Is the Risk of Director Liability Really a “Myth”?

A recent scholarly article questioning the realistic financial liability exposure of corporate directors serves to prompt a larger discussion on the broad range of risks faced by directors, and actions that can be taken to mitigate those risks.

In the interesting and well-written piece, “Seven Myths of Boards of Directors”[1], Professor David Larcker and Brian Tayan identify seven common presumptions about board service that the authors believe are not substantiated by empirical evidence. “Myth Six” is that corporate directors are exposed to “significant personal legal and financial risk” arising from their service.[2] Relying in part on an updated 2006 study, the authors counter that the incidence of actual out-of-pocket payments by individual directors is very low, primarily as a result of the protection afforded by corporate-sponsored indemnification commitments and insurance policies.

The authors’ conclusions are persuasive and, as such, may offer comfort to many current and potential board members. But, as other industry observers have noted, the data on which the authors rely is based on out of-pocket payments arising from civil litigation.[3] And the universe of risks confronting corporate directors is increasingly arising from more diverse sources. Given the multiple sources of potential exposure, “Myth Six” should nevertheless serve as a prompt for the board to confirm that adequate indemnification and insurance coverage exists in the event claims arise from risks beyond traditional civil litigation. For example:

SEC Enforcement. Public company directors have not historically faced significant exposure to SEC enforcement action. Indeed, Commissioner Luis Aguilar recently assured “conscientious” outside directors that they “should have nothing to fear from the SEC”.[4] To the extent such actions are instituted, they are typically limited to allegations of direct participation in, or willful blindness with respect to, corporate misconduct. Yet the Commissioner’s comforting comments must be balanced against SEC Chair Mary Jo White’s cornerstone commitment to focus the Commission’s enforcement footprint in part on the accountability of “gatekeepers” (e.g., attorneys, accountants, auditors, and board members [emphasis added]).[5]

Indeed, several recent SEC enforcement actions against individual directors are consistently cited by industry observers.[6] Two of these have been brought against audit committee chairs, “an infrequent but disturbing occurrence” according to Chair White.[7]

So, while SEC enforcement actions against individual directors are rare, the risk of such action is credible. Given the SEC’s public focus on the accountability of corporate “gatekeepers”, it can be expected to periodically challenge the actions or non-actions of outside directors considered to be a “significant departure from normal corporate governance and appropriate director conduct”. Indeed, a recent Op/Ed contribution to The Wall Street Journal argues that, Commissioner Aguilar’s assurances notwithstanding, “…board members are more concerned than ever about regulatory liability—and with good reason”.[8]

Creditors’ Rights. The board may also address coverage issues arising from creditors’ rights actions that target individuals. Prominent among these is the January, 2015 ruling of the U.S. Court of Appeals in Lemington Homes, which upheld a jury verdict of approximately $2.3 million in compensatory damages against the officers and directors of a nonprofit home for the aged, for breach of fiduciary duty, and contribution to deepening insolvency (as that cause of action exists under Pennsylvania law).[9] The Court’s analysis provides useful baseline references to board conduct that may violate the duty of care, may trigger a punitive damages award, and may contribute to the “deepening insolvency of the organization”.

Note also the Delaware Chancery Court’s recent Quadrant decision.[10] There, the Court pruned the theory of deepening insolvency (at least for Delaware) but did nothing to change the circumstance that the Directors & Officer’s policy and proceeds may itself be property of a bankrupt’s estate, giving the Court supervision over the use of the proceeds for defense costs. This, in turn, makes it all the more important that these policies be properly drafted to have “director only” coverage at least in part.

Industry Debarment. Depending upon the industry sector involved, directors may be subject to debarment or similar action in the event that they are determined to have violated the applicable standard of conduct. For example, in the health care sector, the Office of Inspector General, Department of Health and Human Services (OIG) has the authority to impose the penalty of exclusion of individuals (as well as entities) from the Medicare and Medicaid programs.[11] Such exclusions can be either mandatory (where the individual or entity has been convicted of certain statutory offenses) or discretionary (depending on the type of action involved) in nature. The OIG interprets the term “individual” to include a governing board member of a health care entity. Indeed, there are instances in which the OIG has used its discretionary authority to exclude individuals in a position to influence the corporation (e.g., senior officers, or directors), while allowing the underlying entity to conduct its business without similar penalty.

“Debarment” risk is not limited to public companies. Some state attorneys use debarment as an enforcement mechanism against directors of nonprofit corporations they determine to have breached their fiduciary duties. The New York Attorney General in particular has, in recent years, conditioned certain settlements with nonprofit directors accused of egregious fiduciary conduct on their acceptance of a permanent ban on future fiduciary service for any New York nonprofit or charitable corporation.[12]

Emerging Issues. The universe of potential liability risk also extends to emerging, or novel litigation claims. For example, a recent U.S. District Court decision held that directors who engage in retaliatory conduct against a whistleblower may be subject to individual liability under federal (e.g. Sarbanes Oxley and Dodd-Frank) whistleblower protection laws.[13] The case was initiated by an ex-general counsel who had alleged that he was illegally terminated after reporting to company leadership possible violations of the Foreign Corrupt Practices Act. The defendants had argued that neither Sarbanes nor Dodd-Frank expressly included directors in the list of those who could be held liable for whistleblower retaliation. The District Court concluded, however, that Congress did not intent to shield directors who engage in retaliatory conduct from individual liability.

Directors may also have some concern for their exposure to criminal or civil enforcement arising from the new Department of Justice guidelines addressing individual accountability for corporate wrongdoing. The DOJ’s new “Yates Memorandum” conditions eligibility for cooperation credit in the context of a governmental investigation on the extent to which the corporation identifies all individuals involved in or responsible for the misconduct at issue, regardless of their position, status or seniority [emphasis added], and provide to the Department all facts relating to that misconduct.[14] Uncertainty on how the Yates Memorandum may be applied to corporate governance could add to director concerns with the scope of their individual liability in the context of a DOJ investigation of the corporation.

Reputational Harm. Professor Larcker and Mr. Tayan appropriately acknowledge as a risk “the time, aggravation, and potential harm to [individual] reputation that a lawsuit can entail…” These burdens can be quite significant, and extract considerable personal cost. As it is often said about litigation complaints against individual directors, “You may avoid the result, but you will not avoid the ride!” And, that ride can often be lengthy, involving years to resolve from the filing of the complaint, the initial pleading and motion process, burdensome paper and electronic discovery and depositions, trial preparation, settlement negotiations, the trial, and a possible appeal. For example, in the Lemington Homes decision referenced above, nearly 10 years passed between the filing of the action by the unsecured creditors and the January 2015 court of appeals decision.

An additional, less obvious risk arises from board policies that require a director to submit his/her resignation from the board upon the occurrence of certain events related to a director’s ability to continue serving without distraction to the board or to the company. Some of those policies require (fairly or unfairly) resignation when the director is named as an individual defendant in a complaint alleging a material breach of fiduciary duty, or in a regulatory enforcement action. Such a filing or enforcement action director could thus have the collateral damage of mandating his/her resignation from other boards.

What to Do About It

The Larcker/Tayan article should prompt boards (and their insurance advisors) to consider the broader universe of individual liability risks beyond civil litigation, and the adequacy of existing indemnity and insurance coverage for these risks. A leading “D&O” industry observer recommends that companies “carefully review their management and professional liability policies” with qualified advisors to better understand the application of coverage to the broader universe of risks.[15] The goal is to assure “state of the art” coverage with the best possible terms; e.g., whether the policy covers fines and penalties assessed by a regulatory agency, and how policy coverage is affected by the presence of multiple defendants seeking coverage, and multiple actions (i.e., the potential for “catastrophic circumstances”).[16]

Concerned boards will also consult their general counsel on those elements of fiduciary conduct that can mitigate individual director liability risk; e.g. through heightened vigilance and enhanced procedures:

  • Board focus on preserving a corporate culture that encourages ethical conduct and a commitment to compliance with the law. This focus should extend to the establishment of related expectations for senior management, to the exercise of appropriate board level oversight, and to the maintenance of a robust corporate compliance program.
  • Sharpening the board’s ability to exercise attentiveness and inquisitiveness, and an enhanced awareness of conduct that may more readily trigger a “red flag” as well as the willingness to make inquiry when suspicions are aroused or should be aroused—and to persist until answers have been received.
  • Maintaining board decision-making processes and the conduct of key committees (e.g., audit) in a manner consistent with standards for business judgment rule protection, and recognized governance best practices. In this regard, the general counsel can provide value by monitoring, on the board’s behalf, case law and enforcement activity for indications of conduct the courts and/or enforcement agencies find problematic.

The sky is not falling. Board service has not become a hazardous occupation. Where well-structured D&O insurance is in place, the suggestion that directors face little personal legal and financial risk from board service may be true–at least as it relates to the risks arising from civil litigation. But, as recent developments suggest, the liability risks that directors face—even to a limited degree—can extend beyond civil litigation. Thus, it is incumbent on corporate leadership to re-evaluate both the breadth of its indemnification and insurance protections, and the effectiveness of the corporate culture and board practices to assure protection from a broad range of risks.


[1] David F. Larcker and Brian Tayan, “Seven Myths of Boards of Directors”, Stanford Closer Look Series,

[2] Id., at 3.

[3] Kevin LaCroix, “The ‘Myth of Outside Director Liability and the Critical Importance of D&O Insurance”, THE D&O DIARY, October 20, 2015.

[4] Commissioner Luis A. Aguilar, “The Important Work of Boards of Directors”, October 14, 2015;

[5] Chair Mary Jo White, “A Few Things Directors Should Know About the SEC”, June 23, 2014,

[6] See, e.g., Bradley J. Bondi, Bart Friedman, Sean P. Tonolli and Margaret D. McPherson, A Brief History of SEC Enforcement Actions Against Directors, LAW360 (Oct. 16, 2015), /714967/print?section=securities; Press Release, U.S. Securities and Exchange Commission, SEC Announces Enforcement Results for FY 15 (Oct. 22, 2015),; Kevin LaCroix, SEC Enforcement Actions Against Outside Directors, The D&O DIARY (Oct. 18, 2015),

[7] Mary Jo White, supra note 5.

[8] William R. Baker III and Joel H. Trotter, “Nothing to Fear from the SEC?”, The Wall Street Journal, October 29, 2015,

[9] In re Lemington Home for the Aged Comm. of Unsecured Creditors, 777 F.3d 620, 2015 BL 16998 (3d Cir. 2015).

[10] Quadrant Structured Products Co. v. Vertin, 2015 WL 2062115 (Del. Ch. May 4, 2015).

[11] Most of the bases for OIG imposing an exclusion are in section 1128 of the Social Security Act (42 U.S.C. § 1320a-7).

[12] See, e.g.,

[13] Wadler v. Bio-Rad Laboratories, Inc., 2015 U.S. Dist. LEXIS 144468 (N.D. Cal. Oct. 23, 2015).

[14] Memorandum from Sally Quillian Yates, Deputy Attorney General, U.S. Department of Justice, September 9, 2015, Individual Accountability for Corporate Wrongdoing (Guidelines), available at dag/file/769036/download.

[15] Kevin LaCroix, “The ‘Myth of Outside Director Liability and the Critical Importance of D&O Insurance”, supra note 3.

[16] Kevin LaCroix, “SEC Enforcement Actions Against Outside Directors”, The D&O Diary, October 18, 2015,

The preceding post comes to us from Michael W. Peregrine, a partner at McDermott Will & Emery. His views do not necessarily reflect the views of McDermott Will & Emery or its clients. The author wishes to thank his partners, Steven S. Scholes, William P. Schuman and William P. Smith, and his associate, Kelsey J. Leingang, for their assistance in the preparation of this article.