Caremark, FCPA and Corporate Governance
The landmark decision — In re Caremark International Inc. Derivative Litigation — has even more implications in today’s aggressive FCPA enforcement environment.
In Caremark, the Delaware Chancery Court ruled that the failure of the directors to ensure that it had access to adequate compliance information and reporting systems could result in the director being held liable for losses caused by non-compliance.
Corporate Boards that fail to ensure that a company has an adequate compliance program, access o accurate records, or the necessary information needed to assess overall compliance with the law are running the risk of shareholder derivative suits.
As an example, within one week of a corporation’s disclosure of suspected FCPA violations requiring an internal investigation, over twenty-five separate shareholder suits were filed. For companies weighing the need for compliance, this is another risk to the company and its directors. The collateral consequences to companies from FCPA violations are multiplying and director liability is yet another twist.
The Sentencing Guidelines provide plenty of incentives for a company to put in place a meaningful and effective compliance program. Given the risks from FCPA and collateral civil liability, you would think that compliance would be even a higher priority.
Corporate governance in today’s aggressive FCPA enforcement, along with ramped up antitrust, OSHA, environmental, fraud and financial regulatory requirements, certainly puts a greater premium on compliance. Directors face more liability risks then ever before. Yet we do not hear that increased compliance is a being spearheaded throughout the economy by Directors — rather senior management appears to be more in command and control of compliance directives.
Corporate boards have to play a greater role or suffer liability. As I have noted in previous posts, companies should consider creating Compliance Committees which are responsible for overseeing a company’s compliance program, ensuring access to information and rapidly responding to compliance issues.