Carolyn Frantz is a Senior Counsel, and Alex Talarides and Mike Delikat are Partners at Orrick Herrington & Sutcliffe LLP. This post is based on Orrick memorandum by Ms. Frantz, Mr. Talarides, Mr. Delikat, and James Stengal. Related research from the Program on Corporate Governance includes The Illusory Promise of Stakeholder Governance (discussed on the Forum here) and Will Corporations Deliver Value to All Stakeholders? (discussed on the Forum here) both by Lucian A. Bebchuk and Roberto Tallarita; Restoration: The Role Stakeholder Governance Must Play in Recreating a Fair and Sustainable American Economy—A Reply to Professor Rock (discussed on the Forum here) by Leo E. Strine, Jr.; and Stakeholder Capitalism in the Time of COVID (discussed on the Forum here) by Lucian Bebchuk, Kobi Kastiel, and Roberto Tallarita.
In the early days, most company Environmental, Social, and Governance (ESG) programs were more akin to Corporate Social Responsibility, with companies publicly highlighting initiatives that benefit their communities. They called attention to things like employee volunteering, youth training and charitable contributions as well as internal programs like recycling and employee affinity groups. Companies did little to justify these limited investments, and the existence of initiatives that provided at least modest brand and employee relations value were not particularly controversial.
In recent years, however, these programs have become larger and more deeply integrated with companies’ core business strategies, including strategies for avoiding risks, such as those presented by gender and racial discrimination claims, the impacts of climate change, and cybersecurity and privacy gaps. Companies increasingly frame ESG programs as shareholder value creation efforts, in line with the views of institutional investors like BlackRock and the current Securities and Exchange Commission (SEC).
As ESG programs become larger and more integrated into a company’s business, so do the risks of attracting attention from regulators and private litigants. Below, we discuss some potential ESG-related regulatory and private litigation actions we expect to increase in coming years, and how to position your company to avoid them.
Key Takeaways:
To avoid potential actions from the SEC and other agencies, shareholders, employees, customers and business partners, consumers and others, we recommend:
- Increasing controls over ESG disclosures, even voluntary ones, and the data that underlies them.
- Formalizing board and committee review of important issues, and framing board governance in terms of achieving value for shareholders.
- Creating a centralized method to negotiate and track ESG contractual commitments with third parties.
- Focusing on progress, not outcomes, in your disclosures, and not overpromising in ESG commitments.
- Educating your legal department about ESG.
Actions We Expect from the SEC
The SEC recently proposed sweeping disclosure rules about climate change and cybersecurity, with rules about human capital management disclosure expected soon. These rules mandate disclosure of, among other things, costs associated with addressing climate change, greenhouse emission numbers and facts about cybersecurity incidents and the progress of remediation. An SEC ESG task force plans to “identify any material gaps or misstatements in issuers’ disclosure of climate risks under existing rules.”
While ESG-specific enforcement action from the SEC has not yet taken off, we expect a raft of actions based on the new rules. The SEC has indicated an interest in policing ESG-related misrepresentations. It recently brought an action against a mining company for securities fraud based on representations about the safety of its mines, including in the company’s ESG report. The SEC has also focused on “greenwashing” – alleged overstatement of ESG commitments and diligence – by investment advisors and funds.
In addition to the SEC, states can bring actions based on alleged securities fraud regarding ESG issues. For instance, New York brought an unsuccessful action against an oil and gas company, alleging that its disclosures regarding greenhouse gas emissions were misleading, given the risks to the company from climate change.
This is on top of the SEC’s prior interest in bringing actions against issuers it believes have failed to disclose cybersecurity incidents, which many include within ESG. The SEC’s settlement in First American showed the agency’s interest in disclosure controls and procedures, and in ensuring that important disclosure decisions involve senior executives.
In light of interest from the SEC and state governments, we recommend:
- Increasing controls associated with ESG disclosures, even voluntary ones, and the data that underlies them.
- Considering creating documented special disclosure controls and procedures for certain issues, such as cybersecurity and climate reporting, including sufficiently senior executive review.
- Considering including ESG disclosures within the mandate of the disclosure committee even when they are not part of official SEC filings.
Actions We Expect from Shareholders
Shareholder suits regarding ESG matters are nothing new. Shareholders have for years brought claims alleging that their stock holdings have lost value as a result of false or misleading disclosures about issues like sexual harassment allegations involving key executives, cybersecurity incidents or environmental scandals. Deutsche Bank faces a securities fraud lawsuit for allegedly not living up to statements about its ethics-related policies with respect to high-profile clients like Jeffrey Epstein and certain Russian oligarchs.
Even absent a stock drop, some shareholders have brought derivative suits focused on ESG issues. For instance, in 2020, Alphabet settled a derivative suit based on allegations that the board failed to appropriately address sexual harassment claims. Given the increased focus on Caremark-type claims alleging that boards failed to appropriately oversee and manage risks, we expect a steady increase in derivative claims alleging board oversight failures where ESG-related risks manifest to the detriment of an issuer. Caremark cases often turn on whether particular risks are clearly allocated in committee charters, and whether board and committee governance is well documented in agendas, materials and minutes.
That said, absent a failure of risk oversight, derivative litigation is not likely to be a fertile ground for claims from shareholders who believe boards should focus more (or less) on certain ESG issues. Take the example of a spate of recent lawsuits alleging that a lack of board diversity reflected a failure of appropriate board governance. Those suits were dismissed based on a failure to plead demand futility, underscoring that boards will have a great deal of discretion when determining whether a company’s ESG strategy advances the company’s long-term value. On the other side of the political spectrum, activist shareholder groups aligned with conservative causes have demanded that companies retract diversity initiatives they believe go too far and constitute reverse discrimination. We also expect suits based on such demands to encounter significant headwinds.
Some recent critiques of corporate ESG efforts allege that companies improperly focus on social agendas rather than shareholder value. These sound like “corporate waste” claims, assertions that a board has allowed a company to waste resources. Corporate waste claims rarely succeed, however, given the discretion boards have to determine whether investments are in the interest of shareholders.
To avoid ESG-related Caremark or corporate waste claims (or at least increase the odds of having them dismissed early), we recommend:
- Including ESG issues as part of an enterprise risk management program, and in internal controls, for instance, by making ESG programs subject to review by internal audit.
- Ensuring that important ESG-related risks are clearly allocated in board committee charters, and that board and committee materials and minutes reflect regular review of important risks.
- Ensuring that board materials and minutes reflect board consideration of ESG efforts as important to creating long-term shareholder value, which provides the strongest basis for deferring to board decision making, rather than as the “right” thing to do.
Actions We Expect from Customers and Business Partners
As companies face increasing demands to address ESG issues in their operations and throughout their value chains, ESG requirements in commercial contracts are increasing in prevalence and specificity. Companies are seeking to require vendors, suppliers, and partners to ensure their operations do not introduce ESG risks – for instance, by using forced or child labor or employing unsustainable environmental practices.
In addition, as more companies seek to report Scope 3 greenhouse gas emissions – and may soon be required by the SEC to report on them – they increasingly require companies in their value chain to provide information about their own emissions. And if the SEC’s proposed cybersecurity disclosure rules are enacted largely unaltered, companies may also require increased reporting regarding cybersecurity from vendors and others.
While we have not yet seen significant litigation arising from these ESG contractual requirements, we expect an increase in claims made under these contracts, particularly where a failure at a vendor or supplier negatively impacts the operations or reputation of their customer. To help avoid these claims, we recommend:
- Creating a centralized system to track ESG-related contractual commitments.
- Ensuring that negotiators who know about company ESG capabilities and weaknesses participate in negotiations about these commitments, creating negotiation playbooks where needed.
Actions from Consumers and Others
Companies should not forget about more familiar “greenwashing” claims, where consumers claim that company statements about environmental or social aspects of their products are false and misleading. The theories in these claims appear to be expanding – encompassing allegations involving product statements as well as a company’s general statements about its commitment to sustainability.
State consumer protection laws create causes of action for alleged false advertising and other misleading marketing statements. In addition, statutes like the Trafficking Victims Protection Reauthorization Act have been used to bring claims against companies for alleged failures to stop alleged human rights violations in their supply chains. Some of these claims allege that the existence of company policies and programs aimed at helping end human rights violations are themselves a basis for liability.
To help avoid these claims, we recommend:
- Providing structured opportunities for meaningful legal review of ESG statements in all contexts.
- Making sure public statements do not overpromise, and that they acknowledge challenges in ESG efforts and focus more on progress than end state.
Actions We Expect from Employees
Employers determining what human capital management disclosures to make as part of ESG efforts – including whether to disclose numeric metrics or targets based on race or gender – may find themselves between a rock and a hard place with respect to potential liability stemming from stated commitments to diversity and inclusion. On the one hand, companies that fail to achieve numeric targets they articulate – for example, a certain percent or increase in diversity among management – may be accused by regulators or private litigants of having overpromised when discussing their future plans. On the other hand, companies that achieve such targets may face “reverse discrimination” claims alleging that they abandoned race- or gender-neutral employment practices to hit numbers set forth in their public statements. These risks are not hypothetical, as a review of recent lawsuits and legal press reveals. While general policies and initiatives themselves rarely, if ever, violate employment law, they can constitute support for claims of improperly motivated hiring, termination, pay, or promotion decisions.
To help avoid such actions, we recommend:
- Seeking legal review of diversity initiatives, ensuring they do not lead to individual employment decisions that may violate relevant laws.
- Setting appropriate expectations for success when setting diversity goals and communicating challenges internally and externally.
Actions from Other Government Entities
State and local governments have taken multiple actions against companies, largely oil and gas companies, based on their alleged contributions to climate change. So far, these actions have not succeeded in the United States, but they are far from over. These kinds of actions have had more, if still limited success, outside the United States. For example, a court in The Netherlands ordered Shell to reduce its greenhouse gas emissions by 45% by 2030.The decision was predicated upon a duty of care under Dutch law which may be unique to the Netherlands, but the decision does underscore the risks in this area as the law develops.
Certain subject-matter specific laws give opportunities for government enforcement. One example is the new Uyghur Forced Labor Prevention Act, which establishes rules for trade with a region of China with widespread reports of human rights abuses.
As ESG evolves, we also expect to see litigation and enforcement in areas that lack precedent. For instance, in 2019, the Department of Justice investigated auto companies for possible antitrust violations for agreeing with California to adopt emissions standards more restrictive than those established by federal law. While the investigation did not reveal wrongdoing, it underscores the creativity that proponents and opponents of ESG efforts can employ.
To avoid these types of actions, we recommend:
- Keeping an open dialogue about ESG issues with government regulators, where possible.
- Educating the legal department about ESG so they can help spot issues early and effectively