Regulating Corporate Governance in the Public Interest: The Case of Systemic Risk

There’s long been a debate whether corporate governance law should require some duty to the public. The accepted wisdom is not to require such a duty—that corporate profit maximization provides jobs and other public benefits that exceed any harm. This is especially true, the argument goes, because imposing specific regulatory requirements and making certain actions illegal or tortious—what I’ll call “regulating substance,” in contrast to “regulating governance”—can mitigate the harm without unduly impairing corporate wealth production.

Whether that’s true in other contexts, I question if it’s true in the context of systemic economic harm. My examination is based in part on a forthcoming article [1] and also parallels the efforts of a Working Group (which I chair) of Fellows of the American College of Bankruptcy, which is examining the same question under the laws of various nations worldwide.

Risk-Taking, Misalignment, and Systemic Harm

Excessive corporate risk-taking by systemically important firms is widely seen as one of the primary causes of the global financial crisis. In response, governments have issued an array of regulation to attempt to curb excessive risk-taking and prevent another crisis.

Many of these measures are designed to control excessive risk-taking by aligning managerial and investor interests, implicitly assuming that the investors themselves would oppose excessively risky business ventures. These include, for example, requiring a systemically important firm to tie management compensation to the firm’s long-term performance, or requiring a systemically important firm to maintain so-called contingent capital, in which debt securities convert into equity upon specified conditions. The assumption that investors themselves would oppose excessively risky business ventures is flawed, however. Therefore financial regulation based on the assumption’s validity is unreliable.

The assumption is flawed because what constitutes “excessive” risk-taking depends on the observer. Risk-taking is excessive from a given observer’s standpoint if it has a negative expected value to that observer—i.e., the expected costs to that observer exceed the expected benefits. It is reasonable to assume that investors would oppose risky business ventures with a negative expected value to them.

The flaw, however, is that systemically important firms can engage in risk-taking ventures that have a positive expected value to their investors but a negative expected value to the public. That is because much of the systemic harm from such a firm’s failure would be externalized onto the public, including ordinary citizens impacted by an economic collapse, causing widespread poverty and unemployment.

Corporate governance law creates this misalignment by requiring managers of a firm to view the consequences of their firm’s actions, and thus the expected value of corporate risk-taking, only from the standpoint of the firm and its investors (effectively stakeholders). That perspective ignores externalities caused by the actions.

Ordinarily this is sensible; managers could not feasibly govern if they had to take into account the myriad small externalities that result from corporate risk-taking. But risk-taking that causes the failure of a systemically important firm could trigger a domino-like collapse of other firms or markets, causing systemic externalities that severely damage the economy. [2]

Regulating Substance may be Inherently Insufficient

There’s another reason, beyond the misalignment per se, why regulating substance may be inherently insufficient. Excessive corporate risk-taking is also tied to managerial judgment calls. For example, poor decisions, bad judgment, and greed contributed to the excessive corporate risk-taking that led to the financial crisis. To control that risk-taking, regulation should also regulate governance.

Others have recognized these limitations

There is now a consensus that existing regulatory measures, which primarily regulate substance, are inadequate. In a widely attended meeting in October at the Federal Reserve Bank of Boston, the New York Times reported that “policy makers have made little progress in figuring out how they might actually” prevent another financial crisis. [3] Donald Kohn, former Vice Chair of the Federal Reserve Board, observed that the Fed “doesn’t really have the tools” to prevent another crisis. Luc Laeven, the European Central Bank Director General for Research, summarized the consensus reached at the conference: “Both monetary policy and macroprudential [regulatory] policy are not really very effective.” He then asked, “Do we have other policies?”

I believe we do have other policies, in the form of regulating governance. Consider how to redesign financial regulation to accomplish that.

I. Redesigning Regulation

In making corporate decisions, managers currently have a duty to the firm and its investors. To reduce systemic externalities, they should also have a duty to society (a “public governance duty”) not to engage their firms in excessive risk-taking that leads to those externalities. So long as it does not unduly weaken wealth-producing capacity (corporate wealth production being in the public interest), regulating governance in this way would help to align private and public interests.

Regulating Governance Works Better also for Financial Change

In the financial context, regulating governance also has another advantage over regulating substance. Regulating substance often depends on regulators precisely understanding the financial “architecture”—the particular design and structure of financial firms, markets, and other related institutions—at the time the regulation is promulgated. Because the financial architecture is constantly changing, that type of grounded regulation has value as long as it is updated as needed to adapt to those changes.

But ongoing financial monitoring and regulatory updating can be costly and is subject to political interference at each updating stage. As a result, financial regulation of substance usually lags financial innovation, causing unanticipated consequences and allowing innovations to escape regulatory scrutiny. [4]

Regulating governance, in contrast, can overcome that regulatory time lag. To fulfill their governance duties, the managers of a firm that is proposing to engage in a financially innovative but risky project must try to obtain the most current information about the innovation and its consequences.

II. Towards Regulatory Alignment: A Public Governance Duty

Next consider the theory and practicality of a public governance duty. Because only systemically important firms, by definition, could engage in risk-taking that leads to systemic externalities, such a duty should apply only to managers of those firms.

A. Situating a Public Governance Duty within Corporate Governance Theory

Except to the extent it intentionally limits shareholder primacy, a public governance duty would not be inconsistent with corporate governance legal theory. It should most clearly be consistent with the stakeholder model of governance, which considers the interests of everyone affected by a firm’s actions to avoid anyone being unfairly exploited. The public, of course, is affected by a firm’s risk-taking. This model, however, adds little explanatory value because there is fundamental disagreement on the extent to which non-investor stakeholder interests should be taken into account, valued, and balanced with shareholder interests.

A public governance duty would, at first glance, appear to be inconsistent with the contractarian model of governance—that a firm is a “nexus of contracts” among private parties. After all, members of the public are not contracting parties. Contract law, however, does not limit its application to contracting parties. Government should be able to limit freedom of contracting when the contracting causes externalities. The critical question is which externalities should count in limiting that freedom.

Even under contract law, there is no absolute answer to that question. But we need answer only a much more limited question: Should systemic externalities count in limiting freedom of contract? That question has already effectively been answered: systemic externalities not only harm the public, who cannot contract to protect themselves, but also cause much more harm than non-systemic externalities, including widespread poverty and unemployment. These are exactly the type of externalities that should count in limiting freedom of contract.

A public governance duty would technically be inconsistent with the shareholder-primacy model. Proponents of shareholder primacy argue that managers of for-profit corporations should govern the firm solely for the best interests of its shareholders. They accept that firms can cause externalities, but they believe the efficient response is for government to regulate substance, without interfering with corporate governance. However, where regulating substance is insufficient, as in the case of controlling the excessive corporate risk-taking that causes systemic externalities, the alternative should be to regulate corporate governance.

Next consider a public governance duty’s practicality: how to regulate governance without unduly weakening corporate wealth-producing capacity.

B. Practicality of a Public Governance Duty

Under a public governance duty, the managers of a systemically important firm would not only have a private corporate governance duty to the firm and its investors but also a duty not to engage in excessive risk-taking that could systemically harm the public. [5] That public duty raises several practical issues.

1. Legally Imposing the Duty.

How should a public governance duty be legally imposed? Courts, for example, could create such a duty through judicial decisions. Or legislatures could amend their corporation laws to require such a duty. The latter may be preferred because imposing such a duty broadly impacts public policy.

In the United States, for example, this would mean that a public governance duty should be imposed either by state legislatures (especially the Delaware legislature, because most domestic firms are incorporated under Delaware law) or by the U.S. Congress. Because corporation law in the United States is traditionally state, not federal, states ideally should take the lead in imposing such a duty.

It is questionable, however, whether state legislatures are well positioned to impose a public governance duty. Any given legislature would be unlikely to want to pioneer such a duty because it could discourage firms from incorporating in its state. Furthermore, systemic risk is a national and international problem, not usually a local state problem. The “internalization principle” recognizes that regulatory responsibilities should generally be assigned to the unit of government that best internalizes the full costs of the underlying regulated activity. For these reasons, Congress may be best situated to impose a public governance duty.

2. Assessing and Balancing Costs and Benefits.

How should managers of a systemically important firm, or members of such a firm’s risk committee, [6] assess and balance the public costs and private benefits of a risk-taking activity? Let’s examine and compare two approaches, one subjective and the other more objective and ministerial. On a case-by-case basis, managers could choose which approach to follow. Either approach would be needed only when deciding on a risky project whose failure might, either itself or in combination with other factors of which such managers are or should be aware, [7] cause the firm to fail. [8]

Managers following a subjective approach would simply consider those costs and balance them against benefits—the same way they would consider and balance any other relevant costs and benefits when making a corporate governance decision. Their assessment and balancing might, but would not necessarily, be documented or explained. Managers may favor this approach because it would not change their current behavior.

This subjective approach would have at least three drawbacks, however. First, because the consequences of a systemic collapse can be devastating to the public, the decisionmaking process to mitigate that harm should be more transparent. Second, managers following a subjective approach may be subject to peer pressure to favor investor profitability over avoiding public harm—especially when, as I later argue, managers often have conflicts of interest that favor the firm’s shareholders over the public. Third, although courts generally try to avoid second-guessing management decisions, even managers should want to follow an approach that provides an explicit safe harbor against litigation—at least if the approach is relatively ministerial.

Consider how to craft a possible ministerial safe-harbor objective approach, using the generic example of a systemically important firm engaging in a risky project that could be profitable. The expected private benefits would be the expected value of the project to the firm’s investors (usually the shareholders). The expected public costs would be the expected value of the project’s systemic costs. [9]

In large part, the firm’s managers should have sufficient information, or at least much more information than third parties, about these values. For example, managers should have much more information than third parties about valuing the chance of the project being successful, the value to investors from that success, the loss from the project’s failure, and the chance of the firm failing as a result of the project’s failure.

The exception, however, is valuing the systemic costs if the firm fails. That valuation should be a public policy choice. It might be based, for example, on the estimated cost of a government bailout to avoid a systemic failure. Such an estimate could be made by the government as part of the process of designating a firm as “systemically important,” and thereafter periodically updated by the government.

From a strict (Kaldor-Hicks) economic efficiency standpoint, the project would be efficient if its expected value to investors exceeds the expected value of its systemic costs. As a public policy matter, however, simple economic efficiency may be insufficient because the magnitude and harmful consequences of a systemic collapse, if it occurs, could be devastating.

When balancing the costs and benefits of activities that might pose great harm, policymakers normally apply a precautionary principle directing regulators to err on the side of safety. Applying that to our balancing, it may be appropriate (as Cass Sunstein has proposed in another context [10]) to require “a margin of safety”—for example, requiring that the expected value to investors considerably exceeds the expected value of systemic costs—to demonstrate that a given risk-taking activity is justified.

I’m not claiming that the foregoing approach to assessing and balancing costs and benefits is perfect. Even if imperfect, however, it should represent a step towards shaping corporate governance norms to begin to take the public into account.

3. Enforcing a Public Governance Duty.

Who should enforce a public governance duty? Under existing corporate governance law, shareholder derivative suits are the primary enforcement mechanism. Shareholders would have no interest, however, in suing managers of their firm for externalizing systemic harm. Therefore, the government, by default, at least should have the right to enforce the public duty.

The government itself may be unable to effectively monitor a firm’s internal compliance with the public governance duty until the firm fails, when systemic consequences may be irremediable. To facilitate better monitoring, regulation implementing a public governance duty should include whistleblower incentives, including anti-retaliation protection for managers or others involved in the risk assessment who inform government officials of their firm’s noncompliance and possibly also monetary rewards. Regulation implementing a public governance duty might even impose an obligation on managers involved in the risk assessment to inform government officials of their firm’s noncompliance.

Another way to facilitate better monitoring, and more specifically enforcement, of the public governance duty would be to incentivize members of the public themselves. One such precedent is so-called qui tam suits under which private citizens can sue alleged defrauders in the name of the government. If the suit is successful or settled, the citizen-plaintiff is entitled to a percentage of the award or settlement.

4. Business Judgment Rule as a Defense.

A critical issue concerns the business judgment rule as a defense to manager liability. In the traditional corporate governance context, managerial risk-taking decisions are protected to some extent by this rule, which presumes that managers should not be personally liable for harm caused by negligent decisions made in good faith and without conflicts of interest—and in some articulations of the business judgment rule, also without gross negligence. The rule attempts to balance the goal of protecting investors against losses against the goals of encouraging the best managers to serve and avoiding the exercise of inappropriate judicial discretion (as would occur if courts tried to second-guess business judgments).

The business judgment rule arguably should apply differently in a public-governance-duty context because one of the rule’s basic assumptions—that there be no conflict of interest—may be breached. The interest of a manager who holds significant shares or interests in shares, or whose compensation or retention is dependent on share price, is aligned with the firm’s shareholders, not with that of the public. To that extent, the manager would have a conflict of interest.

But how should the business judgment rule be modified without requiring courts to exercise inappropriate discretion or discouraging the best people from serving as managers? One approach would be to prevent conflicted managers who are grossly negligent—that is, who fail to use even slight care in assessing systemic harm to the public—from using the rule as a defense.

Technically, this modification merely applies the gross negligence standard that is often articulated as part of the business judgment rule, though rarely utilized with any rigor. Because courts routinely review whether other types of actions are grossly negligent, they should not find it “inappropriate” or impractical to review corporate risk-taking actions under a gross negligence standard. As a practical matter, managers who follow a reasonable procedure to balance public costs and private benefits should be protected. That would effectively conform the business judgment rule’s public-governance-duty application to a duty of process care, a standard commonly used. [11]

5. To What Extent Should Managers be Protected Under D&O Liability Insurance?

Another issue is the extent to which managers who become subject to liability for breaching the public governance duty should be protected under directors and officers (“D&O”) liability insurance, which indemnifies managers against personal liability. Although D&O liability insurance is needed to incentivize good managers and also to help ensure that sufficient funds are available to properly incentivize private-action lawsuits, it might compromise the deterrent effect of imposing personal liability. Furthermore, because the magnitude of systemic harm is open ended, insurers may be reluctant to offer D&O insurance covering breaches of the public governance duty. At least one possible solution to these concerns would be to specify a limit on the amount of the claim that could be imposed for breaching the public governance duty and, like a deductible, to require managers to be personally liable for some portion of that amount.

Conclusion

I have argued that corporate governance law should require some duty to the public in order to help mitigate systemic economic harm. Even if imperfect, such a duty represents (as mentioned) an important step towards shaping corporate governance norms to begin to take the public into account.