Articles

  Newsletters

  Tax Newsletters

DIRECTOR’S BRIEFING

DIRECTORS’ DUTY TO OVERSEE

 

By: Hartley R. Nathan, Q.C. Mr. Nathan is a senior partner of Minden Gross LLP and is Editor-in-Chief of the Directors Manual. The writer wishes to thank Samuel Posner, student-at-law at Minden Gross LLP, for his assistance in connection with the preparation of this article. © CCH Canadian Limited.

___________

Introduction

Business corporations are invariably involved in business activities that require compliance with legislation. It is the responsibility of the board to make sure there are adequate processes, procedures and controls in place should any problems arise, and to ensure compliance with the law, be it securities legislation, criminal law or any type of legal obligation, and to ensure the these processes are operating effectively.

 

 Some commentators see this as the board adopting a “process-oriented” approach. 

 

            A “process-oriented approach to regulating board governance is about encouraging  ... boards to adopt appropriate procedures and systems by which to supervise the management of a corporation”.[1]

 

Guidelines published by the Toronto Stock Exchange in the TSE Guidelines for Improved Corporate Governance[2] (the “Dey Report”) suggest that directors should assume responsibility for the integrity of the corporation’s internal control and management information systems. It was stated in the Dey Report:

  

• Implicit in the effective discharge of the responsibilities [of the board of directors]... is the implementation of control and information systems which ensure the effective discharge of these responsibilities.

• It is apparent...that today’s board of directors should be less concerned with transactions and more concerned with the systems which support the board’s direction and the corporation’s business.

 

While the Dey Report may not have the force of law, it has been viewed as establishing the standards by which “reasonably prudent” persons (directors) will be judged.

 

Law

 

There are two Delaware cases of particular note, namely, the 1963 Delaware Supreme Court case of Re Graham v Allis-Chambers Mfg Co.[3] (“Graham”) and the 1996 Delaware Court of Chancery case of Re Caremark International Inc. Derivative Litigation[4] (“Caremark”). 

 

In Graham, shareholders brought a derivative action against Allis-Chalmers’ directors to recover damages that the corporation supposedly suffered as a result of federal antitrust violations.  The plaintiffs alleged that the directors failed to supervise corporate affairs with the requisite degree of care.  The court rejected finding civil liability against the directors for failing to prevent employee misconduct unless the directors deliberately or inattentively ignored obvious warning signals.  In other words, “absent cause for suspicion, the directors were not required as part of their duties to install and operate “a system of espionage to ferret out wrongdoing.” 

 

In Caremark, Caremark was a provider of patient and managed health care services.  As a result of certain allegations, U.S. regulatory authorities conducted a four-year investigation of Caremark’s activities, which culminated in Caremark and two of its officers and several mid-level employees being charged with violations of federal health care reimbursement regulations.  Caremark pleaded guilty and agreed to pay civil and criminal fines and to make reimbursements to various private and public parties.  These amounts totalled over $250 million.

 

Here, Chancellor Allen decided that directors may incur personal liability for employee misconduct performed on behalf of the corporation if they fail “to attempt in good faith to assure that a corporate information and reporting system, which the board concludes as adequate, exists.”  He limited Graham’s holding to a more narrow proposition that, “absent grounds to suspect deception, neither corporate boards nor senior officers can be charged with wrongdoing simply for assuming the integrity of employees and the honesty of their dealings on the company’s behalf.”

 

More recently, In Re Citigroup Inc. Shareholder Derivative Litigation,[5] the plaintiffs alleged a breach of fiduciary duty based on improper managing and monitoring of the business risks posed by the subprime mortgage crisis, and by ignoring “red flags” that consisted primarily of press reports that indicated worsening market conditions. Chancellor Chandler  indicated that “while it may be tempting to say that directors have the same duties to monitor and oversee business risk, imposing Caremark type duties on directors to monitor business risk is fundamentally different.... Oversight duties under Delaware law are not designed to subject directors... to personal liability for failure to...  properly evaluate business risk.” 

 

Conclusions

 

Our advice to directors would be:

 

1)      Appoint a person in the organization to be charged with the central responsibility of compiling and understanding the various legal requirements and ensuring compliance with them;

2)      Directors, before each meeting, should be given a summary of the status of various matters that could result in personal liability for directors, or which are material to the corporation, so that they are briefed on any legal or business risk and can act accordingly.

3)      Attached is a suggested template compliance form that can be used for this purpose.[6]

 

Directors may have the responsibility to put a policy in place that conforms to relevant regulation and legislation, in addition to a responsibility to inform employees of the policy, and reasonably undertake to ensure that it is enforced.

 

This way, directors will be able to mount a strong defence in the face of any claim for breach of fiduciary duty to oversee the corporation’s business affairs.

 

(*This was originally published in Directors Briefing a CCH Canadian Limited publication)