Directors and officers liability: How to establish policies, procedures that will protect your company

While it is obvious that directors and officers shouldn’t steal from their company or commit other criminal acts, running a business can be very complex and it’s a good idea to set clear policies and procedures for what should and shouldn’t be done, says Nicole S. Healy, a partner with Ropers, Majeski, Kohn & Bentley PC.

“For public companies, there are rules like those in the Sarbanes-Oxley Act that require certain controls and seek to enhance the directors’ oversight. However, in addition to complying with legal and regulatory requirements, any time there is a significant scandal, lawsuit or regulatory change, companies often react by enhancing their policies and procedures,” Healy says.

Smart Business spoke with Healy about the duties of directors and officers and what companies should do to ensure those responsibilities are clearly established.

What is directors and officers liability?

Directors and officers have fiduciary obligations that are typically defined by state law. As a general rule there are two primary fiduciary duties — the duty of care and the duty of loyalty. Violations of those duties may create liability.

The duty of care requires that, before making a decision on behalf of the company, directors inform themselves of all material information that would affect that decision. The duty of loyalty requires directors to avoid conflicts of interest between themselves and the company. Typically, those involve financial conflicts — usually a transaction in which a director stands to benefit personally.

What policies and procedures should be set for directors?

Most companies, regardless of size, should have a code of conduct. A code of conduct explains the company’s mission statement and values, as well as policies and procedures governing how the company is run. It’s also a good place to address how people can report their concerns, whether to management or the legal or compliance departments.

In general, there’s been an evolution in corporate governance, from a very generic follow the law approach to providing employees with rules and guidelines that are much more detailed.

However, even if a company does not adopt a formal code of conduct, every company is well served by putting its principles in writing, which may include aspirational goals like providing excellent customer service, as well as requiring everyone acting for the company to comply with applicable laws and regulations.

If there is an internal investigation, when is outside assistance needed?

If credible allegations of wrongdoing come to light, companies need to investigate; whether they do that internally or bring in outside assistance is a function of a number of factors.

Those factors include things like the company’s resources and the sensitivity of the issue. If the allegation is that the CEO and the board of directors are complicit in wrongdoing, it may not be possible or appropriate to investigate internally and the company may need to bring in outsiders. What you can’t do is see a red flag and ignore it; that’s when companies get into trouble.

What are key steps to take to avoid liability issues?

It’s not enough to just set policies, procedures and controls — you have to evaluate and test them. For example, if you have a workforce overseas and your materials haven’t been translated into the local language, they aren’t going to be helpful to employees. It’s the job of directors and officers to ensure that policies, procedures and controls are in place and are effective. Larger companies may have compliance departments, but every company should assign someone to be in charge of compliance.

Particularly with startup companies, so much attention is focused on getting the business running. But the sooner you have a good compliance structure in place, the better off you are. Then the structure needs to grow and change as the company grows.

Finally, directors and officers should reach out to experts for assistance. Experienced counsel can give you tremendous guidance regarding compliance, and help companies to develop appropriate corporate governance policies and procedures.

Nicole S. Healy is a partner at Ropers, Majeski, Kohn & Bentley PC. Reach her at (650) 780-1733 or [email protected].

Insights Legal Affairs is brought to you by Ropers Majeski Kohn & Bentley PC