As highlighted here, in 2019 Cognizant Technology Solutions resolved a $25 million SEC FCPA enforcement action in connection with various licenses and permits in India.
As often happens in the aftermath of Foreign Corrupt Practices Act scrutiny or enforcement, plaintiff lawyers representing shareholders filed related civil claims.
Several related derivative actions against current and former members of Cognizant’s board as well as current and former Cognizant executive officers were filed and consolidated into one action.
Recently, the court dismissed the consolidated actions (see here) and in doing so concluded, among other things, that plaintiffs’ so-called Caremark claims were not viable.
The opinion provides the following relevant background:
“[S]hareholders of Cognizant Technology Solutions Corp. (“Cognizant”) have filed a derivative action against certain current and former members of Cognizant’s Board of Directors (“Board”), as well as several current and former executive officers of the company, for breach of fiduciary duties, corporate waste, unjust enrichment, and contribution and indemnification. All defendants have moved to dismiss the entire complaint under Fed. R. Civ. P. 23.1, asserting that the plaintiffs did not make a demand on the Board before filing the derivative action and that demand is not excused.
Over the course of several months in late 2016 and early 2017, Cognizant publicly revealed that a number of its employees, including members of senior management, had been engaged in a bribery scheme in India that likely stretched from 2010 to 2015. The company admitted that approximately $6 million in improper payments had been made to Indian officials for the purpose of securing construction-related permits and operating licenses. The company also announced that its then-president, Gordon Coburn, and then-chief legal officer, Steven Schwartz, had resigned. In addition to conducting an internal investigation into the bribery scheme, Cognizant notified the Department of Justice and also the Securities and Exchange Commission (“SEC”), which initiated an investigation into Cognizant’s compliance with the FCPA. In 2019, after having spent over $60 million in investigative costs, Cognizant was ordered by the SEC to pay $25 million in fines for violating the FCPA.
The complaint alleges that, in the years leading up to the public revelation of the bribery scheme, the Board was made aware of several red flags regarding Cognizant’s FCPA compliance. At a September 2014 meeting of the Board audit committee, director defendants Klein, Breakiron-Evans, Mackay, and Wendel learned that a “‘weakness’ was uncovered in Cognizant’s global sub-contracting management process for hiring individual contract workers in India.” They were further told that “‘there is potential to reevaluate anti-corruption/bribery controls in compliance with FCPA and UK Bribery Acts.’”
Several months later, at a December 2014 meeting of the audit committee, the same director defendants learned “that Cognizant’s case management tool for tracking incidents of legal non-compliance, including bribery and anti-corruption violations, was facing challenges such as ‘[i]nconsistent and untimely documentation and tracking of compliance related incidents leading to lack of visibility of potential compliance issues.’”
In February 2015, director defendants D’Souza, Klein, Breakiron-Evans, Fox, Mackay, Patsalos-Fox, Weissman, Wendel, and Narayanan learned from Cognizant’s general counsel “that several elements of Cognizant’s Legal and Ethics Compliance Program were immature and ranked far below the benchmark maturity average.” More particularly, they were informed that the program “ranked below average in maturity in 7 of 9 core compliance elements” and “28 of 38 key compliance sub-elements.”
Later that year, at a November 2015 audit committee meeting, management communicated to director defendants Klein, Breakiron-Evans, Mackay, and Wendel that “‘Governance for [the] anti-corruption program needs strengthening, including formalizing corruption risk assessments, enhancing mandatory trainings, incident management, and business expansion processes, as well as the overall anti-corruption policies.’” At the same meeting, management informed the directors that “‘[a] program is underway to ensure that disciplinary actions in India come into closer conformance with the rest of the countries,’ and that ‘[c]ompliance is providing continuing examples from other countries to support the desired result in India.’”
Plaintiffs allege that despite the Board’s knowledge of the compliance problems, “Defendants failed to timely improve Cognizant’s compliance controls and procedures, or notify shareholders of the compliance deficiencies.” Beyond that, plaintiffs assert that “Defendants caused Cognizant to publicly release and widely disseminate materially false and misleading annual Sustainability Reports,” in which they “assured Cognizant shareholders that audits of anti-corruption compliance had been conducted and had not uncovered evidence of corruption.”
For instance, the 2014 Sustainability Report, which Cognizant published in June 2015, stated the following:
In 2014, we introduced role based anti-corruption training to supplement the anti-corruption provisions of the general ethics training our employees received. We delivered 331,114 hours of Code of Ethics training through eLearning in 2014. We also delivered live Code of Ethics trainings to targeted audiences of over 18,000 associated in India and the Philippines. Our formal learning was supplemented in 2014 by education campaigns featuring games, quizzes, and prizes.
Additionally, our Enterprise Risk Management group conducts annual risk analysis surveys covering all business units and corporate functions to assess the likelihood of various risks including corruption.
Under the heading, “Actions taken in response to incidents of corruption,” the report stated: “No incidents reported in 2014.”
The 2015 Sustainability Report, published in August 2016, similarly stated that “[t]here were no incidents [of corruption] reported in 2015.” In addition to discussing the hours of ethics training conducted that year, the 2015 report stated that “Cognizant treats reports of misconduct seriously” and that “[a]ll reports are reviewed by the Chief Compliance Officer” who will take “appropriate disciplinary action . . . against individuals involved.”
According to the complaint, the director defendants reviewed both the 2014 and 2015 Sustainability Reports and approved them for public release to the shareholders.”
The opinion next sets forth the applicable legal standards for derivative actions including the heightened pleading standard which requires a plaintiff to “plead with particularity either the efforts made to spur directors to take the action sought, and why these efforts were unsuccessful, or the reasons why no effort was made to demand action from the board” and states (internal citations omitted):
“Where a plaintiff has made no demand on the board, a court may excuse the rule’s requirement if it determines that demand would have been futile.” “But a plaintiff is obliged to plead, with particularly, facts that establish demand futility.”
The Delaware Supreme Court recently adopted a “refined” three-part test for courts to apply in analyzing demand futility. That refined test blends together the Aronson and Rales tests, which were traditionally used to assess demand futility in different sets of circumstances. The Delaware Supreme Court has held that this “refined” test is consistent with Aronson and Rales, both of which “remain good law,” as do the cases properly construing them.
Under this refined test, which I will refer to as the Zuckerberg test, “courts should ask the following three questions on a director-by-director basis when evaluating allegations of demand futility:
(i) whether the director received a material personal benefit from the alleged misconduct that is the subject of the litigation demand; (ii) whether the director faces a substantial likelihood of liability on any of the claims that would be the subject of the litigation demand; and (iii) whether the director lacks independence from someone who received a material personal benefit from the alleged misconduct that would be the subject of the litigation demand or who would face a substantial likelihood of liability on any of the claims that are the subject of the litigation demand.” “If the answer to any of the questions is ‘yes’ for at least half of the members of the demand board, then demand is excused as futile.”
Plaintiffs here rely on the first and second prongs of the Zuckerberg test to demonstrate that demand would be futile and should therefore be excused. Beginning with the second prong, the complaint appears to focus exclusively on Count I, which alleges breach of fiduciary duties. The plaintiffs argue that the director defendants face a substantial likelihood of liability on this claim.
Turning to the third prong, the plaintiffs argue that three of the director defendants lack independence. They point out that, according to the company’s 2016 proxy statement filed with the SEC, director defendants D’Souza and Narayanan are not “‘independent directors’ under ‘the rules of the NASDAQ Stock Market LLC (‘NASDAQ’), which require that, in the opinion of the Board, such person not have a relationship that would interfere with the exercise of independent judgment in carrying out the responsibilities of a Director.’” The plaintiffs further contend that, as former CEO of Cognizant, D’Souza “derived substantially all of his income from his employment with Cognizant” and therefore could not objectively consider a demand to sue himself for breaching his fiduciary duties.
In addition, the plaintiffs maintain that director defendants D’Souza and Weissman cannot impartially consider a demand to sue defendant Coburn, because they “have significant business and longtime friendships” with him. Plaintiffs allege that Coburn worked extensively with D’Souza and Weissman at The Dun & Bradstreet Corporation in the 1990’s, before and during Cognizant’s split from that company in 1995.
Zuckerberg’s second prong
As stated above, the allegations in the complaint regarding Zuckerberg’s second prong pertain exclusively to the claim for breach of fiduciary duties. In their opposition to defendants’ motion to dismiss, however, the plaintiffs argue that the facts also excuse a pre-suit demand on the unjust enrichment, corporate waste, and contribution claims, as the director defendants face a substantial likelihood of liability on those claims as well.
I consider first the claim for breach of fiduciary duties. Plaintiffs allege that the defendants breached their fiduciary duties of “candor, good faith, and loyalty” but do not label their theories in any greater detail. However, it appears from the factual allegations of the complaint, supplemented by the arguments in the briefs, that the plaintiffs are pursuing a claim based on the Board’s failure to monitor the company’s affairs, otherwise known as a Caremark claim, as well as a claim based on bad faith. I address those two theories in turn.
A Caremark claim seeks to hold directors liable for a “sustained or systematic failure of the board to exercise oversight.” To successfully plead a Caremark claim, a plaintiff must allege facts demonstrating that “(a) the directors utterly failed to implement any reporting or information system or controls; or (b) having implemented such a system or controls, consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.”
Notably, liability under Caremark “requires a showing that the directors knew that they were not discharging their fiduciary duties.” In other words, a plaintiff must plead sufficient facts to demonstrate that the directors acted with scienter. As the Delaware Chancery Court has observed more than a few times, a Caremark claim is “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment.”
From the facts pled in the complaint, it cannot plausibly be inferred that the Board “utterly failed to implement” any system for monitoring Cognizant’s FCPA compliance. It is not as if “‘the company entirely lacked an audit committee or other important supervisory structures, or . . . a formally constituted audit committee failed to meet.’” To the contrary, several of the director defendants were members of the Board’s audit committee and received regular updates on the company’s compliance with the FCPA. The only viable theory, then, is that, despite these oversight systems, the Board consciously failed to monitor Cognizant’s FCPA compliance risks – the second basis for a Caremark claim.
To successfully plead such a claim, a complaint must allege “(1) that the directors knew or should have known that the corporation was violating the law, (2) that the directors acted in bad faith by failing to prevent or remedy those violations, and (3) that such failure resulted in damage to the corporation.” Because the complaint lacks particularized facts demonstrating that the directors knew that the company was violating the FCPA, or that they acted in bad faith by failing to prevent or remedy those violations, the plaintiffs have not demonstrated a substantial likelihood of liability under Caremark.
The complaint alleges that many of the director defendants learned, at four separate meetings from September 2014 to November 2015, that Cognizant’s internal systems for tracking and preventing acts of corruption and bribery needed strengthening. In particular, in September 2014, the director defendants were briefed on issues in the “global subcontracting process for hiring individual contract workers in India” and were told that there is “potential to reevaluate the anti-corruption/bribery controls in compliance with the FCPA and UK Bribery Acts.” In December 2014, they were informed that that the company’s case management tool for tracking incidents of bribery and corruption was facing challenges such as “[i]nconsistent and untimely documentation . . . leading to lack of visibility of potential compliance issues.” At two subsequent meetings in February 2015 and November 2015, the director defendants learned that elements of Cognizant’s compliance program were immature and ranked below average, and that the program needed strengthening, “including formalizing corruption risk assessments, enhancing mandatory trainings, incident management, and business expansion processes, as well as the overall anti-corruption policies.”
These facts fall short of demonstrating that the director defendants knew that the company was violating the FCPA. The complaint does not state that the directors were ever informed of actual incidents of corruption or bribery that had occurred, and it certainly does not allege that they were aware of the India bribery scheme. Rather, they were merely told that Cognizant’s systems for documenting and ensuring compliance needed improvement.
In fairness, the complaint makes it reasonable to infer that the director defendants should have known that violations of the FCPA were occurring or likely to occur, because they knew of deficiencies in the company’s compliance systems. Yet even assuming constructive knowledge of FCPA noncompliance, the complaint nonetheless fails to allege a substantial likelihood of liability under Caremark because it does not allege factually that the director defendants acted in bad faith by consciously disregarding the red flags. Although the complaint itself is mostly silent on any actions taken in response to the identified compliance issues, the documents incorporated by reference indicate that the director defendants were repeatedly made aware of planned remedial measures to address weaknesses in the compliance procedures.
For instance, at the September 2014 meeting, when the director defendants learned about the weakness in the subcontracting management process for hiring individual contract workers in India, they were also told that the “compliance team will track mandatory training completion metrics and follow-up with defaulting contractors, their agencies and project managers to improve overall training compliance.” As a complement to these efforts, management reported to the director defendants that “HR will coordinate with Legal/Chief Compliance Officer to formally re-evaluate the co-employment/principal employer and anti-bribery/corruption risks and implement necessary mitigating controls. These include strengthening principal employer audits and validating compliance requirements in India.”
Similarly, at the December 2014 meeting, at which the director defendants were made aware of issues related to the tracking of compliance related incidents, they also learned that efforts were underway to improve the case management system and to consider the use of an alternative case management tool that would better meet the company’s needs. And at the November 2015 meeting, the director defendants were informed that a program was underway “to ensure that disciplinary actions in India come into closer conformance with the rest of the countries,” and that “[c]ompliance is providing continuing examples from other countries to support the desired results in India.” Finally, at several of the meetings, management reported on its new Code of Ethics rollout plan, which included translating the Code of Ethics into more languages, as well as other initiatives aimed at strengthening FCPA compliance, such as encouraging use of the company’s anonymous hotline for reporting potential wrongdoing.
All of this falls short of a plausible allegation that the Board consciously disregarded any red flags. While the complaint asserts that the director defendants “failed to timely improve Cognizant’s compliance controls and procedures,” such a lapse is not equivalent to completely ignoring known compliance risks in defiance of one’s fiduciary duty. Instead, it appears that the directors made a “good faith effort to implement an oversight system and then monitor it,” in satisfaction of their Caremark obligations.The complaint therefore fails to allege that demand is excused as to Count I based on the director defendants’ substantial likelihood of liability under Caremark.”
As to the plaintiffs’ bad faith claim, the opinion states (internal citations omitted):
“I turn to the plaintiffs’ allegations that the director defendants face a substantial likelihood of liability for acting in bad faith. The complaint falls short here as well.
“The Delaware Supreme Court has stated that bad faith conduct may be found where a director ‘intentionally acts with a purpose other than that of advancing the best interests of the corporation, … acts with the intent to violate applicable positive law, or … intentionally fails to act in the face of a known duty to act, demonstrating a conscious disregard for his duties.’” As with a Caremark claim, a plaintiff must “plead particularized facts that demonstrate that the directors acted with scienter, i.e., that they had actual or constructive knowledge that their conduct was legally improper.”
The complaint alleges that the director defendants acted in bad faith by “caus[ing] Cognizant to publicly release and widely disseminate materially false and misleading annual Sustainability Reports.” More specifically, the plaintiffs assert that the director defendants “affirmatively participated in corporate illegality by misrepresenting and omitting adverse material facts about the effectiveness of Cognizant’s anti-corruption compliance and anticorruption training in the Sustainability Reports.” As with the Caremark claim, however, the plaintiffs have failed to show that the director defendants had knowledge of their participation in any wrongdoing. True, it may be inferred that the Sustainability Reports’ statements that there were no reported incidents of corruption in either 2014 or 2015 were false. The complaint does not indicate, however, that the director defendants learned of any incidents of corruption in either of those years; indeed, their absence from the Sustainability Reports tends to suggest the opposite.
In sum, the complaint fails to plead that the directors face a substantial likelihood of liability on Count I, as neither a Caremark nor a bad faith claim has been sufficiently alleged. Demand is therefore not excused as to Count I.”
Regarding the plaintiffs’ claims of corporate waste, unjust enrichment, and contribution, the opinion states (internal citations omitted):
“The plaintiffs’ assertions that demand is excused because the director defendants face a substantial likelihood of liability on Counts II, III, and IV are likewise rejected.
Count II of the complaint alleges that the director defendants are liable for corporate waste because they “cause[ed] the Company to pay improper compensation, including cash, fees, stock awards, and other compensation to themselves and other Cognizant insiders who breached their fiduciary duties of loyalty, candor and good faith.” A claim of corporate waste requires the pleading of particularized facts demonstrating that an exchange was “so one sided that no business person of ordinary, sound judgment could conclude that the corporation has received adequate consideration.” Corporate waste is “confined to unconscionable cases where directors irrationally squander or give away corporate assets.”
The payment of ordinary compensation to an officer or director, even one who breaches a fiduciary duty, does not in itself constitute waste under Delaware law. It is not facially plausible, as the complaint states, that “Cognizant received no consideration for these improper payments,” an allegation which would seem to imply that officers and directors literally performed no legitimate services. At any rate, the complaint does not plead sufficient facts to support its allegation of “no consideration.” Demand is therefore not excused as to Count II.
Count III alleges that the director defendants “were unjustly enriched at the expense and to the detriment of Cognizant without justification,” based on the “profits, benefits, and other compensation obtained” by them from their “wrongful conduct and fiduciary breaches.” To simplify, the plaintiffs appear to be asserting that the payment of ordinary compensation to the director defendants unjustly enriched them, because they did not satisfy their fiduciary duties.
“Broadly speaking, unjust enrichment is ‘the unjust retention of a benefit to the loss of another.’” “At the pleadings stage, an unjust enrichment claim that is entirely duplicative of a breach of fiduciary duty claim—i.e., where both claims are premised on the same purported breach of fiduciary duty—is frequently treated in the same manner when resolving a motion to dismiss.” Because I have concluded already that the director defendants do not face a substantial likelihood of liability for breach of fiduciary duties, I conclude the same with regard to the claim for unjust enrichment. Demand is therefore not excused as to Count III.
Finally, plaintiffs bring Counts IV and V, claims for contribution under state and federal law, only against defendants Coburn and Schwartz, who are officers. It follows that the director defendants face no possibility of liability on Counts IV and V, which are not asserted against them.”
FCPA Institute - Zoom (May 16-18, 2023)
Elevate your FCPA knowledge and practical skills. Nine hours of integrated and cohesive instruction led by Professor Koehler (an FCPA expert with teaching experience). Learn more, spend less. Professional credential available.