Jay Brown has named Delaware Chancellor William Chandler's opinion In re Citigroup was # 2 on Jay's list of the 5 worst Delaware corporate law decisions of 2009. As usual, I disagree.
Here's Jay's summary of the case:
Shareholders sued the board of Citigroup alleging that the board should have played a larger role in preventing the financial conglomerate from taking on so much risk. The plaintiffs alleged that the board had plenty of "red flags" that alerted it to the problems in the subprime lending market yet took no steps to address the concerns. The board had staked out a role in assessing corporate risk having established an Audit and Risk Management Committee (ARM Commitee).
The case involved two discrete issues. The first was whether the board could be charged with awareness of the problems of excessive risk and, in the face of these concerns, had consciously disregarded the risks. This issue turns on what the board knew and whether it had a duty to act. The claim is grounded in bad faith.
The second was whether the board had a duty to know about the excessive risk taking. It was more than a generic claim that boards had a duty to be informed about risk taking. Plaintiffs claimed that the board failed to “make a good faith attempt to follow the procedures put in place or fail[ing] to assure that adequate and proper corporate information and reporting systems existed that would enable them to be fully informed regarding Citigroup’s risk to the subprime mortgage market.”
Jay offers an extensive critique of the decision, which I urge you to read in full. Here are a couple of money quotes:
The case presented the Chancery Court with an opportunity to discuss the oversight responsibilities of the board. It also gave the court an opportunity to define the types of information that ought to be reported to the board in order for it to fulfill its oversight function. Nothing of the kind occurred.
The court turned the case into something that it was not. Instead of focusing on inadequate process, as plaintiffs alleged, the court characterized the cause of action as simply a hindsight attempt to impose liability for a decision that turned out badly. ...
The analysis suggests that even if the board had red flags suggesting excessive risk taking, there was no duty or responsibility to act. The suggestion contradicted longstanding and conventional wisdom that boards had a duty to act anytime they were put on notice of circumstances that could result in serious harm to the corporation.
I'm afraid I don't agree with that argument. I wrote about the Citigroup decision extensively in my law review article Caremark and Enterprise Risk Management. That article's general thesis, as explained in the abstract, was as follows:
The financial crisis of 2008 revealed serious and widespread risk management failures throughout the business community. Shareholder losses attributable to absent or poorly implemented risk management programs are enormous.
Efforts to hold corporate boards of directors accountable for these failures likely will focus on so-called Caremark claims. The Caremark decision asserted that a board of directors has a duty to ensure that appropriate "information and reporting systems" are in place to provide the board and top management with "timely and accurate information." Although post-Caremark opinions and commentary have focused on law compliance programs, risk management programs do not differ in kind from the types of conduct that traditionally have been at issue in Caremark-type litigation.
Risk management failures do differ in degree from law violations or accounting irregularities. In particular, risk taking and risk management are inextricably intertwined. Efforts to hold directors accountable for risk management failures thus threaten to morph into holding directors liable for bad business outcomes. Caremark claims premised on risk management failures thus uniquely implicate the concerns that animate the business judgment rule's prohibition of judicial review of business decisions. As Caremark is the most difficult theory of liability in corporate law, risk management is the most difficult variant of Caremark claims.
As the emphasized language suggests, I share Chandler's concern that Caremark claims in this context do threaten to become what Jay calls a " hindsight attempt to impose liability for a decision that turned out badly."
In the article, I further explained that:
Risk management necessarily overlaps with risk taking because the former entails making choices about how to select the optimal level of risk to maximize firm value. Recall that there are only four basic ways of managing risk: avoiding it by avoiding risky activities, transferring it through insurance or hedging, mitigating it, and accepting it as unavoidable. All of these overlap with risk taking. Operational risk management, for example, frequently entails making decisions about whether to engage in risky lines of business and, more generally, determining whether specific risks can be justified on a cost-benefit analysis basis. As a result, it is becoming increasingly “difficult to draw a line between corporate governance and risk management.”
The fuzzy line between risk-taking and risk management is nicely illustrated by how corporations use derivatives. On the one hand, they can be used to hedge risk. On the other hand, they can be used as speculative investments. In many cases, they can be used as both simultaneously.
As Chancellor Chandler correctly recognized in Citigroup, Caremark claims premised on risk management failures thus uniquely implicate the core concerns animating the business judgment rule in a way typical Caremark claims do not. Chancellor Chandler seemingly understood that risk management cannot be easily disentangled from risk taking, because it described plaintiffs’ claim as “asking the Court to conclude … that the directors failed to see the extent of Citigroup’s business risk and therefore made a ‘wrong’ business decision by allowing Citigroup to be exposed to the subprime mortgage market.” He declined to do so, explaining that “this kind of judicial second guessing is what the business judgment rule was designed to prevent, and even if a complaint is framed under a Caremark theory, this Court will not abandon such bedrock principles of Delaware fiduciary duty law.”
I think that Chandler got it exactly right.
Comments