Risk Management

Serenity Now!

Board members worried about compliance-related lawsuits may want to revisit their D&O policies.
Anne StuartMarch 15, 2006

You could see this one coming.

On May 3, 2005, management at Cray Inc. notified the Securities and Exchange Commission that it had uncovered material deficiencies in eight of its internal controls over key financial systems. In the disclosure (an amendment to the company’s 10-K), Cray also indicated that the business’s external auditor, Deloitte & Touche LLP, had concluded that many of the supercomputer maker’s internal controls demonstrated a “material weakness.”

Predictably, when word about the problems got out, the company’s share price took a nosedive, dropping nearly 30 percent. Even less surprising: about two months later, directors and officers at Cray were socked with a class-action lawsuit filed by disgruntled shareholders. Among several charges, the suit alleges that Cray’s audit committee violated sections of the Sarbanes-Oxley Act. The litigants claim that directors knew about the problem with the company’s internal controls but did not report it. For its part, Cray’s management denies any wrongdoing.

As of press time, the lawsuit had not been settled. But the imbroglio at the Seattle-based company is just another example of the perils of board duty in a post-Enron world. Indeed, the various provisions of Sarbox afford class-action lawyers a veritable smorgasbord of actionable material. So far, most of the Sarbox-related suits — such as those filed against WatchGuard Technologies Inc., The Tribune Co., and Countrywide Financial — have centered on directors’ and officers’ assessment of internal controls, as mandated by Section 404 of the law.

But other sections, such as 204 (auditor reports to audit committees) and 302 (corporate responsibility for financial reports), could also leave directors open to investor lawsuits. And these days, a shareholder suit is no small matter. Cornerstone Research estimates the median settlement value of securities class-action cases topped $7.5 million last year, up from an average of $6.3 million in the previous post-Sarbox years. That’s the single largest increase in median settlement Cornerstone has ever recorded.

Numbers like that no doubt explain why so many board members have been scrambling for copies of their directors’ and officers’ insurance policies. The Tillinghast business of Towers Perrin reports that half of all public and private companies received inquiries about D&O policies from their board members last year. Betsy Atkins, who sits on several boards, including Reynolds American Inc., the parent company of RJ Reynolds, has witnessed this trend firsthand. Atkins says directors used to delegate responsibility for insurance to the general counsel or company CFO. No longer. Notes Atkins: “Directors are understanding that they’d better read and understand the D&O policies.”

Those doing the reading may not like what they find. Currently, no major insurance carrier markets compliance-specific insurance products. What’s more, despite directors’ newfound compliance burdens — aka, liabilities — carriers do not appear to be grafting compliance-related riders onto existing policies. Notes William Passannante, co-chair of the insurance-coverage practice at Anderson Kill & Olick LLC in New York: “There’s nothing that says, ‘If you violate such-and-such provision of Sarbanes-Oxley through a negligent act, there’s coverage — or an exclusion of coverage — under this policy.’”

Danger, Will Robinson

A glaring oversight? Perhaps not. Experts say coverage for noncompliance with Sarbox or other regulatory mandates may fall within the catchall indemnity provided by standard D&O insurance products. Generally, the policies cover “errors, acts, and omissions that [directors and officers] make or perform in carrying out their responsibilities,” says Fred Podolsky, an executive vice president with Richmond, Virginia-based insurance brokerage Hilb Rogal and Hobbs Co. (HRH). If the insured officer or director’s responsibilities include compliance oversight, a typical D&O policy probably would not exclude claims related to that function, Podolsky insists.

But there are dangers here. For starters, some carriers have begun adding “defense allocation” provisions into D&O policies. Those provisions allow an insurance company to pay only a portion of legal defense costs when a litigant alleges both covered and noncovered claims. Thus, directors end up using their own money to pay a substantial slice of their legal bills in court cases.

Moreover, some D&O policies might actually exclude compliance coverage. Says Susanne Murray, an HRH executive vice president: “The question of whether compliance-related claims are covered under a D&O policy is ultimately one of looking at the exclusion section.”

Even if a broker indicates that compliance-related suits are not excluded, problems can still crop up. Like most other kinds of insurance, D&O policies define precisely which types of claims will be covered. And some of those likely to come up in compliance cases typically don’t make the cut. For instance, Podolsky says if a compliance violation leads to a fine and a penalty from a regulator — and the policy does not pay for fines — such fines or penalties would not be covered.

That’s worrisome stuff, particularly considering the jumbo penalties being handed out by the SEC of late. In addition, most companies purchase D&O policies annually. Thus, suits involving company activity from, say, 2002, might not necessarily be covered by the policy in force in 2006. “The issue [of what is covered] is confusing for directors,” says Robert MacDonald, who sits on the audit committees of Allianz Life Insurance Co. of North America and Buffalo Wild Wings Inc. “You rely on the counsel of the company to review the policy and make sure you’re provided with adequate coverage.”

Regrets Only

That can create problems, however. Deciding whom to cover — and for how much — has become something of a balancing act for CFOs who are often charged with the task of purchasing D&O insurance. Told by management to buy adequate coverage, they may also receive marching orders to keep premiums down.

The instruction is understandable. Although rates have tailed off of late, annual D&O insurance premiums rose sharply following the corporate scandals of 2001 and 2002. Even with the recent decline, policies for board members of publicly traded companies currently run about $20,000 to $30,000 per million dollars of coverage, according to some brokers. Companies in high-risk industries — such as utilities and financial services — can expect to pay as much as $60,000 per million dollars.

In fact, in a 2005 survey by law firm Foley & Lardner LLP, executives at 147 corporations ranked D&O coverage the third-highest cost of being a public company in the Sarbox era. That was topped only by lost productivity and audit fees.

Hardest hit, the survey found, were companies with annual revenues above $1 billion. Those businesses spent an average of $3.1 million for D&O insurance in fiscal 2004, a sizable increase over the average $2.2 million expenditure in fiscal 2003.

Smaller companies, on the other hand, paid an average of $407,000 for D&O coverage in fiscal 2004. While that represents a drop from the previous year’s expenditures, insurance costs for those businesses were still up 24 percent from the pre-Sarbox era. That’s an impressive outlay for what is essentially a discretionary purchase. “No one has to buy it,” notes Murray.

But given the size of some recent settlements — along with the added compliance risks wrought by Sarbox — businesses would be hard-pressed to attract suitable board members without D&O protection. Korn/Ferry International, a New York–based recruitment firm, found that close to 30 percent of the nearly 1,000 respondents to its most recent annual directors’ survey reported turning down board invitations.

The reason? They fear increased personal liability. In pre-Sarbox days, only 13 percent said they declined board seats because of liability worries. In a published report last year, Korn/Ferry managing director Charles H. King said: “More people are saying the reward is not worth the risk.”


The risk has become so great, in fact, that Atkins says some directors have resorted to paying out of pocket for their own insurance. But purchasing additional coverage can get pricey, particularly for directors who sit on the boards of several companies. Businesses that require officers to serve on other boards sometimes amend their D&O policies to cover the directors for their additional duties. In such cases, however, an insurer will need to “underwrite” all the other companies before agreeing to extend the D&O policy.

In truth, it’s not entirely clear whether board members can ever have enough D&O insurance — even if they’ve bought added coverage themselves. In a worst-case scenario, directors might find themselves facing a massive settlement or court award that far exceeds the limits of their coverage. And, as with the Enron and WorldCom cases, a director’s personal assets may be included in a settlement. “You are really standing there naked,” says Atkins of cases filed against directors of insolvent companies. “It’s your personal bank account and life savings that are at risk.”

Directors who sit on the boards of financially stable companies may find themselves in a similar predicament. Anderson Kill’s Passannante points out that insurance companies facing major payouts are increasingly looking for ways to get out from under the claims. In some instances, he says, carriers are asking courts to rescind the policies — that is, void them so the carriers don’t have to pony up. Notes the attorney: “In the last three or four years, that’s been happening with disturbing frequency — especially in D&O.”

Comforting. Very comforting.

Anne Stuart is a Boston-based journalist who covers business, career, and technology issues.

Oh, the Indemnities
Average total D&O premiums for U.S. businesses, by sector
Banking $781,525
Biotechnology and Pharmaceuticals 262,989
Durable Goods 699,517
Education 102,232
Governmental and Other Nonprofit 12,602
Health Services 533,224
Merchandising 579,551
Nonbanking Financial Services 262,224
Nondurable Goods 427,614
Petroleum, Mining, and Agriculture 682,759
Real Estate and Construction 194,715
Personal and Business Services 149,919
Technology 200,939
Transportation and Communications 362,139
Utilities 2,161,147
All Size Groups $257,223
Source: D&O Liability 2005 Survey on Claims and Insurance Purchasing Trends, Tillinghast/Towers Perrin, January 2006