Directors’ Duty of Oversight in a Meltdown

This note was prompted by our review of the recent decision of the Delaware Court of Chancery in In Re Citigroup Inc. Shareholder Derivative Litigation, C.A. No. 3338-CC. In the context of dismissing, on the basis of a failure adequately to plead demand futility, allegations in a complaint of breaches by directors of their duty of oversight, the Court emphasizes the continuing vitality and primacy of the business judgment rule presumption as a key protector of our system of private capital investment. For corporate lawyers, the analysis and outcome of the case is not particularly surprising. However, in this meltdown environment, the outcome could easily be misunderstood as a reflection of a supposed era of state corporate law being too kind and gentle to directors.

So we’ve written this note to include some context and elaboration, rather than just reporting some specific key findings and an overall assessment — such as “It is a heartening decision for directors who oversee their companies in good faith, even though business decisions made on their watch result in ‘staggering’ losses” — which would likely only contribute to the misunderstanding.

Our objective is to illuminate both the serious and thoughtful approach to decisionmaking reflected in the Citigroup decision — an approach that is characteristic of Delaware judicial decisions generally — as well as the important underlying economic policy on which it is grounded. In addition, in a particularly difficult time, when change seems to be the order of the day, we hope that by providing some context and elaboration we may in some small way help counteract a tendency to discard or diminish certain core legal concepts which have stood the test of time and for good reason.

* * * * *

That famous curse — may you live in interesting times — is upon us! For directors of business corporations nothing could be more true. For almost a year now, the global financial markets have been in turmoil, and the global economy has followed suit. In more ebullient times, risks were undertaken in businesses across many industries and around the world that, on a hindsight basis, the directors and management of numerous companies wish had never occurred. As events have unfolded, operating results have plummeted, balance sheets have deteriorated, stock market values have declined dramatically and personal wealth has imploded. All in all an ugly environment and one uniquely positioned for victims to assign blame and seek recompense.

In the public company arena, common stockholders are an obvious class of self-perceived victims. They certainly have suffered huge losses. With both the Dow and the S&P down more than 50% from their respective highs in October 2007, one need look no further to understand the order of magnitude of loss for so many shareholders. But are they victims? And, if so, of whose misconduct? Of what nature? And how can they recover some or all of the loss?

In the U.S. legal system, the instinctive response of many shareholders and lawyers to these queries is, “Yes,” “the directors,” “breach of fiduciary duty,” and “a derivative lawsuit against the directors on behalf of the company for money damages.” After all, say these shareholders and lawyers, “Isn’t it clear that the directors of so many of these public companies were, at best, asleep at the switch, obviously ignoring many business risks and affirmatively accepting others, even when ‘red flags’ were flying at full mast. And what’s more, they misled the shareholders with faulty disclosure. They should pay.”

The difficulty is that characterizations of this nature by some would be understood by others simply as attempts to second-guess exercises of business judgment. And this underscores that there are some important and well-established countervailing considerations to such characterizations. They are at the intersection of law and the functioning of our private enterprise economic system. Most critical is the proposition that the raison d’etre of investment capital is that it be used to take risks in the pursuit of creating value for the capital providers. A direct corollary of this proposition is that those who oversee and manage investment capital should be encouraged to take business risks, and personal liability for risk-taking gone wrong is counterproductive to this fundamental economic function.

Of course, we know that every rule has an exception — so why shouldn’t this corollary proposition have one in the “red flag,” meltdown scenario of the Citigroup case? In fact, corporate law does recognize a directorial duty of oversight. It imposes certain obligations on directors to watch out for the enterprise, including in the area of taking risk. The key questions are: What is the meaning and extent of this duty? What guides its definition? And, most importantly, how does (and should) it interact with business risk-taking as the primary function of investment capital managers and overseers?

The Court’s opinion in In Re Citigroup Inc. Shareholder Derivative Litigation does an excellent job of explicating these questions under Delaware law. Our distillation of the opinion in this area is as follows:

• Business judgment rule central to fostering risk-taking function. The Delaware business judgment rule presumption that directors act consistently with their fiduciary duties is central to fostering the risk-taking function. While the presumption is rebuttable, the burden must be on the plaintiff to first plead and then prove facts that support setting the presumption aside.

• Oversight duty should not undermine business judgment rule. The duty of oversight should not be applied in a manner that undermines the business judgment rule. As the Court said: “To impose liability on directors for making ‘wrong’ business decisions would cripple their ability to earn returns for investors by taking business risks. Indeed, this kind of judicial second guessing is what the business judgment rule was designed to prevent, and even if a complaint is framed under a … [duty of oversight] theory, this Court will not abandon such bedrock principles of Delaware fiduciary duty law.”

• Approach to harmonizing business judgment rule and oversight duty. To harmonize this basic tension — and to give primacy to the business judgment rule and the public policy underlying it — the Delaware courts have developed a number of important distinctions and guides to analysis.

• Key distinction: between ill-advised or negligent board decision and unconsidered board inaction. Athreshold key distinction is between conduct constituting (1) “a board decision that results in a loss because that decision was ill advised or ‘negligent’” and (2) “an unconsidered failure of the board to act in circumstances in which due attention would, arguably, have prevented the loss.”

• Bad faith showing required. In the latter case — a failure to oversee or monitor, such as alleged in Citigroup — for directors to be personally liable their failure to act must be shown to have been in bad faith.

• Meaning of bad faith. Not surprisingly, “bad faith” is a stringent standard. As stated by the Court: “[T]o establish oversight liability a plaintiff must show that the directors knew they were not discharging their fiduciary obligations or that the directors demonstrated a conscious disregard for their responsibilities such as by failing to act in the face of a known duty to act.” Poor business judgment alone, even if resulting in catastrophic losses, does not constitute bad faith.

• Key distinction: between failing to monitor illegal conduct and business risk. In examining the meaning of “bad faith” in the duty of oversight context, the Court identified a further important distinction — between the failure to monitor fraudulent or criminal misconduct within the company and the failure to monitor business risk. In elaborating on this distinction, the Court advised that: “Directors should, indeed must under Delaware law, ensure that reasonable information and reporting systems exist that would put them on notice of fraudulent or criminal conduct within the company. Such oversight programs allow directors to intervene and prevent frauds or other wrongdoing that could expose the company to risk of loss as a result of such conduct. While it may be tempting to say that directors have the same duties to monitor and oversee business risk, imposing Caremark type duties on directors to monitor business risk is fundamentally different … . To impose oversight liability on directors for failure to monitor ‘excessive’ risk would involve courts in conducting hindsight evaluations of decisions at the heart of the business judgment of directors. Oversight duties under Delaware law are not designed to subject directors, even expert directors, to personal liability for failure to predict the future and to properly evaluate business risk.”

• “Red flags” of business risks do not equate to oversight duty breach. As to “red flags,” if they are only warnings “that reflected worsening market conditions and suggested that conditions may deteriorate even further[, that] is not an invitation for this Court to disregard the presumptions of the business judgment rule and conclude that the directors were liable because they did not properly evaluate business risk. What plaintiffs are asking the Court to conclude from the presence of these ‘red flags’ is that the directors failed to see the extent of Citigroup’s business risk and therefore made a ‘wrong’ business decision by allowing Citigroup to be exposed to the subprime mortgage market.” The Court clearly was unwilling to go there.

The Court’s opinion in Citigroup is a resounding affirmation that the business judgment rule is alive and well — indeed vibrant — in Delaware. As the Court makes clear, the business judgment rule has its roots in the need to protect a central function of the private enterprise system as pursued successfully in the U.S. for more than 200 years — the willingness of managers and overseers of invested capital to take business risks in an effort to enhance economic returns. The Court was unwilling to extend the duty of oversight to the point of it becoming a limitation on the business judgment rule’s protection of conduct simply involving business risk-taking. The Court perceived that desired risk-taking would likely be inhibited by the threat of personal liability for directors based on hindsight judicial judgments as to whether they should or should not have recognized and responded to “red flags” regarding business risks.

However, the Citigroup decision should not be taken as a message endorsing or encouraging laxity by directors. It was made in a context with which the Court, the Delaware judiciary generally and corporate America are quite familiar. A great deal of director involvement with their companies is in the area of affirmative decision-making, as to which directors have an independent, well-known duty of care — to make informed, disinterested decisions in good faith. As to oversight, risk management, including of business risks, continues to be an area of major focus in corporate America, with comprehensive enterprise risk management now receiving priority attention. (It should be noted, in this regard, that in Citigroup, the Court, in addressing certain disclosure allegations, observed that “ … director liability is not measured [under Delaware law] by the aspirational standard established by the internal documents detailing a company’s oversight system.”) In addition, allegations of ignoring “red flags” regarding business risks can lead to questions as to the adequacy of a company’s disclosure, including with respect to risk factors and as to compliance with company risk oversight policies. Moreover, the spotlight on director conduct as a governance matter and in the media has become increasingly bright, and notoriety individually as a director or as a member of a board spotlighted as failing to monitor risk is obviously harmful in and of itself. Increased shareholder activism, particularly with respect to the election of directors, is a practical reminder that the record and reputation of directors is more important than ever.

* * * * *

Additional Aspects of the Citigroup Opinion

The Court in Citigroup also did the following:

• The Court dismissed, on the basis of a failure adequately to plead demand futility, an allegation that the directors breached their fiduciary duty to Citigroup by “failing to ensure that the Company’s financial reporting and other disclosures were thorough and accurate,” and certain waste claims;

• The Court denied the motion to dismiss with respect to a claim of waste by directors for “approving a multi-million dollar payment and benefit package for … [the Company’s CEO] upon his retirement as … CEO.” In so doing, the Court stated that the stringent test to show corporate waste requires “the plaintiff … [to] overcome the general presumption of good faith by showing that the board’s decision was so egregious or irrational that it could not have been based on a valid assessment of the corporation’s best interests.” Despite the stringency of this test, the Court concluded at this preliminary stage of the proceeding that “[w]ithout more information and taking, as I am required, plaintiffs’ well pleaded allegations as true, there is a reasonable doubt as to whether the letter agreement meets the … standard or … awarded compensation that is beyond the ‘outer limit’ described by the Delaware Supreme Court.”; and

• The Court reinforced the view that “expert” directors will not by that circumstance alone be held to a higher standard than their fellow directors. In this regard, the Court said: “[E]ven board members who are experts are fully protected under [Sec.] 141(e) in relying in good faith on the opinions and statements of the corporation’s officers and employees who were responsible for preparing the company’s financial statements. Plaintiffs’ allegations that the members of the [Audit and Risk Management] Committee were financial experts and were aware of the ‘red flags’ alleged in the Complaint do not support a reasonable inference that the director defendants’ reliance on the officers and experts who prepared the financial statements was not in good faith.”