How to cope with fiduciary responsibilities as a company’s financial situation falters

Shawn Riley, Managing Member, McDonald Hopkins

Serving as a director or officer on a board can be complicated, especially if the business is floundering.

Directors have certain duties to the company they are serving, but when the business is financially distressed, the beneficiaries of those duties switches to the creditors, according to Shawn Riley, the Managing Member of the Cleveland office of McDonald Hopkins LLC and co-chair of its Business Restructuring Services Department.

“In normal situations, those duties exist for the benefit of the owners,” says Riley. “However, when a business starts to experience financial distress, the obligations shift. Two questions arise: ‘When do they shift? And, how do they shift — in other words, who are beneficiaries of those duties?’”

Smart Business spoke with Riley about shifting fiduciary responsibilities and how recent court rulings are changing the rules of the game.

How are directors’ and officers’ fiduciary responsibilities defined?

The fiduciary responsibilities that directors and officers owe a business, particularly a distressed business, have been evolving. Recent court decisions suggest that the responsibilities are not as stringent as people thought they were just a few years ago.

Generally speaking, directors and officers owe their fiduciary duties to the company itself, for the benefit of the owners. To meet their fiduciary duties, directors and officers are required to fulfill two primary obligations — the duty of care and the duty of loyalty. The duty of care means they must be well informed and must reach well-reasoned decisions with respect to the company and its assets. The duty of loyalty requires that directors and officers act without conflict of interest, without benefiting themselves to the detriment of the business.

When do those duties shift?

When a company is in financial distress, case law has suggested that directors and officers have to ignore the interests of the owners and instead focus exclusively on the interests of the creditors. They must think about how to maximize the value of the business so as to pay creditors. That is a pretty significant adjustment in thinking, because directors and officers up to that point will have been running the business for the benefit of the owners.

So when, exactly, do those duties shift? Some argue that it is at the first sign of trouble. Others argue that it is only at the time of filing a bankruptcy proceeding. For others, it is the period when the business is insolvent, whether or not it is in bankruptcy. Until recently, the uncertainty over questions such as these has caused directors and officers to tread carefully.

The uncertainty in the law has diminished recently as courts over the past couple of years have introduced a dose of reason to the process. The courts have begun to suggest that the shift of duties does not occur as early as people were arguing, but rather when there is very clear evidence of insolvency, when the business simply cannot pay its debts. At that point, directors have to start thinking about the interests of creditors.

How do those duties shift?

While it seemed the rule was that directors had to completely ignore the interest of the owners, others argued that creditors’ interests and shareholders’ interest should be given equal weight.

Again, recent case law indicates that directors, even in an insolvency situation, should not ignore the interests of the owners but rather should make their primary concern the interest of creditors, at least until the point where they can demonstrate that the business is solvent again.

The continuing issue for directors and officers, however, is that this is usually judged after the fact, with the benefit of 20/20 hindsight. It is not as if, in the middle of its efforts to right itself, a business can call a timeout and ask a judge what it or its board should do. If the board is unsuccessful in turning the business around, its actions will likely be second-guessed by creditors.

Who can sue directors and officers for breach of fiduciary duties?

It is the company itself that is supposed to sue those directors and officers that it believes have breached their fiduciary duties. But it would be pretty remarkable if those directors who run the business authorize counsel to file suit against them.

Courts allow shareholders (and creditors) to assert derivative standing, in which a group of shareholders — or a creditors’ committee in a bankruptcy — sue on behalf of the company in a situation in which it would be futile to ask the company to sue. Anything that is recovered against the directors’ and officers’ insurance policies would then be distributed to the shareholders or creditors. However, the courts have started to impose tighter restrictions on the circumstances under which a creditors committee in a bankruptcy can file derivative actions. In a recent case involving a limited liability company in Delaware, the court ruled that only owners or members of the LLC could sue derivatively, meaning that creditors are not authorized to pursue directors and officers. Even if creditors could demonstrate that directors and officers clearly did something wrong that resulted in damage to creditor interests, they have no standing to pursue claims.

This may reflect a recognition that perhaps the pendulum had swung too far in one direction, authorizing aggressive lawsuits by creditors against directors and officers for marginal claims under otherwise reasonable decision points for directors. The pendulum is swinging back and the courts are limiting not only the time period claims can cover, but also the types of claims and who can file them.

This ruling may make people more willing to serve on boards, as they can join a board less worried about the potential for being sued. It should also reduce the cost of directors’ and officers’ insurance.

Shawn Riley is the Managing Member of the Cleveland office of McDonald Hopkins LLC and co-chair of its Business Restructuring Services Department. Reach him at (216) 348-5773 or [email protected]

Howard Wander resolves problems at Kelley Kronenberg

Howard Wander, managing partner, Kelley Kronenberg

Howard Wander, managing partner, Kelley Kronenberg

Howard Wander likes to joke about his wife’s claim that he makes at least one wrong move every single day. He doesn’t question her opinion, and in fact, he is comfortable adding that his partners on the management committee at Fort Lauderdale-based Kelley Kronenberg feel the same way about him.

“I think that’s a sign of strength to be able to say that you’re wrong and admit that you’re wrong,” says Wander, one of the managing partners at the 140-employee law firm. “That’s a key essential to leadership. Nobody is right all the time.”

But it takes more than humility to succeed in today’s business world. Wander credits his ability to work with his management team and work through their collective mistakes for the firm’s growth over the years from two offices and seven lawyers to eight offices and more than 50 lawyers.

“Part of it is questioning each other,” Wander says. “We are all different, and we come from different backgrounds, and we approach things differently. But we have a shared vision of our future. Sometimes we think it’s a different road to get where we want to be and we don’t always agree on that, but we have that shared vision of what we want to obtain.”

The key to coming up with a good model, where you sometimes agree and sometimes disagree, but you ultimately get to the same place, is constant communication.

An ounce of prevention

You take typical safety precautions with your business, from locking the doors at night to trademarking your brand. Craig S. Horbus, Esq. attorney at Witschey, Witschey & Firestine Co. LPA, wonders why you aren’t doing the same to protect yourself online.

“For a company to have a successful online presence, they really have to start thinking about protecting their online reputation as much as they protect their real-world reputation,” says Horbus, who specializes in e-business law.

One of the first steps toward online respect is a privacy policy, a contractual agreement between you and your users that protects you from liability, governance and business data management standpoints online.

“Having a properly drafted privacy policy can help enhance your online reputation as it lets the world know that you are a serious player in the online world,” Horbus says. “It gives the company some street credibility in the online marketplace.”

Because it’s a binding legal contract, drafting one without a law license is asking for trouble. Seek expert advice from an attorney.

“The problem I see is these companies try to wing it themselves,” he says. “It’s not created with any legal significance, review or guidance as it pertains to that company’s specific needs.”

Horbus starts with a Web site audit that assesses the overall look and feel of the site as well as target audience, purpose and content. He also looks behind the scenes, considering whether you use data-tracking tools like cookies and Google Analytics and what happens to data after it’s collected.

“It requires a broad understanding of the information that’s being used, the analytics to get that information and the technology that’s supporting that information and that Web site,” he says. “Those are all very objective things that can play on what needs to or needs not to be in a privacy policy.”

For example, you need to disclose Google Analytics because it collects information about your users’ traffic patterns. Your users should also know whether their data gets buried in a basement server or gets printed out for your daily review.

Online security also echoes how you protect your real-world image.

Hear the whistle blow

Last year was the year of the whistle-blower. If Time Magazine naming former Enron, FBI and WorldCom employees as the “Person of the Year” wasn’t enough, Congress has made its feelings about corporate misdeeds clear with the recent passing of the Sarbanes-Oxley Act.

“Most states have some sort of whistle-blower protection, but you have to jump through a lot of hoops,” says Leonard D. Young, of counsel at Ulmer & Berne and former general counsel of Ferro Corp. “But before Sarbanes-Oxley, there was no federal statute specifically related to public companies and fraud against shareholders.”

The whistle-blower provision of Sarbanes-Oxley requires that public companies establish procedures for employees to disclose “the confidential, anonymous submission … of concerns regarding questionable accounting or auditing matters.”

In addition to sweeping reforms regarding employee protection, Sarbanes-Oxley outlines significant civil and criminal penalties regarding retaliation against whistle-blowing employees.

The new whistle-blower provisions are consistent with other Sarbanes provisions that hold individual executives liable for their actions.

“What is interesting about Sarbanes-Oxley is it does something that other federal statutes, like that of sexual harassment, do — it specifically permits a lawsuit or a private right of action against supervisors.”

An employee has 90 days to file a complaint. However, if the Department of Labor does not resolve the matter within 180 days, the employee can sue in federal court.

In addition, once the suit goes to court, the burden of proof falls on the employer, who must prove by “clear and convincing evidence” that any action taken against the employee is irrespective of that employee’s “protected” action.

The stakes are high for the employer, says Young.

“(Employees can sue for) reinstatement, back pay, interest and compensatory damages and the big one — litigation costs.”

As with many issues that begin with public companies, closely held and private businesses should be careful when drafting new policy. Young suggests businesses take a good look at existing ethics policies and guidelines, then, “train, train, train … this is not something that you can put in the employee book and forget about it.”

Young adds that smaller companies are better off in state court than in federal court.

“If they are not a listed company and Sarbanes doesn’t apply to them, then the company should stay with the state statute, which is a little more business friendly.” How to reach:Ulmer & Berne;

Collection notice

Privacy is one of the hottest Internet issues.

As companies collect more data on Web site visitors to hone their marketing messages, target products and launch promotions, visitors are starting to object to how that information is being used and in some cases, sold.

“There are no uniform rules of conduct for businesses,” says Mark Terzola, an associate partner at the law firm of Roetzel & Andress. “There is a sort of piecemeal regulatory scheme that is principally federal in nature and enforced by the FTC, but there are no one-size-fits-all answers.”

The problems occur because of the nature of doing business over the Internet. There are 50 states, each with its own privacy laws, plus federal regulations for some sectors. And if you are doing business overseas, the laws of the European Union or each individual country may also apply.

So how do you protect yourself in this evolving legal environment? Be conservative, and be honest.

* Protect the information you collect.

Make sure your database is protected from hackers and others who might benefit from information you have collected about your Web visitors.

* Tell users what you plan to do with the information.

“Opt for full disclosure rather than something less than that,” says Terzola. “Where companies have gotten in trouble is when they don’t do exactly what they told the user they were going to do. Don’t dance around the issues. If you are going to sell the information to a third party, then tell them that.”

* Allow users to see what information you have.

There should be a way for users to see the information you have so they can see what has been collected and check for accuracy.

* Make users opt in.

“Give the consumer a meaningful choice as to what happens with his or her information,” says Terzola. “Give them an opt-in or opt-out decision. Make them elect to allow you to use their information.”

Outline all your policies and procedures in a privacy policy posted on your home page. For an extra level of protection, make users agree to the terms before providing them access to your pages.

“Having a privacy policy is a good thing,” says Terzola. “Take it seriously, because this area is becoming more heavily regulated.” How to reach: Roetzel & Andress, (216) 623-0150

The regulated few

Not every business is left to determine its own actions in cyberspace.

There are specific federal regulations that cover Web sites collecting information from children; financial institutions; and businesses that deal with personal health information.

* Children’s Online Privacy Protection Act (COPPA). This applies to the online collection of personal information from children under age 13. The law spells out what a Web site operator must include in a privacy policy, when and how to seek verifiable consent from a parent and what responsibilities an operator has to protect children’s privacy and safety online.

* Gramm-Leach-Bliley Act. Any financial institution that provides financial products or services to consumers must comply with the privacy provisions of the act and the privacy rule. It primarily applies to providers of financial products or services to individuals, not businesses, to be used primarily for their personal, family or household purposes.

* Health Insurance Portability and Accountability Act. This act sets standards health care organizations must follow to protect personal health information that is transmitted electronically.