Oversight Duties Apply to Corporate Officers
It is well established that corporate officers owe the same fiduciary duties as directors under Delaware law. However, the Delaware courts have not had occasion to consider every species of fiduciary duty claim against officers and how those various claims operate as a practical matter. For example, it has long been held that directors' fiduciary duties require them to oversee the company's operations and its mission-critical risks. This obligation includes developing a reasonable system of monitoring and reporting about the corporation's central compliance risks and actively deciding how to respond to risks and other matters raised to directors through that monitoring and reporting system. Until recently, it was unclear whether such oversight obligations applied to officers in addition to directors.
The Delaware Court of Chancery recently answered that question in the affirmative. In In re McDonald's Corporation Stockholder Derivative Litigation, the court held that corporate officers owed the same fiduciary duty of oversight that directors owed to the corporation and its stockholders. In so doing, the court found that it was reasonably conceivable that its former executive vice president and global chief people officer had breached his fiduciary duty of oversight as the head of human resources by allegedly allowing a corporate culture to develop at the company that condoned sexual harassment and misconduct, as well as engaging in misconduct himself, thereby consciously ignoring red flags and failing to report them to the chief executive officer. The court acknowledged that the breadth of an officer's fiduciary duty of oversight necessarily depended upon the corporate officer's responsibility. A chief executive officer's duty, for example, would have a companywide ambit, while the global chief people officer's duty in McDonald's was generally limited to overseeing that the workplace was "safe and respectful" for its employees. The court summarized:
Officers generally will be responsible for addressing or reporting red flags within their areas of responsibility, although one can imagine possible exceptions. If a red flag is sufficiently prominent, for example, then any officer might have a duty to report upward about it. An officer who receives credible information indicating that the corporation is violating the law cannot turn a blind eye and dismiss the issue as "not in my area."
As litigation involving the duty of oversight has become increasingly popular in the last few years, corporations — especially those trading on a national securities exchange — should now be wary of the possibility of increased litigation risk for their corporate officers. Steps that both directors and officers can take to reduce such litigation risk include:
-
Developing written processes to ensure that a company's mission-critical risks and compliance issues are identified, monitored, and reported to the directors where appropriate.
-
Assigning specific officers to oversee the monitoring and reporting of specific risk categories that fall within the ambit of their day-to-day responsibilities.
-
Periodically reviewing the company's monitoring and reporting functions to ensure they work properly.
-
Analyzing and determining how to respond to or address any compliance issues or other risks raised to the board as part of the monitoring and reporting process.
-
Keeping a record of directors' and officers' oversight activities. Although boards of directors often opt for high-level, short-form meeting minutes, meeting minutes reflecting director and officer deliberations regarding the company's monitoring and reporting function and mission critical risks should be robust and detailed.
-
Periodically reminding all officers and lower-level employees within the company's monitoring and reporting function of the company's mission-critical risks and the appropriate procedures for identifying and elevating those risks and issues up the reporting chain.