Skip to main content
May 15, 2020

How boards can protect against Covid-19-related shareholder claims

Covid-19 presents a red-flag risk for boards of directors that is potentially ripe for Caremark claims, say Scott Crofton, Lee Parnes and Krishna Veeraraghavan

As companies implement new processes and procedures in an effort to operate safely in a pandemic-stricken world, opportunistic shareholder plaintiffs are likely to use health and safety incidents affecting employees, customers, suppliers or other stakeholders – along with other business disruptions – as the basis to bring claims. Those plaintiffs may pursue such claims in relation to a director’s duty to monitor.

Directors in Delaware are required to make a good faith effort to oversee a company’s operations. This obligation requires a board to make a good faith effort to implement an adequate reporting and compliance system. The board must then monitor the system to ensure it properly funnels information to the board about a company’s operational viability, legal compliance and financial performance.

This doctrine is sometimes referred to as the duty of oversight or duty to monitor. Significant failures to comply with it can become the basis for a stockholder plaintiff to assert that the board acted in bad faith in breach of its duty of loyalty. Duty of loyalty breaches are non-exculpable and potentially not indemnifiable against monetary damages.

The doctrine arises from a 1996 case In re Caremark Int’l Inc Deriv Litig, in which the Delaware Court of Chancery found that an ‘utter failure to attempt to assure a reasonable information and reporting system exists’ is an act of bad faith in breach of the duty of loyalty.

Caremark involved alleged violations by Caremark employees of federal and state laws applicable to healthcare providers, resulting in a plea agreement in which Caremark pleaded guilty to a felony and made roughly $250 million in payments in respect of various civil and criminal fines and other reimbursements. In Caremark, the court established the implementation prong of its namesake doctrine, which provides for director oversight liability if a director utterly fails to implement any reporting or information system or controls.

Subsequently, in Stone vs Ritter, a case involving a company’s alleged failure to comply with the Bank Secrecy Act, the Delaware Supreme Court established the monitoring prong of the Caremark doctrine. This also provides for director oversight liability if, after having implemented a reporting or information system or controls, the director consciously fails to monitor or oversee its operations, because that failure implicitly disables the system or controls.

In order for a Caremark claim to survive a motion to dismiss, well-pled allegations of bad faith are required. This means plaintiffs must plead particular facts that would allow an inference that a director not only acted in a manner inconsistent with his or her fiduciary duties, but also knew that such actions were inconsistent with those duties.

In light of these standards and scienter requirement, Delaware courts have repeatedly noted that Caremark claims are among the most challenging claims to plead and prove. But two ongoing Delaware cases involving Caremark claims recently survived motions to dismiss, demonstrating that although the burden for withstanding a motion to dismiss a Caremark claim is high, it is surmountable.

Marchand vs Barnhill involves a listeria outbreak in manufacturing plants of Blue Bell Creameries USA that caused three customer deaths and led the company to recall all of its products, shut down all of its production and lay off a significant portion of its workforce.

The Delaware Supreme Court reversed the dismissal of a stockholder derivative lawsuit alleging a Caremark claim against the board. It found that the complaint alleged particularized facts that supported a reasonable inference that the board did not have in place a reasonable board-level system of monitoring and reporting with respect to food safety, which the court deemed to be a compliance issue intrinsically critical to the company’s business.

The court stated in its Marchand opinion that ‘[w]hen a plaintiff can plead an inference that a board has undertaken no efforts to make sure it is informed of a compliance issue intrinsically critical to the company’s business operation, then that supports an inference that the board has not made the good faith effort that Caremark requires.’ The Marchand action is ongoing, although Blue Bell recently settled a separate stockholder derivative lawsuit relating to the listeria outbreak.

In re Clovis Oncology, Inc Derivative Litigation arose out of the failure of a once promising lung cancer treatment Rociletinib (Roci) developed by Clovis Oncology. Clovis withdrew Roci from Food and Drug Administration (FDA) consideration after disappointing clinical trials, which were substantially less favorable than previous public reports by Clovis and resulted in its stock price plunging.

The Delaware Chancery Court declined to dismiss the Caremark claim against the board. In reaching that decision, the court, drawing all reasonable inferences in plaintiffs’ favor at the motion to dismiss stage, was satisfied that plaintiffs had well-pled that the board consciously ignored red flags that revealed a mission critical failure to comply with protocols and regulations relating to the clinical trials. The Clovis action is ongoing.

The Covid-19 pandemic represents a highly visible red-flag risk for boards of directors that is potentially ripe for Caremark claims. As was seen in Marchand and Clovis, an underlying theme of the Caremark line of cases is that businesses that operate in highly regulated industries are more prone to potential Caremark liability, particularly when the issues arise with respect to their flagship or only line of business.

In a books-and-records decision last year that was a precursor to a potential Caremark claim, the Delaware Court of Chancery explained, based on a review of the Caremark line of cases, that ‘it is more difficult to plead and prove Caremark liability based on a failure to monitor and prevent harm flowing from risks that confront the business in the ordinary course of its operations. Failure to monitor compliance with positive law, including regulatory mandates, is more likely to give rise to oversight liability.’

As companies adapt to a patchwork of social distancing and other safety regulations and guidelines across the country while jurisdictions start to reopen, plaintiffs are likely to argue that the fundamental operation of many businesses is now significantly more regulated and that operating in the middle of a pandemic does not constitute business as usual. As a result, they will say, Covid-19-related Caremark claims do not merely relate to ordinary-course business risks and should be easier to sustain in light of the explosion in positive law and regulation governing business operations and personal interactions.

It remains to be seen whether the Delaware courts are inclined to agree with that plaintiff-friendly reading of the business environment and apply it to Caremark claims, but well-documented director oversight of Covid-19 planning is a prudent course of action in light of this risk.

Additionally, it is notable that the court in Marchand did not accept Blue Bell’s defense at the motion to dismiss stage that it had complied with certain FDA and state regulatory requirements for food safety. The court stated that the fact that Blue Bell nominally complied with certain FDA regulations did not imply that the board implemented a system to monitor safety at the board level.

As companies begin to reopen their businesses under a patchwork of federal, state and local regulations and guidelines, employee compliance with certain regulations and guidelines may not provide Caremark protection to directors if significant issues at a company nonetheless arise and it is found that, notwithstanding nominal legal compliance, the board utterly failed to have a system that would allow it to monitor pandemic-related issues or consciously disregarded its results.

To protect their businesses from not just the effects of the pandemic, but also the risk of Caremark litigation in its wake, boards of directors, working with support from management and advisers, should look to systematically address Covid-19-related business risks.

Directors should step back and seek to look at the risks holistically in an effort to avoid the creation of significant blind spots. By identifying the significant risks, implementing processes to monitor those risks where processes do not already exist and obtaining regular updates on those processes, directors will develop a strong record in the event a Caremark claim is brought.

The following is a list of potential actions boards could take in mounting a Covid-19 response. There is no specific set of required actions – rather, a board should design and implement the program it sees as appropriate in order to implement an effective holistic risk management approach.

  • Create board-level processes and protocols to address Covid-19-related issues, such as:

– Reserving a portion of each upcoming board meeting to discuss Covid-19-related issues

– Encouraging a fulsome and balanced discussion of such issues, including discussion of any position or negative developments

– Requiring or encouraging management to produce regular reports relating to Covid-19-related issues and metrics, and requiring management to provide such reports, or summaries of such reports, to the board

– Otherwise requiring management to keep the board updated on a consistent basis as to how management is addressing Covid-19-related issues and asking related questions to management

  • Use third-party advisers to supplement as necessary a company’s internal risk oversight function
  • Form a special committee specifically charged with monitoring and reporting on Covid-19-related issues if significantly more time-intensive day-to-day monitoring is deemed appropriate by the board, or ensure an existing committee charged with risk oversight (such as the audit committee) is responsible for monitoring and reporting on Covid-19-related issues
  • Monitor the marketplace for steps other similarly situated companies are taking
  • Take accurate and detailed minutes of any board or committee meeting that reflect the board’s measured consideration of these issues.

Scott Crofton and Krishna Veeraraghavan are partners and Lee Parnes is an associate with Sullivan & Cromwell

Scott Crofton, Lee Parnes and Krishna Veeraraghavan

Sullivan & Cromwell