U.S. public company executives may be in for an unexpected lawsuit if results from the Chubb Group of Insurance Companies' 2012 Public Company Risk Survey are any indicator. More than 80% of respondents reported it was unlikely they would be sued, despite the fact that 23% of the public companies surveyed already had been. And with activities like mergers and acquisitions and enforcement of anti-bribery laws increasing south of the border, directors and officers may well be exposed to future lawsuits.
Canadian executives are also up against some new risks that may increase the likelihood of a directors and officers liability lawsuit. The business landscape in Canada has shifted in the last few years, with public company leaders facing greater risk from securities class action lawsuits, new anti-corruption regulations and more cyber attacks on corporate networks.
LAW SPURS LITIGATION
Securities class action lawsuits have become an increasing concern in the years following the passage of Bill 198, a new law aimed at improving the quality of public disclosure among Ontario corporations. In force since December 31, 2005, Bill 198 added a secondary market liability provision to Ontario's Securities Act, resulting in increased legal liability for alleged misrepresentations in public disclosure made by the directors and officers of publicly traded companies.
Bill 198 does not require that the defendant must have acted with scienter, or the intent to deceive, manipulate or defraud; under the bill, liability can be found when the defendant was simply negligent.
NERA Economic Consulting notes that in 2011, 15 new securities class action cases were filed in Canada, more than in any previous year. Nine of those cases were connected with Bill 198.
A total of 35 cases have been filed since the new legislative provisions came into force at the end of 2005; to date, 24 cases remain unresolved, 10 cases have settled and one case has been dismissed. The 10 settlements have resulted in payments by defendants of almost $100 million, an average of about $10 million each. This may be considered a relatively low settlement amount, but it is important to note that we are still in the early stages of this evolving new exposure. In the U.S., average settlements in 2011 were $31 million, down from the 2010 average of $108 million, NERA reports.
TOUGH ON CORRUPTION
Although Canada's Corruption of Foreign Public Officials Act (CFPOA) took effect in 1999, there had been little enforcement activity until recently. As in other countries around the world, such as the U.S., regulators in Canada have been ramping up anti-corruption efforts leading to more enforcement activity. For example, Niko Resources, a Calgary-based international oil and natural gas company, pleaded guilty to one count of bribery under CFPOA in June 2011.
Canada's work is also receiving recognition from independent organizations. In September, the country won praise from the Berlin-based graft watchdog, Transparency International, for its improvement in enforcement activity. With 34 ongoing investigations, Transparency International pointed out that Canada joins Australia and Austria as the most improved enforcers.
The Organisation for Economic Cooperation and Development (OECD) noted last year that enforcement of CFPOA had increased, with credit for these cases largely attributed to the RCMP's anti-corruption task force, formed in 2008. The organization also commended Canada for codifying corporate liability, as well as other offences, in the criminal code.
Despite the praise, the OECD also cautioned that Canada's regime for enforcement of CFPOA remained problematic in several important areas. For instance, the organization noted that Canada's ability to successfully prosecute is in jeopardy unless the Public Prosecution Service of Canada receives the resources it needs to prosecute the large volume of cases that may soon follow its investigations. As well, among other recommendations, the OECD suggested amending CFPOA so it clearly applies to bribery related to the conduct of all internationally.
Along with the increased regulatory oversight of corrupt business practices, there has been a growing trend toward holding executives personally accountable for this offence. While insurance is usually available to cover a company's liabilities, when it comes to an individual executive's liability, the issue is much less clear. Policies can be written to state that there is coverage in the case of a violation of CFPOA as long as it is insurable by law. In some cases, regulators may oppose insurance coverage for executives as it could be seen as watering down the punitive remedy.
GROWING CYBER THREAT
Computer security is also a significant risk for companies in Canada and one that is often underestimated by executives. A cyber breach is not a matter of if, but when. Two in five companies have experienced a significant cyber security issue in a recent 12-month period, notes information from the Computer Security Institute. And the trend is expected to continue with highly skilled state-sponsored hackers breaking into corporate and government networks in search of trade secrets and other valuable information.
In the U.S., the issue has received a lot of attention following a series of high-profile attacks by hacktivists against companies such as Sony.
While hacktivists are often motivated for political reasons and seek publicity, other state-sponsored hackers work under the radar in search of valuable corporate information, including trade secrets, facts on bids and contracts, proprietary product design details and information relating to things such as social security numbers and bank account numbers of customers and employees.
In Canada, hackers using China-based servers broke into the computer systems at the federal Department of Finance and the Treasury Board of Canada in 2011.
Some of Canada's biggest companies, including PotashCorp and Nortel Networks Corp., also have been targeted by hackers. In the case of the Potash cyber breach, as the company fought a hostile takeover attempt by Australian mining giant BHP Billiton, hackers were attacking the computers of law firms representing both companies.
Poor security against cyber attacks "is increasingly recognized as impacting not just national security, but also public safety and economic prosperity through growing cyber crime and loss of intellectual property," notes an August 2011 memo from William Baker, deputy minister of public safety, to Public Safety Minister Vic Toews. Business leaders are constantly challenged to identify the key risks facing their companies and to successfully manage them. In Canada today, the top risks facing business leaders include securities class actions, government oversight and the threat of cyber attacks. These risks have the potential to have an impact on a wide number of Canadian businesses and lead to significant losses, including a directors and officers liability lawsuit that could prove costly.
Business leaders with an understanding of the risks will be in a better position to take steps to avoid a loss. Beyond risk mitigation measures, businesses can turn to insurance to help them offset any losses should they occur.
The shifting risk landscape brings with it new risks, but businesses that are prepared and informed can manage those risks and avoid potentially damaging losses.