Personal risks facing board members of US companies



Carolyn Snow of the Risk Management Society (RIMS) moderates a discussion looking at the risks facing board members of US companies between Michael W. Smith at Chartis, Tom Hanley at SNR Denton, and Priya Cherian Huskins at Woodruff-Sawyer & Co. 

Snow: Today’s directors in the US have had to navigate the continuing fallout from the global financial meltdown and Madoff. For example, a reinvigorated US Securities Exchange Commission seems determined to respond to sharp criticism and effectively protect investors. Should US directors be more concerned about SEC investigations today?

Huskins: Yes, absolutely. However, I hasten to add that the concern a director should have – absent circumstances that involve behaviour like self-dealing – is less about his or her personal liability and more about taking steps to safeguard shareholder assets from what can be ruinous costs associated with defending against an investigation. In this regard, taking proactive steps to manage investigation risk through good corporate governance is critical. In addition, understanding the scope of balance sheet protection provided by D&O insurance is more important than ever. This includes understanding the nuances of regulatory investigations, including whether entity investigation coverage does or does not exist in a particular insurance policy.

Smith: It seems not a day goes by without another news story about an SEC investigation. The SEC Enforcement Division recently completed its most comprehensive reorganisation since its creation in the early 1970s. It has re-staffed with new leadership, created new units, implemented new tools, flattened its structure, and changed investigation practices to rely more on fostering cooperation. These changes are having a real impact. Formal SEC investigations are up 160 percent since 2008 and informal investigations are up at least as much. Over the past year, court-ordered disgorgements are up 20 percent and the amount of monetary penalties assessed following investigations has almost tripled. All of this means directors are more likely than ever to become involved in an investigation – even if they are not targets, and even if they have done nothing wrong. 

Hanley: Directors should be more concerned. The SEC recently completed a significant reorganisation of its Enforcement Division to enhance its ability to pursue investigations and enforcement cases, particularly in high-profile areas like the Foreign Corrupt Practices Act (FCPA). In response to the perception that it has been more reactive than proactive in its approach to enforcement, the Enforcement Division has undertaken more of a prosecutorial approach, and has enjoyed quite a measure of success, including obtaining settlement amounts of more than $500m in 2010 FCPA cases and successfully prosecuting Raj Rajaratnam in the Galleon Management insider trading case. There is no reason to believe that the SEC will not continue to aggressively pursue investigations and enforcement actions, especially now that it will likely receive even more outside help in the form of tips from whistleblowers looking to take advantage of Dodd-Frank’s bounty provisions.

Snow: Directors have been facing the potential for civil securities claims for years, and with the help of D&O insurance, have managed that exposure. How is this trend in investigations different?

Smith: In an investigation, the SEC typically seeks facts without identifying its target, the conduct under scrutiny or even asserting a claim for relief. All three of those elements are typically required to trigger traditional D&O coverage. Some newer policies have evolved to provide coverage specifically for investigations without requiring a claim against a targeted insured. Another important difference, in addition to monetary penalties, is that an SEC investigation carries the prospect of jail time. Obviously this heightens the concern of directors both on how the case is defended and how it is ultimately resolved. As you would expect, if the SEC uncovers evidence of wrongdoing, it may not be motivated to settle for a monetary amount as a civil plaintiff would.

Hanley: Investigations and government regulatory actions are usually covered by the company’s D&O policy. As the types of investigations the SEC, Department of Justice and other agencies and departments are pursuing evolve, or as new laws and regulations give the agencies new investigative avenues to pursue, it is important to make sure that your D&O policies cover those areas. The larger concern is the lack of coverage for the companies themselves – company indemnity policies historically have not provided reimbursement for most investigation-related expenses and in large investigations these amounts can significantly impact the company.

Huskins: There is no doubt that we are in a regulatory environment in which enforcement agencies are seeking personal accountability at the highest possible levels. D&O insurance is clearly a critical part of the overall risk management strategy that directors should employ – but it is the final response, not the first response. The real win isn’t the successful defence of a matter; it is avoiding the litigation or enforcement action in the first instance. In the current environment it is all the more important for directors to implement the processes and procedures that help to avoid problematic issues like restatements or non-compliance with laws such as the US’s Foreign Corrupt Practices Act in the first place. 

Snow: How has Dodd-Frank – in particular its whistleblower provisions – and other new regulations and rules changed the game for directors and officers?

Hanley: It is not clear yet how, or how much, Dodd-Frank has changed the game.

The governance and compliance mandates imposed by Sarbanes-Oxley and compliance programs adopted by corporations in the wake of a number of court cases already impose significant burdens, so any added substantive burdens as a result of Dodd-Frank may end up being largely incremental. However, the whistleblower provisions of Dodd-Frank have the potential to be significant game changers. Whistleblowers now have the motivation to go directly to the SEC rather than through the company’s internal reporting process. This puts directors and management in a difficult position – how do you implement and maintain programs that foster a culture of compliance when the bounty program rewards your employees for reporting their allegations directly to the government rather than through your compliance program? 

Huskins: Dodd-Frank’s whistleblower provisions definitely change the game – but it’s too early to know if they are true game changers. There have been numerous reports of a material uptick in ‘credible leads’ being reported to the SEC. One wonders, however, about the ability of an already stretched government agency to respond fully and completely to all these new leads in a timely and efficient manner. In this regard, it might end up being to the detriment of shareholders that the implementing regulations failed to ensure that companies get first crack at assessing and responding to whistleblower claims before the government is pulled into the fray. 

Smith: Before Dodd-Frank the SEC received about 100 quality tips a year. Now that the SEC has adopted final rules for the whistleblower provisions of Dodd-Frank, the SEC estimates that it will receive 30,000 tips a year. Companies, and their directors, are concerned whistleblowers may find specious ‘claims’ and that responding to the resulting investigation activity will require significant resources and focus. In addition, an increase in investigations may have a significant impact on the frequency and severity of securities and derivative claims. The plaintiffs bar will not hesitate to use the efforts of whistleblowers and the SEC to bolster cases against directors.

Snow: Class action securities claims have historically been a driver of D&O liability in the US. Is that still the case?

Huskins: The frequency of D&O suits other than class actions is definitely up. However, class actions remain the largest, most severe exposure that directors and officers face. As a result, class action exposure should still be one of the main drivers of a company’s insurance limit decision.

Smith: Class action securities claim filings are up this year – nearly double the number of filings over this same period last year. Considering the record high 2010 settlement average of $109m and increasing litigation costs – including hourly rates in excess of $1400, those trends do not bode well. But securities claims are only part of the story. Corporate derivative suits, once typically resolved with related securities class actions by modest corporate governance changes and plaintiff fees, have dramatically increased. We have seen damages awards over $100m and no sign of relief is in sight. And as post-crisis credit markets show signs of improvement, M&A litigation activity has heated up, and we expect that exposure trend to continue. So while securities claims are important, they are by no means the only driver of claims against directors.

Hanley: The primary drivers have historically been federal securities law-based class action claims and state law-based breach of fiduciary duty claims, but government regulatory investigations and actions have become an increasingly significant part of the liability landscape. For example, while there were approximately 176 securities class action lawsuits filed in 2010, the SEC opened more than 950 informal investigations and the commissioners approved more than 500 staff requests for formal orders of investigation last year. And we should not forget about industry-specific investigations that state attorney generals are pursuing – such as the recently announced investigation by the New York attorney general of Wall Street’s mortgage securities operations. Many of these investigations touch directors and senior management, so while class action lawsuits often get headlines, on an ongoing basis directors and officers are much more likely to face liability issues tied to government regulatory investigations and actions than from securities class actions.

Snow: What new areas of concern for directors in the US do you see on the horizon?

Smith: As companies of all sizes face more global risks, concerns around the Foreign Corrupt Practices Act (FCPA) are growing. FCPA enforcement activity has been rising steadily over the past seven years and 2010 witnessed an 85 percent increase in enforcement actions over 2009, itself a record year. And if directors are not focused on network security and ever growing cyber risks, they ignore those risks at their peril. We have seen many high profile breaches which can severely impact a company’s operations and we also witnessed last year the first ever derivative claim relating to a network security breach. Lastly, the impact of an FCPA claim or a network security breach could do serious damage to the reputation of any organisation. That reputational risk is an ever increasing concern for directors.

Hanley: The biggest areas of concern surround multinational companies and US-based companies with significant overseas business. The SEC and Department of Justice are aggressively pursuing FCPA cases and it looks like they will continue to do so. In addition, the bounty provisions of Dodd-Frank are likely to give the regulators even more outside help in the form of tips from whistleblowers looking to claim a bounty in the type of high-value cases that often come under the FCPA.

Huskins: Never underestimate the cleverness of the plaintiff’s bar.

An unintended consequence of each new corporate governance mandate imposed by Congress is the creation of a new opportunity for plaintiffs to bring suits related to the alleged failure of a board of directors to execute on these mandates. The recent spate of ‘say-on-pay’ suits brought against companies who failed to get a good outcome on this advisory vote is a good example of this dynamic. FCPA is another example. Even though the FCPA does not contemplate a private right of action, we’ve seen plaintiffs continue to attempt to use FCPA allegations to drive private law suits.

Snow: What affect is the general increase in corporate regulation, and associated penalties, having on D&O liability insurance?

Hanley: In addition to pricing concerns, companies and their directors and officers are concerned about having complete coverage. While the insurers are generally on top of the changes in the laws and regulations, and adjust the scope of policy coverage accordingly, there are often questions and disputes as to what is, and is not, covered.

Huskins: The market remains extremely competitive, both in terms of pricing and contract terms. However, not all carriers are equally good at partnering with of their insureds after a claim hits. This is a place where a sophisticated carrier can really distinguish itself from the rest of the pack. 

Smith: Generally an increase in regulation goes hand-in-hand with increased investigations and corresponding legal costs. As a result, companies first look at the amount of D&O insurance to ensure they are adequately protected. Secondly, the terms and conditions of D&O coverage must be constantly reevaluated to make sure they adequately address increasing exposures. Over the last 12 months, D&O coverage evolved, but there are material differences in approach and, potentially, effectiveness. For example, is there coverage for informal investigations? Does a director have the ability to have legal costs paid if the company should indemnify but doesn’t? Is the director’s coverage available if another insured board member or officer cooperates with the plaintiff? All of these issues should be addressed.

Snow: To what extent are companies taking a proactive approach to risk management tailored specifically to protecting board members?

Huskins: In the current environment many mature public companies are re-examining the steps they take to protect their directors, and officers, with a critical eye. One trend in this regard is the introduction of, or dramatic improvements to, the personal indemnification agreements offered by companies to individual board members. Another trend is an increased interest in wealth security policies, which are director liability policies that an individual director might purchase for him or herself with personal funds. The policies have a number of benefits, including providing a kind of umbrella coverage that a director likely does not otherwise have through his or her own personal insurance policies – including a personal umbrella policy; a personal limit that does not have to be shared with other directors and officers; and the ability to schedule multiple boards onto a board member’s single wealth security policy.

Smith: Loss controls, like robust compliance programs and executive education, may help mitigate exposure; however, those controls are unlikely to avoid it. Plaintiffs often sue directors and officers if the opportunity presents itself – even innocent directors and officers. So, if the company’s stock price drops or an M&A deal is announced, proactive risk management is unlikely to ward off greedy plaintiffs. The most proactive approach for individuals is to have broad indemnification from the company along with leading edge D&O coverage.

Hanley: Approaches to risk management vary widely. There’s often a flurry of activity around new laws and regulations or significant court decisions, but companies are usually much better off looking at risk management on an ongoing basis. There are a lot of bases to cover when it comes to protecting the board – everything from assessing D&O policy coverage and cases assessing the boundaries of indemnification coverage and liability limitation to developing and implementing compliance programs that may save the board from having to rely on its D&O insurance. Directors should insist that the company’s advisers have a work plan for covering all of these issues.


Carolyn Snow is director of Risk Management at Humana Inc and treasurer and director at RIMS. As director of operational and clinical risks at Humana, Ms Snow manages the corporate insurance program, including Humana’s captive and RMIS system. She is a member of the corporate acquisition team and served as a member of the core advisory group for enterprise risk management. On the RIMS board she has served as liaison to Conference Planning, Marketing and Communications, Quality and Technology. She also was Risk Manager in Residence at Ball State University and Temple University. Ms Snow can be contacted on +1 502 580 3861 or by email:

Michael W. Smith is the president of Global Financial Lines at Chartis. Throughout his 16 year career with Chartis, Mr Smith has held a number of managerial positions including division counsel, EVP and CUO, president for the Professional Liability Division and  Financial Lines Claims and president of Executive Liability. He can be contacted on +1 (212) 458 2955 or by email:

Tom Hanley is a partner in SNR Denton’s Corporate practice. He advises public and private companies on a variety of corporate and securities law issues, including capital-raising transactions, M&A, corporate governance, SEC compliance, board of directors and board committee matters and corporate litigation. Mr Hanley can be contacted on +1 (202) 408 9234 or by email:

Priya Cherian Huskins is senior vice president and partner at Woodruff-Sawyer & Co. She is a recognised expert in D&O liability risk and its mitigation. In addition to consulting on D&O insurance matters, she counsels clients on corporate governance matters, including ways to reduce their exposure to shareholder lawsuits and regulatory investigations. Ms Huskins is a frequent speaker, both nationally and internationally, and has published numerous articles on D&O issues. She can be contacted on +1 (415) 402 6527 or by email:

© Financier Worldwide



Carolyn Snow

Risk Management Society (RIMS)


Michael W. Smith



Tom Hanley

SNR Denton


Priya Cherian Huskins

Woodruff-Sawyer & Co.

©2001-2019 Financier Worldwide Ltd. All rights reserved.