When Are Directors Liable For Failing To Exercise Proper Oversight?

Recently we discussed whether directors of public companies face potential liability for not preventing cyber attacks.  As we discussed, the answer is generally no, because absent allegations to show a director had a “conscious disregard” for her responsibilities, directors do not breach their fiduciary duties by failing to properly manage and oversee the company.

That well-established rule was again affirmed last week by the Delaware Court of Chancery in In re China Automotive Systems Inc. Derivative Litigation,  a case that concerned an accounting restatement by a Chinese automotive parts company.  Plaintiffs there alleged that the company’s directors breached their fiduciary duties by failing to manage and oversee the company’s accounting practices and the company’s auditors, who improperly accounted for certain convertible notes from 2009 to 2012.  When the error was uncovered, the company restated its financials for two years and its stock price dropped by 15%.

As the Court noted, to show that the company’s directors had breached their fiduciary duties by allowing the improper accounting to occur, plaintiffs were required to show the directors had acted in bad faith.  To make that showing, the plaintiffs had to allege a “sustained or systematic failure of the board to exercise oversight.”  Concrete examples of such a “systematic failure” in the accounting context cited by the Court include:

•    Where a director has “knowledge of specific ‘red flags’—such as personal knowledge of a series of detailed, third-party reports suggesting potential accounting improprieties.”
•    Where a company “lacks an audit committee” or has an “audit committee that met only sporadically and devoted patently inadequate time to its work.”

On the other hand, “just being a director on [an audit] committee where the alleged wrongdoing is within its delegated authority” does not give rise to a breach of fiduciary duty absent a showing of bad faith.

In this case, there were no allegations that any director had knowledge of accounting “red flags,” no allegations that the audit committee was deficient in its work and no allegations that any director had consciously disregarded his responsibilities.  Instead, it would seem that the directors were unable to recognize what their auditors had also missed, and as such could not be said to have breached their fiduciary duties.

 

Topics:  Breach of Duty, Cyber Attacks, Cybersecurity, Directors, Fiduciary Duty, Liability, Oversight Committee

Published In: Business Organization Updates, Business Torts Updates, International Trade Updates, Securities Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Orrick - Securities Litigation and Regulatory Enforcement Group | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »