This August 2016 post titled “Taking Care of Caremark” highlighted the often thin analysis of the so-called Caremark standard by many FCPA commentators.
By way of background, a corporate director’s duty of good faith has evolved over time to include an obligation to attempt in good faith to assure that an adequate corporate information and reporting system exists. In Caremark (a 1996 decision by the Delaware Court of Chancery – a trial court), the court held that a director’s failure to do so, in certain circumstances, may give rise to individual director liability for breach of fiduciary duty.
Whereas Caremark answered the “could” question, Stone v. Ritter (a more important 2006 decision by the Delaware Supreme Court) answered the “when” question and the “when” question (when can directors face individual liability for internal control failures) is not nearly the boogeyman that many FCPA commentators make it out to be.
In Stone, the Delaware Supreme Court provided the following necessary conditions for director oversight liability under the so-called Caremark standard: (i) a director utterly failed to implement any reporting or information system or controls; or (ii) having implemented such systems or controls, a director failed to monitor or oversee the corporation’s operations.
The prior post highlighted how a common Foreign Corrupt Practices Act enforcement theory (that because FCPA violations allegedly occurred, the company therefore had insufficient internal controls) is seemingly inconsistent with the spirit of Delaware law.
I say spirit because the FCPA’s internal controls provisions are obviously a separate statutory scheme compared to the state law fiduciary duty claims which arose in Caremark, Stone and related cases.
Nevertheless, and as relevant to the below recent holding by the Delaware Court of Chancery in Reiter v. Fairbank, good faith is indeed embedded in the FCPA’s internal controls provisions.
Thus, Reiter is a refreshing reminder that “good faith, not a good result, is what is required of the board” in fulfilling its Caremark duties.
In Reiter, a shareholder of Capital One Financial Corporation alleged that directors breached their fiduciary duty by consciously disregarding their responsibility to oversee Capital Ones compliance with the Bank Secrecy Act and other anti-money laundering laws. (“BSA/AML”). Plaintiff’s main allegation is that the directors ignored red flags that Capital One’s BSA/AML compliance program failed to satisfy statutory requirements relating to services Capital One provided to clients in check cashing, a business that poses an inherent risk for money laundering.
As stated in the opinion, in 2013 and 2014 Capital One received various grand jury subpoenas concerning its practices and in July 2015 Capital One consented to the entry of an order issued by the Office of the Comptroller of Currency (“OCC”) which found that Capital One had “failed to adopt and implement a compliance program that adequately covers the required BSA/AML program elements due to an inadequate system of internal controls and ineffective independent testing.” As noted in the opinion, various other investigations, including a DOJ investigation, against the company remain open.
After highlighting the relevant contours of the Caremark liability standard, the court viewed the Plaintiff’s claim not that “Capital One’s directors failed to implement any reporting or information systems or controls with respect to BSA/AML compliance” but that “the Capital Board consciously failed to act after learning about ‘evidence of illegality.”
In the words of the court:
“Plaintiff contends that, despite the Company’s statutory obligation to maintain BSA/AML controls and procedures, its directors consciously ignored ‘numerous red flags demonstrating the statutory inadequacy of those controls and procedures.”
According to the Plaintiff, “numerous reports that were provided regularly to Capital One directors from June 2011 to January 2015 constituted a series of red flags that should have triggered a duty for the board to act” and that the “board should have intervened and independently conducted ‘some type of compliance check’ at some point during this three-and-a-half-year period.”
The court next reviewed the five reports that plaintiff identified as “his best evidence of red flags” and summarized plaintiff’s “best evidence of red flags” as follows:
(1) the Company’s assessment of its AML compliance risk had escalated from “low” in the first quarter of 2011,95 to “medium” in the first quarter of 2012,96 and then to “high” as of February 2013, 97 (2) that management had decided to exit the business of serving check cashers by January 2014, and (3) that the Company’s AML risk exposure remained high in 2014 as it implemented its plan to exit the check cashing business.
According to the court however, none of plaintiff’s evidence “states that the Company’s BSA/AML controls and procedures actually had been found to violate statutory requirements at any time or that anyone within Capital One had engaged in fraudulent or criminal conduct.”
In the words of the court:
“[T]he allegations of the Complaint plead at most flags of a different hue, namely yellow flags of caution concerning the Company’s escalating AML compliance risk that was occurring in tandem with heightened regulatory scrutiny of AML compliance in the financial services industry. The escalation occurred over a two-year period and led to management’s decision less than one year later to exit the business of serving check cashers, which was the root cause of Capital One’s AML compliance exposure according to the Complaint. Significantly, the reports the directors received did not place them on notice that management had refused to act or displayed an indifference to complying with the BSA/AML. To the contrary, the same reports that described the Company’s heightened compliance risk simultaneously explained to the directors in considerable detail on a regular basis the initiatives management was taking to address those problems and to ameliorate the AML compliance risk. Thus the factual context here is fundamentally inconsistent with the inference plaintiff asks the Court to draw—that the directors must have known they were breaching their fiduciary duties by tolerating a climate in which the Company was operating part of its business in defiance of the law.
[P]laintiff does not contend, and the pled facts would not warrant the inference, that Capital One’s management embraced a strategy to pursue profits by employing illegal means, much less that its directors were knowingly complicit in such a strategy. To the contrary, the Complaint’s allegations evidence that Capital One’s management made efforts to cope with tightening regulations and more aggressive AML enforcement actions, and regularly kept the directors informed of those efforts along the way. Those efforts included designation of a new Chief AML Officer, monthly training, quarterly internal audits, other initiatives taken in response to the changing regulatory landscape, and ultimately, the decision to exit altogether the check cashing business that presented the most acute BSA/AML challenges.
As discussed previously, the Delaware Supreme Court made clear a decade ago that directors can be found liable for a Caremark oversight claim only if they fail to discharge their fiduciary duties in good faith, meaning that “the directors knew that they were not discharging their fiduciary obligations.” “Good faith, not a good result, is what is required of the board.” As our Supreme Court explained more recently in Lyondell Chemical Co. v. Ryan, “there is a vast difference between an inadequate or flawed effort to carry out fiduciary duties and a conscious disregard for those duties.”
Here, the allegations of the Complaint and the documents incorporated therein would allow reasonable minds to argue either side of a debate over whether the directors’ oversight of the Company’s BSA/AML compliance program was sufficiently robust or flawed. But what those allegations do not reasonably permit for the reasons explained above is an inference that the defendants consciously allowed Capital One to violate the law so as to sustain a finding they acted in bad faith. As such, plaintiff has failed to plead with particularity that a majority of Capital One’s ten-member board acted in such an egregious manner that they would face a substantial likelihood of liability for breaching their fiduciary duty of loyalty so as to disqualify them from applying disinterested and independent consideration to a stockholder demand.”