30 oct. 2020 - Traduction en cours. Across the globe, courts are rapidly adapting their practices and procedures, initially in response to the COVID-19 pandemic and now to the gradual resumption of activities and easing of restrictions. As Canadian provinces gradually move toward reopening, courts...
Canadian Directors Should Heed Recent U.S. Caremark Litigation
Oversight Controls and Active Monitoring of Operations Are Core to Directors’ Duties
Traduction en cours.
Over the past year there has been a noticeable uptick in claims permitted by Delaware courts alleging a failure by directors to make a good faith effort to monitor corporate operations – otherwise known as a Caremark claim.1 A Caremark claim is founded on the principle that directors have, as a subset of their fiduciary duty of loyalty, a duty to monitor and oversee corporate operations – failing which, they risk facing personal liability under Delaware law. The Caremark duty does not (yet) exist in Canada. However, it is easy to contextualize such a duty within the fiduciary duty and duty of care owed by directors under Canadian corporate law. Operational risk is increasingly an area that key stakeholders expect boards to actively monitor as part of their ultimate oversight responsibilities, including oversight of key enterprise risks.
Most recently, the Delaware Court of Chancery allowed a Caremark claim to proceed in its April 2020 decision of Hughes v Hu (Hughes).2 The case involved a China-headquartered corporation with a history of material weaknesses in financial controls, including a restatement of three years of financial statements and a series of improper related party transactions. The Court permitted the Caremark claim to proceed, which alleged that certain defendant directors failed to provide adequate financial oversight. In determining to deny the defendant’s motion to dismiss, the Court relied on evidence that the audit committee met infrequently, failed to implement a system of oversight and regularly neglected “red flags” relating to its financial statements, inadequate internal controls and related party transactions. Moreover, even when the audit committee did meet, it allegedly often did so in abbreviated meetings, acted through written consents (rather than discussing the issues) and blindly relied on management even after instances of management failing to accurately report information to the committee.
The Hughes decision marks the fourth time in the past year that a Caremark claim has been allowed to proceed in Delaware. The decision builds on other notable cases, including a large scale ice cream manufacturer that allegedly failed to implement a system of oversight over food safety, leading to a deadly listeria outbreak (Blue Bell);3 a drug manufacturer that allegedly failed to oversee clinical trials for its most promising drug, leading to material inaccuracies regarding efficacy (Clovis);4 and an oil company that allegedly failed to oversee pipeline operations, leading to a significant oil spill in an environmentally sensitive area (Plains All American).5 Earlier this year, the Blue Bell claim resulted in a US$60-million settlement just days before the trial was set to commence.
Caremark claims have historically been very difficult to establish: only a “sustained or systematic failure of the board to exercise oversight – such as an utter failure to assure a reasonable information and reporting system exists – will establish the lack of good faith that is a necessary condition to personal liability of directors.”6 Prior to the recent line of cases, many Caremark claims were dismissed by U.S. courts at the pleadings stage as a result of plaintiffs’ failure to satisfy this onerous burden. However, the most recent line of cases that were allowed to proceed serve as a reminder that boards must make a good faith effort to implement oversight controls and actively monitor operations. And while these most recent cases may not necessarily reflect a change in law, but rather serve as examples of particularly egregious oversight failures, they nonetheless are instructive on how U.S. and Canadian directors alike can best satisfy their risk oversight responsibilities, an area that many are particularly focused on as businesses continue to work through the varied challenges and implications of COVID-19.
Practical takeaways from Hughes and other notable Caremark cases include the following:
- Implement oversight controls. The board should maintain robust procedures to ensure oversight of internal controls as they relate to the company’s principal risks. While there is no one-size-fits-all approach for doing so, consider whether to establish a risk committee or ensure that subject-matter risk responsibilities are specifically allocated to the appropriate board committees. The board should also ensure policies and processes are in place to facilitate the timely flow of information from management to the board (or applicable committee(s)) pertaining to those risks and the associated mitigation strategies, and that the board gives them due consideration.
- Actively monitor operations. Board measures must extend beyond implementing controls and deferring to management to execute; the board’s evaluation and monitoring of those controls are equally critical. Those measures require, among other things, that the board adhere to adopted controls and policies, meet regularly and give due consideration to oversight matters and facilitate timely communication with management. Investors and other corporate stakeholders increasingly expect boards to have more frequent oversight for risk management, and not merely delegate consideration of those matters to annual reviews.
- Oversee “mission critical” operations. In particular, a monoline corporation should ensure that robust controls are implemented and its “mission critical” operations and risks are closely monitored, given the importance of a single or limited number of products to the corporation’s operations. Creating a board committee specifically tasked with overseeing such product(s) may be advisable for some businesses. At the end of the day, however, it will often be prudent for the full board to be involved in oversight of key risks or issues that are central to a company’s business.
- Recognize that certain operations may be subject to heightened risk. Industries that are subject to substantial governmental regulation or have operations linked to human health, life or sustainability issues – such as food, cannabis, pharmaceuticals, medical devices, mining and transportation – may be subject to greater risk that requires proportionately heightened and more active oversight (such as by a subcommittee of the board).
- Implement timely and proportionate responses to identified risks. Ignoring “red flags” or “yellow flags” or remaining wilfully ignorant of them demonstrates bad faith oversight. Significant issues such as these should be elevated to the board-level promptly, with management’s response (including public communications) executed under the board’s oversight.
- Continually evaluate oversight controls. The evolution of operations or market circumstances, as well as the broader context in which a company operates, naturally necessitates an evolution of oversight. A board should regularly evaluate its oversight practices and pressure-test key assumptions. COVID-19 has brought this need into sharper focus. Many companies have had their established practices and procedures upended, revealing gaps or deficiencies in their internal controls and thus demanding rapid adaptation to implement new measures to reflect their new modes of operations.
- Consider relationships in determining director oversight. In some cases, a director’s personal or business relationship can be influential in determining not only that director’s independence generally, but also that director’s impartiality with respect to the specific issues or risks at play. Independence is not a static concept and should therefore be assessed regularly with regard to the nature of the decision or information being placed before the board to ensure its oversight responsibilities or decisions are not undermined by conflict.
- Document board oversight. Good documenting is good governance. Board and committee minutes should be prepared in a timely fashion and be reasonably detailed in respect of the board’s oversight function, with risks identified and follow-up actions taken and settled. In Hughes, the board’s inability to produce documentation detailing its professed monitoring activities helped support the alleged inference of bad faith oversight. Maintaining proper minutes is, like many other aspects of good governance, an art, not a science, and different approaches may be appropriate in different contexts.
During a crisis such as COVID-19, heightened board oversight is often needed. The pandemic has forced many corporations to confront not only how to maintain adequate board oversight but also how to evolve existing oversight controls to manage operational uncertainties. Adjustments, such as scheduling more frequent meetings and/or the board chair more frequently liaising with management, are prudent in times of crisis to ensure the board is receiving timely, accurate and balanced information. At the same time, the board must be careful to avoid usurping management’s responsibility for day-to-day operations. COVID-19 has thrust the issue of board preparedness to the forefront of corporate stakeholder concern. It reminds us that while a rare and unexpected event with significant consequences can happen, that event’s adverse impact can and should be mitigated through attentive board oversight. And even once the COVID-19 dust settles, boards are likely to find themselves exposed to greater stakeholder scrutiny and, potentially, accountability for the monitoring of enterprise risks as a major component of boards’ duties and responsibilities.
1 Based on the seminal case In re Caremark Intern. Inc. Derivative Litigation, 698 A.2d 959 (Del. Ch. Sept. 25, 1996) (Caremark).
2 C.A. No. 2019-0112-JTL, 2020 WL 1987029 (Del. Ch. Apr. 27, 2020).
3 Marchand v Barnhill, 212 A.3d 805 (Del. 2019) (Blue Bell).
4 In re Clovis Oncology, Inc. Derivative Litigation, C.A. No. 2017-0222-JRS, 2019 WL 4850188 (Del. Ch. Oct. 1, 2019) (Clovis).
5Inter-Marketing Group USA, Inc. v Armstrong, C.A. No. 2017-0030-TMR, 2020 WL 756965 (Del. Ch. Jan. 31, 2020) (Plains All American).
6Caremark at 971.
15 oct. 2020 - Traduction en cours. BlackBerry Ltd. completed an amended debt refinancing transaction with its significant shareholder Fairfax Financial Holdings Limited (Fairfax), on September 1, 2020, after having made changes to the transaction terms on two separate occasions. These included...