underlying facts of the Caremark decision and in Part II, the legal reasoning.

Underlying Facts

In Caremark, the decision involved a company which provided patient care and managed care services and a substantial part of the revenues generated by the company was derived through third party payments, insurers, and Medicare and Medicaid reimbursement programs. Medicare and Medicaid payments were governed under the Anti-Referral Payments Law (“ARPL”) which prohibited health care providers (HCPs) from paying any form of remuneration (i.e., kickbacks) to physicians to induce them to refer Medicare or Medicaid patients to Caremark products or services.

To try and get around this prescription, Caremark entered various contracts for services (e.g., consultation agreements and research grants) with physicians at least some of whom prescribed or recommended services or products that Caremark provided to Medicare recipients and other patients. Moreover, Caremark had a decentralized governance and operational structure which allowed wide latitude to the business units to enter into such agreements without corporate or any centralized compliance or legal oversight. The results were about what you would expect.

Multiple federal investigations found that from the mid-1980s until the early 1990s, Caremark paid out millions to doctors in forms disguised to evade ARPL liability. Caremark claimed that its payments for consultation, teaching, research grants and other similar evasions did not violate the law. Further, it relied on an audit by Price Waterhouse (PwC) which concluded that there were no material weaknesses in Caremark’s control structure.

In 1993, Caremark formally changed its compliance manual to prohibit such payments, announced this change internally and put on training for this new set of policies. However, there were no attendant controls, monitoring or follow up noted. Indeed, it is not clear if much if anything changed at Caremark, given the decentralized nature of its business model.

Criminal and Civil Charges

In August 1994, Caremark was hit with a 47-page indictment alleging criminal violations of ARPL, specifically including making payments to induce physicians to refer patients to Caremark services and products. The indictment alleged that payments were “in the guise of research grants and others were consulting agreements.” Moreover, the Indictment went on to allege that such payments were made where no consulting services or research performed. (Very 2022 FCPA-ish) One doctor was alleged to have direct payments from Caremark for staff and offices expenses. Multiple shareholder suits were filed against the Board in Delaware and another federal Indictment was handled in Ohio. In addition to the claims in Ohio, new allegations of over billing and inappropriate referral payments made in Georgia and “reported that federal investigators were expanding their inquiry to look at Caremark’s referral practices in Michigan as well as allegations of fraudulent billing of insurers.” Rather amazingly, the company management, when reporting the Indictment to the Board of Directors, maintained the company had done nothing wrong.

Settlements

Of course, the Caremark senior management was not correct, and Caremark was required to pay millions to resolve enforcement actions. An agreement, with the Department of Justice (DOJ), Office of Inspector General (OIG), US Veterans Administration, US Federal Employee Health Benefits Program, federal Civilian Health and Medical Program of the Uniformed Services, and related state agencies in all fifty states and the District of Columbia required a Caremark subsidiary to enter a guilty plea to two counts of mail fraud, and required Caremark to pay $29 million in criminal fines, $129.9 million relating to civil claims concerning payment practices, $3.5 million for alleged violations of the Controlled Substances Act, and $2 million, in the form of a donation, to a grant program set up by the Ryan White Comprehensive AIDS Resources Emergency Act. Caremark also agreed to enter into a compliance agreement with the Department of Health and Human Services (HHS).

In addition to all these entities, Caremark was also sued by several private insurance company payors (“Private Payors”), who alleged that Caremark was liable for damages to them for allegedly improper business practices related to those at issue in the OIG investigation. As a result of negotiations with the Private Payors the Caremark Board of Directors approved a $98.5 million settlement agreement with the Private Payors in 1996.

In addition to the financial penalties, Caremark finally agreed to institute a full compliance program. It created the position of Chief Compliance Officer (CCO) and created a Board level Compliance and Ethics Committee who, with the assistance of outside counsel, was tasked with reviewing existing contracts and advanced approval of any new contract forms.

Join us for our next piece where we consider the court holdings and rationales in Caremark and Stone v. Ritter.

Categories
Blog

The CCO and Board Refreshment

Boards of Directors are coming under increased legal and regulatory scrutiny. Courts in Delaware, from the Delaware Court of Chancery to the Delaware Supreme Court, have continued to refine and expand the Caremark Doctrine. Boards are on notice they must actively engage in compliance and risk management oversight. One of the continuing challenges for boards in this era of increasing responsibility is getting the right persons on boards. I was therefore interested in a recent MIT Sloan Management Review article, entitled Meet the New Board — Same as the Old Board, where authors Cynthia E. Clark and Jill A. Brown posit that many companies are just going through the motions of recruiting more diverse board members. Moreover, they advocate the time is now to get serious about board refreshment.

In addition to these new legal requirements, other stakeholders are pushing for public companies to refresh their boards to achieve greater diversity. Shareholders have been leading the way at least a dozen public company boards since mid-2020, “accusing them of failing to broaden out with greater diversity.” Institutional investors and investment managers such as BlackRock, Inc. have voted “against more than 1,800 directors at close to 1,000 companies for insufficient action to increase board diversity.” The proxy advisory firm Institutional Shareholder Services Inc. “now recommends withholding votes from, or voting against, directors with nominating or governance roles on boards that don’t have at least one non-White director and at least one woman.” Finally, the Nasdaq Exchange, with the approval of the Securities and Exchange Commission (SEC), “will soon require listed companies to have at least two demographically diverse directors (or explain why they don’t).”

Yet board refreshment and diversity is not simply something driven by regulators or changes in the law. The authors believe, “diverse boards representing a broader range of experience may be better able to quickly navigate volatile business environments and unexpected disruptions, such as a global pandemic.” They cite to “recent data from BoardReady, a nonprofit group that promotes corporate diversity, found a positive correlation between the diversity of S&P 500 boards and revenue growth during the pandemic.” So, if the law, regulators, stakeholders and the market all believe in board refreshment, why is not this effort moving forward with greater speed and urgency?

The authors found two key reasons why many companies still struggle to appoint directors who are women, people of color, or members of other underrepresented groups. (1) They found “that corporations go through the motions of refreshment but ultimately accomplish little, replacing an outgoing director with someone similar rather than with a person who has a different professional background, identity, or perspective.” (2) Perhaps not too surprisingly, they also “found that the independence of the board’s nominating committee is often compromised by substantial CEO influence over the process, perpetuating a tendency to select directors who reflect the opinions, and often the identity, of senior management.” When these factors converge, board independence and effectiveness in overseeing management of the company is compromised, which can negatively impact corporate performance.

The authors developed four actions which they believe can allow a company to turn around these areas in board refreshment. How can boards avoid these pitfalls and achieve meaningful refreshment? Leaders who want to change the culture of the board should take the following actions.

Diversity of identity and thought

Obviously, there are certain easily verifiable and achievable standard boards can articulate around diversity, including gender, race, and other such attributes. They can then evaluate nominees against that definition and for diversity of through as well. As the Compliance Evangelist, it would surprise you that I believe more former Chief Compliance Officers (CCOs) and compliance professionals should be nominated to boards. The same is true in other areas of risk management, cyber, export controls and trade sanction and even supply chain. The authors state, “Boards should also encourage nominees to talk about what type of diversity they believe they would bring to the board.” Documenting these actions will serve companies well, as multiple stakeholders are increasingly demanding public disclosure of this documented  information.

Refresh frequently

It is clear that a long-standing board is not the best system to have in place as members gradually lose effectiveness and long “tenures tend to compromise the true nature of director independence.” This leads the authors to suggest boards “set earlier mandatory retirements and shorter term limits.” Some investors oppose the re-election of directors who have served on a board for more than nine years, while others may limit service to seven years. Interestingly, the authors note, “in industries where business models and operational contexts change fast, tenures might need to be even shorter.” Rotation of members and a staggered hiring tenure can also be used.

Limit CEO involvement

Given the negative impact of a Chief Executive Officer (CEO) in the process of selection, it is not too surprising the authors posit “the CEO should not have a vote in the hiring decision, implied or otherwise.” To enhance this position, they also write, “We think boards could normalize the use of executive sessions and reduce any stigma associated with them by holding them more frequently, including when evaluating director candidates.” They noted the “New York Stock Exchange (NYSE) requires executive sessions once a year and Nasdaq at least twice a year, although neither specifies that the sessions be used in the nominee search and hiring process.”

Changing culture

Every CCO and compliance professional who has dealt with a board understands refreshment and corporate culture are tied together. The very act of refreshing an old, stagnant board with new people and ideas changes the culture of a board. That change permeates down into an organization. It is almost axiomatic that “A group of directors with similar experiences, opinions, skills, and identities will naturally tend toward consensus much too often.”

A CCO should work to get directors “to think about and freely discuss the existing board culture, including their own behavior and whether it needs to change.” You could also encourage a board to hire “a consultant to help diagnose and possibly change your board culture.” Finally, work to  “Encourage board members to voice their opinions, especially when they challenge the consensus.” As with most things in life, if you do what you did, you get what you got. The same is true for boards. If you replace one old white guy who was an executive in your industry with another old white guy who also is from the same industry, you have not refreshed your board member, you have simply replaced one for another. In this time of near constant change, boards need to be able to respond quickly and nimbly. That is going to take new blood into your Board of Directors.

And do not forget the ‘G’ in ESG.

Categories
FCPA Compliance Report

Ty Francis on Assessing Corporate Culture: A Practical Guide to Improving Board Oversight

In this episode of the FCPA Compliance Report, I am joined by Ty Francis, Chief Advisory Officer at LRN. We dive deeply into a recently released LNR/Tapestry Networks Report on Assessing Corporate Culture: A Practical Guide to Improving Board Oversight. Some of the highlights include:

  1. The genesis of this report.
  2. How does the Report serve as a roadmap to a clearer picture of the company’s ethical culture?
  3. How can the Report help determine how to improve culture throughout the enterprise?
  4. Who should a Board collaborate with, and how?
  5. How does the work LRN conducts help organizations foster more effective collaborative cultures?
  6. How do you prioritize culture on the board agenda?
  7. What is the challenge to the board’s culture?
  8. How does a Board measure and monitor?
  9. How does a Board articulate the desired culture?
  10.  How can a Board establish clear communication?

Resources

Ty Francis on LinkedIn

LRN

Assessing Corporate Culture: A Practical Guide to Improving Board Oversight

Tapestry Networks

Categories
Sunday Book Review

August 14, 2022 the Culture edition

In today’s edition of Sunday Book Review:

The Advantage: Why Organizational Health Trumps Everything Else in Business by Patrick Lencioni

Culture by Design: How to Build a High-Performing Culture, Even in the New Remote Work Environment by David J. Friedman

The Culture Code: The Secrets of Highly Successful Groups by Daniel Coyle

Organizational Culture and Leadership by Edgar H. Schein with Peter Schein

Winning Behavior: What the Smartest, Most Successful Companies Do Differently by Terry R. Bacon and David G. Pugh

Resource

5 Top Books on Corporate Culture

Categories
The Woody Report

Caremark Claims, Part 2

Welcome to The Woody Report, where Washington & Lee School of Law Associate Professor Karen Woody and host Tom Fox discuss issues on white collar crime, compliance issues, international corruption, securities and accounting fraud, and internal corporate investigations. From current events to topical issues to academic research and thought leadership, Karen Woody helps lead the discussion of these issues on the new and exciting podcast. Today in Part 2, Tom and Karen look at cases in the wake of Marchand, including Clovis Oncology, Boeing and Cardinal Health.

Resources

Karen Woody on LinkedIn

Karen Woody at Washington & Lee, School of Law

Categories
Blog

Death of dos Santos and Leadership at the Top

José Eduardo dos Santos, who served nearly four decades as Angola’s president, died on Friday in Spain where he had been living in self-imposed exile. According to his New York Times (NYT) obituary, “he was widely accused of corruption and nepotism, and the economic boom he presided over benefited mainly his family and a coterie of advisers.” If the name sounds familiar it may be due to his flamboyant daughter Isabel dos Santos who has been “accused of plundering institutions including Sonangol, the state petroleum company, to create a business empire with stakes in diamond exports, the dominant cellphone company, banks and the country’s biggest cement maker. In 2020, she was charged with embezzlement, money laundering and other financial crimes. She denied the charges, saying she was the victim of a witch hunt. She has been living mostly in Dubai, seeking to avoid arrest. Mr. dos Santos’s son José was found guilty of financial transgressions and sentenced to five years in prison.” In other words, it all started at the top.
The death of Santos is a good reminder of why substantive and deep dive due diligence needs to go into the background check on every business leader and C-Suite Executive. Candice Tal, founder and President of Infortal Worldwide, has long been telling us for this need for many years. Now a new article from the Harvard Business Review (HBR) by Aiyesha Dey, entitled “When Hiring CEOs, Focus on Character”, bears Tal’s warnings out with research. The author has “studied the ways in which the lifestyle behaviors of CEOs—in particular, materialism and a propensity for rule breaking—may spell trouble for a company.”  Her conclusion bears out why Tal has been saying all along, “Firms led by CEOs with even minor traffic tickets or excessive spending habits are disproportionately prone to fraud, insider trading, and other risky business activities.” Dey concludes by noting “that boards should pay attention to executives’ off-the-job behavior.”
Dey’s research centers on straight-forward questions: “Instead of focusing on systems and controls, should we be looking more closely at the people leading these companies?” Her conclusion is that taking a deeper dive into the background of those who become the C-Suite leaders at an organization bears more scrutiny as they can be “early warning signs” of trouble to come. That sounds like exactly what Boards would want to consider when reviewing potential C-Suite candidates. (I hope they will call Candice Tal to perform the actual due diligence recommended by Dey.)
The first area explored by Dey was in rule breaking, as “criminology researchers have found that people who flout even minor rules are subtly communicating that they don’t believe restrictions apply to them.” Indeed, Dey found that “18% of CEOs had been cited for infractions ranging from minor traffic offenses to driving under the influence, disturbing the peace, drug crimes, reckless behavior, domestic violence, and sexual assault.” Dey took this information a step further by asking, “Is fraudulent reporting more likely at a company if its CEO has a criminal record? Is the CEO (or CFO) more likely to be personally implicated in the fraud if he or she has a criminal record? Not surprisingly, the answer to both questions was yes… we found that if the CEO had a criminal infraction, the firm was more than twice as likely to be involved in fraud, and the CEO was seven times more likely to be personally named as a perpetrator.” Somewhat amazingly, even minor legal infractions such as traffic tickets were significant.
Dey then considered the effect of controls, such as insider trading blackout periods as a deterrence. Dey found “they had little effect on executives who committed serious crimes. Seemingly, then, governance structures and formal control systems are unlikely to rein in the worst actors. That’s discouraging news for boards and regulators that wish to curb opportunistic insider trading and limit other undesirable behavior.”
An area of Dey’s research, which was surprisingly insightful, was around “materialism.” Dey looked at it from the perspective of “the zealous pursuit of wealth and luxury regardless of the cost to others.” She and her teamed picked three criteria for review. (1) Ownership of a private home valued at twice as much as the median in the area; (2) Ownership of a car worth more than $75,000; and (3) Ownership of a boat more than 25 feet in length. “In our sample of CEOs, 58% had one or more of those markers and qualified as materialistic; we classified the remaining 42% as frugal.”
What Dey found “was a gradual weakening of the control environment in firms led by executives whose personal spending was excessive. Specifically, we observed more use of equity-based incentives (which can encourage managers to mislead capital markets by inflating reported performance), more appointments of materialistic CFOs, less intensive monitoring by the board, and a greater probability of a weakness in internal controls.”
In the financial sector, Dey “found that those with materialistic CEOs had relatively lax systems for risk management and thus faced more threat of significant negative performance than banks led by frugal CEOs.” Even more troubling for the compliance function, Dey “found that materialistic CEOs also contributed to a deterioration in corporate culture that led employees to more aggressively exploit insider-trading opportunities during the 2007–2009 financial crisis. Another correlation was in “corporate social responsibility (CSR) performance,” where Dey “found that firms with materialistic leaders received lower scores from CSR ratings agencies than did firms with frugal leaders. Our finding aligns with other scholarship showing that materialistic people display a lack of concern for the well-being of others and the environment.”
I asked Candice Tal what companies can do to investigate these issues. Tal stated, “Behavioral issues can be picked up during in-depth reference interviews by trained investigators, and can also be detected through patterns observed with type and frequency of civil lawsuits, such as sexual harassment, class action lawsuits, fraud and breach of contract matters. Themes around egregious behavioral issues can also be found when conducting deep web investigations on executives. This goes far beyond Google searches incorporating OSINT Open Source Intelligence. Tal notes that patterns and themes in behavioral traits should never be ignored. Executive due diligence backgrounds should be conducted by corporations on new executive hires and new board members.  Executives will be in the highest positions of trust, a simple background check will not reveal these types of issues, however, effective due diligence investigations enable this information to be discovered thus protecting the board and shareholders from unnecessary risk exposure.”
All this information should be digested by corporate compliance functions and Boards of Directors. Even in the Foreign Corrupt Practices Act (FCPA) world, nearly every major corporate scandal starts with a lax attitude at the top of the organization. Indeed, it is such CEOs who inevitably cry about ‘rogue employees” and not what their organizations stand for. But the myth of the rogue employees is just that, a myth, and it really all does start at the top. Boards need to take note.

Categories
Compliance Week Conference Podcast

Karen Woody on Board Evolution on the Role of Compliance


In this episode of the Compliance Week 2022 Preview Podcasts series, Karen will discuss some of my presentation at Compliance Week 2022 “Board Evolution”. Some of the issues she will discuss in this podcast and her presentation are:

  • Delve into the evolution of the Caremark doctrine requiring Boards to oversee compliance and explore where the courts and regulators are headed
  • Discuss best practices in managing up to the board, including reporting
  • Examine how to best educate boards and engage them in effective oversight, and what compliance’s role is in that

In this first full compliance conference in over 2 years, I hope you can join me at Compliance Week 2022. This year’s event will be May 16-18 at the JW Marriott in Washington DC. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 17th year, compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. and many others to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Hear from 75+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from the two SEC Commissioners and gain insights into the agency’s areas of enforcement and walk away with guidance on how to remain compliant within emerging areas such as ESG disclosure, third-party risk management, cybersecurity, cryptocurrency and more.
  • Bring actionable takeaways back to your program from various session types including ESG, Human Trafficking, Board obligations and many others for you to listen, learn and share.
  • The goal of Compliance Week is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount off the registration price. Enter discount code discount code TFLAW $200 OFF.

Categories
Blog

Expanding Compliance Obligations of the Board – Part 1: Blue Bell

The role of the Board of Directors has always been a key part of any best practices compliance program. The Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have consistently said that a Board’s role is active oversight of compliance. Over the past few years, the civil side of this obligation has become much more prominent, led by developments in case law under the Caremark doctrine, as modified by Stone v. Ritter by the Delaware Supreme Court. In response to demands for greater accountability and corporate accountability, the Delaware courts have been cutting back the Caremark standard and rejecting motions to dismiss filed by defendants. Recent cases are continuing down this path and raising the expectations for Board members exercising their duty of loyalty and duty of care. This week I will be exploring this expanded set of legal obligations laid down by the Delaware Supreme Court.
Mike Volkov has stated, “At the core of board member protection from liability is the well-known Caremark doctrine that requires corporate boards to make a good faith effort to implement a system for compliance program monitoring and reporting. For years, Delaware courts easily rebuffed shareholder derivative suits challenging board members’ performance after a corporate scandal occurred. The Caremark standard was reinforced in Stone v. Ritter, where the court stated director oversight liability requires a showing of either “the directors utterly failed to implement any reporting or information system or controls” or the directors, “having implemented such a system or controls, consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.”
Under Caremark and Stone v. Ritter, a director must make a good faith effort to oversee the company’s operations. Failing to make that good faith effort breaches the duty of loyalty and can expose a director to liability. But it is more than simply not doing your job as a Board, it is doing so in bad faith. The Court states, “In other words, for a plaintiff to prevail on a Caremark claim, the plaintiff must show that a fiduciary acted in bad faith—“the state of mind traditionally used to define the mindset of a disloyal director.” Bad faith is established, under Caremark, when “the directors [completely] fail[] to implement any reporting or information system or controls[,] or … having implemented such a system or controls, consciously fail[ ] to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.” In short, to satisfy their duty of loyalty, directors must make a good faith effort to implement an oversight system and then monitor it.”
This change began in a case Marchand v. Barnhill and it involved that Texas institution, Blue Bell Ice Cream, the top ice cream manufacturer in the US. In this decision, the Court found that the Blue Bell Board completely abrogated its duty around the single largest safety issues it faced – food safety. That abrogation allowed a listeria outbreak, “causing the company to recall all of its products, shut down production at all of its plants, and lay off over a third of its workforce. Blue Bell’s failure to contain listeria’s spread in its manufacturing plants caused listeria to be present in its products and had sad consequences. Three people died as a result of the listeria outbreak. Less consequentially, but nonetheless important for this litigation, stockholders also suffered losses because, after the operational shutdown, Blue Bell suffered a liquidity crisis that forced it to accept a dilutive private equity investment.”
The job of every Board member is to represent the shareholders, not the incumbent Chief Executive Officer (CEO) and Chairman of the Board. To do so, the Board must oversee the risk management function of the organization. Blue Bell was and to this day is a single-product food company and that food is ice cream. This sole source of income would mandate that the highest risk the company might face is around food. But as the underlying compliant noted, “despite the critical nature of food safety for Blue Bell’s continued success, the complaint alleges that management turned a blind eye to red and yellow flags that were waved in front of it by regulators and its own tests, and the board—by failing to implement any system to monitor the company’s food safety compliance programs—was unaware of any problems until it was too late.”
The plaintiffs reviewed the Board records and made the following allegations:

  • there was no Board committee that addressed food safety;
  • there was no regular process or protocols that required management to keep the Board apprised of food safety compliance practices, risks, or reports which existed;
  • there was no schedule for the Board to consider on a regular basis, such as quarterly or biannually, any key food safety risks which existed;
  • during a key period leading up to the deaths of three customers, management received reports that contained what could be considered red, or at least yellow, flags, and the Board minutes of the relevant period revealed no evidence that these were disclosed to the Board;
  • the Board was given certain favorable information about food safety by management, but was not given important reports that presented a much different picture; and
  • the Board meetings are devoid of any suggestion that there was any regular discussion of food safety issues.

The Board’s response to these allegations is instrumental in understanding how Board’s viewed their obligations regarding oversight of compliance. The Court stated, “the directors largely point out that by law Blue Bell had to meet FDA and state regulatory requirements for food safety, and that the company had in place certain manuals for employees regarding safety practices and commissioned audits from time to time. In the same vein, the directors emphasize that the government regularly inspected Blue Bell’s facilities, and Blue Bell management got the results.”
The Delaware Supreme Court made short shrift of this argument, stating “fact that Blue Bell nominally complied with FDA regulations does not imply that the board implemented a system to monitor food safety at the board level. Indeed, these types of routine regulatory requirements, although important, are not typically directed at the board. At best, Blue Bell’s compliance with these requirements shows only that management was following, in a nominal way, certain standard requirements of state and federal law. It does not rationally suggest that the board implemented a reporting system to monitor food safety or Blue Bell’s operational performance.”
The Board’s next defense was even more inane and was so preposterous, the Delaware Supreme Court labeled it as “telling.” It was that because the Board had received information on the company’s operational issues and performed oversight on operational issues, it had fulfilled its Caremark obligations. This is basically the same argument that every paper-pushing argument for compliance program. We have something on paper, so we have complied is the clarion call of such practitioners. The Delaware Supreme Court also saw through the flimsiness of this argument stating, “if that were the case, then Caremark would be a chimera.” [emphasis in original] This is because operational issues are always discussed at the Board level. Finally, Caremark requires “that a board make a good faith effort to put in place a reasonable system of monitoring and reporting about the corporation’s central compliance risks. In Blue Bell’s case, food safety was essential and mission critical.”
It has long been axiomatic that bad facts can lead to large changes in how courts interpret the law. The Blue Bell case had facts that the Court all but said the Board engaged in bad faith regarding its compliance obligations. The change was only the beginning.

Categories
Blog

Day 20 of 30 Days to a Better Compliance Program, the Board of Directors’ Compliance Committee

Key Takeaways

  1. This committee exists to provide oversight and assist the CCO, not to substitute its judgment for that of the CCO.
  2. This committee should work to hold the CCO accountable to hit appropriate metrics.
  3. This committee is ideal for leading the efforts around strategic planning.

For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here.