New risks such as cyber incidents or data privacy, rising regulatory and shareholder activism and the influence of third party litigation funders are putting corporate leaders under more pressure than ever of falling foul of investigations, fines or prosecution over alleged wrongdoing, says Allianz Global Corporate & Specialty (AGCS), a provider of directors and officers (D&O) insurance globally.
Directors and officers are walking a managerial tightrope as executive liability continues to increase annually. There is a growing trend towards seeking punitive and personal legal action against executives for failure to follow regulations and standards which could result in costly investigations, criminal prosecutions or civil litigation putting the company’s assets, or their own, at risk, AGCS says in its new report D&O Insurance Insights: Management liability.
“While the legal landscape differs strongly from country to country, increasing shareholder or regulatory action has become a global phenomenon that needs to be given top priority within companies’ internal risk management departments,” says Bernard Poncin, global head of financial lines at AGCS.
D&O litigation – lengthier and more costly
According to AGCS analysis, non-compliance with laws and regulations is now the top cause of D&O claims[1] by number, followed by negligence and maladministration/lack of controls. The average D&O claim for breach of duty costs over $1 million (€1 million). However, in large corporate liability cases D&O claims can be valued in the hundreds of millions of dollars.
AGCS observes a general trend for D&O claims to be dismissed or resolved more slowly, meaning lengthier litigation, increased defense costs and higher settlement expectations. For example, the average US securities class action case takes between three and six years to complete while legal defense costs average around $10-million, rising to $100-million for the largest cases.
In the past six years defense costs have almost doubled for large D&O claims in the US. The influence of third party litigation funding is also changing the global litigation map, with it being pivotal in the development of collective actions against financial institutions and commercial entities and their directors and officers.
Litigation against companies and their officers is on the rise. In the US, the number of security class action filings is rising and, at mid-year, was on course for its highest annual total for 12 years. Many Asian countries such as Japan, Hong Kong, Thailand and Singapore are also moving towards a more litigious culture. The increase in claims has also been pronounced in Germany where the number of D&O claims for AGCS alone has tripled in the past 20 years.
D&O developments in Africa
D&O insurance is on the rise in Africa as a result of developments in corporate governance legislations and codes, which have codified directors’ liability.
In general the directors of a company in most African countries can be held personally liable for their executive actions where such actions are not in conformity Memorandum of Incorporation. Because a company may not indemnify its directors and officers, there is no guarantee however that the company will pay the heavy financial burden of defense costs in prolonged legal proceedings or damages awards. The company may also not have the financial resources to indemnify the directors and officers in the event of a claim.
“There has been a recent trend towards shareholders seeking to hold directors liable for losses as a result of the negligent or reckless conduct. The statutory underpinning for such claims is the Companies Act No.71 of 2008 which codified directors’ liability in South Africa,” says AGCS Africa head of financial lines Nobuhle Nkosi.
“The environment for directors appears to be toughening and the more frequent use of class actions may also expose directors to more claims particularly with the new King IV report which states that shareholders and institutional investors should hold the board accountable on the application of voluntary codes of governance. Failure to meet an established corporate governance practice albeit not legislated, may invoke liability. The use of derivative actions as envisaged by section 165(2) of the Companies Act may also increase.”
In Ghana, the Companies Bill 2013 has been developed and is currently being progressed through parliament. It aims to increase clarity and to protect shareholder rights.
Kenya’s Companies Act 2015 provides duties that are onerous with tough fines and jail terms for directors and officers. The Insolvency Act 2015 aims to have managers and directors who failed the entity prosecuted. The Companies Act of Uganda, which commenced in 2013 stipulates that there are penalties for non-compliance.
Mauritius has a modern Companies Act. It provides detailed regarding director duties for all public and private companies. The island nation has a commercial court, which deals with corporate and bankruptcy matters.
In Nigeria, the directors of a company can be held personally liable for their executive actions where such actions are not in conformity with the company’s charter as set out in its Memorandum and Articles of Association. Also, directors are personally liable for executive actions aimed at a particular group of shareholders where those actions are fraudulent or illegal.
Cyber risks on the board agenda
The landscape for executives is further complicated by a number of emerging perils, such as liability around cyber-attacks and data privacy. In the US; several class actions have already been filed related to data breaches. Data protection rules around the world are becoming increasingly tough, with severe penalties for non-compliance.
As a consequence, AGCS experts anticipate cyber security-related D&O litigation more widely in the US, but also in Europe, the Middle East and Australia – if there has been negligence in any failure to protect data or a lack of controls.
“Many directors used to see cyber as an IT issue and not an exposure for the board to consider,” explains Emy Donavan, regional head of cyber liability North America at AGCS. “But there is no escaping cyber risks and directors need to be adequately informed, otherwise they will leave themselves exposed.”
Other new management risks include negative disclosures or allegations around environmental pollution, climate change and modern slavery which could result in reputational risks and shareholder activism, public outcry or governmental action.
Mergers and acquisitions (M&A) continue to be a key driver of D&O litigation and is predicted to continue at rapid pace in future. “M&A, but also divestitures, belong to the more riskier moments in the life of a company,” says Poncin. “Expectations are always high, and synergies are easier planned than realized.”
Highly sophisticated risk management required
In order to tackle the increase in executive risk in future directors need to develop a highly sophisticated risk management culture. Examples include instilling first-class cyber and IT protection, keeping records of all information relevant to a managerial role and maintaining open communication with authorities, investors and employees.
Executives should ask tough questions about compliance related topics such as sanctions, embargoes, domicile registrations, price-fixing and fraud and also learn more about “classic” D&O exposures such as M&A, capital measures and IPOs. The AGCS report contains best practice advice and checklists outlining how executives can mitigate risk.
D&O insurance has become a regular part of companies risk management in the past 20 years. It provides financial protection for managers against the consequences of actual or alleged “wrongful acts”. Common D&O risk scenarios include HR issues, shareholder actions, reporting or disclosure errors. Coverage does not include fraudulent, criminal or intentional non-compliant acts or cases where directors obtained illegal remuneration, or acted for personal profit.