Imagine this scenario: Company B is a wholly-owned subsidiary of Company A. Company A spins off Company B, but retains a third of the stock after a public offering. Company A is named as a defendant in a subsequent securities fraud lawsuit stemming from fraud that occurred in Company B after the spin off. The plaintiffs have alleged that Company A is a "control person" of Company B under the securities laws. Is Company A liable for damages, and if so, how much should it pay relative to Company B?
Laperriere v. Vesta Insurance Group, Inc.
The answer to whether Company A is liable was the subject of a recent U.S. Court of Appeals decision in Laperriere v. Vesta Insurance Group, Inc., 526 F.3d 715 (11thCir. 2008) (" Laperriere").In an issue of first impression, on April 30, 2008, the Eleventh Circuit held that a provision of the Private Securities Litigation Reform Act (PSLRA) providing for proportionate liability, amore defendant-friendly liability scheme, did not replace the longstanding joint and several liability rubric set forth by Section 20(a) of the Securities Exchange Act of 1934.
Because control person liability makes parties other than the primary violator liable under the federal securities laws, the affirmation that control person liability is alive and well is unhappy news for directors, who are often named as control person defendants. To minimize the risk of liability, directors should act in good faith and not induce (even indirectly) the primary violator's illegal actions. Directors can take steps, as described below, to ensure that those individuals or entities whom they could be said to control do not violate the securities laws.
The State of the Law Pre- Laperriere
Returning to the hypothetical, prior to the Laperriere decision there were two potential statutes under which one could determine the extent of Company A's damages, assuming it was found to have violated the control person liability provisions of the federal securities laws: Section 20(a), enacted decades prior to the PSLRA, and Section 21(D)(f), enacted as part of the PSLRA.
Section 20(a) of the Securities Exchange Act of 1934
Section 20(a) of the Securities Exchange Act of 1934 states that anyone who directly or indirectly controls any person liable for certain securities law violations shall be liable jointly and severally and to the same extent as the controlled person, unless the controlling person acted in good faith and did not directly or indirectly induce the act constituting the violation.To be liable jointly and severally means that a plaintiff may recover all damages owed it from any of the defendants regardless of their individual share of the liability.
Congress enacted this law after the stock market crash of 1929 to prevent individuals from using "straw" parties to commit acts in violation of the securities laws. In other words, one could no longer escape liability simply by directing another to commit illegal acts on one's own behalf.
What Is Meant by "Control"
Congress purposely did not define the word "control," and courts construe the word differently.For example, one court has required the controlling person to be a "culpable participant." See Rochez Bros., Inc. v. Rhoades, 527 F.2d 880 (3d Cir.1975). Another has said that the defendant must instead have both the power to control the general affairs of the primary violator and control the specific corporate policy that resulted in the violation. See Brown v. Enstar Group, Inc., 84 F.3d 393, 396 (11th Cir. 1996).
Using virtually any of these definitions of control, a control person can include three situations relevant for purposes of this article. Assuming the controlled person is a company committing the primary violation of the securities laws, the controlling person can be: (1) a former parent of the controlled person that has been spun off and is now a major shareholder of the controlled person (as in Laperriere); (2) a major shareholder (other than the former parent company) of the controlled person; and (3) a director of either (1) or (2).
As to the extent of liability, Section 20(a) states that not only are control persons liable to the same extent as controlled persons, but they are "jointly and severally" liable. This means that a plaintiff may recover all damages owed it from any of the defendants regardless of their individual share of the liability.
In the hypothetical, using Section 20(a) to determine liability, if Company A is deemed a control person, then it is liable to the same extent as Company B, and the plaintiff is able to collect the entire award from either Company A or Company B. Section 20(a) creates two or more liable parties, any of whom can be required to pay damages, where there may have only been one.
The PLSRA and Section 21(D)(f) of the Securities Exchange Act of 1934
Congress enacted the PSLRA in 1995 to temper what it viewed as an overly plaintiff-friendly legal environment.The liability scheme prior to passage of the PSLRA was joint and several liability, which can produce a harsh result, as explained earlier, in that a defendant found responsible for only one percent of the harm can be required to pay 100 percent of the damages. The PSLRA sought to remedy this perceived injustice by enacting the more defendant-friendly proportionate liability scheme of Section 21(D)(f) of the Securities Exchange Act of 1934.
Section 21(D)(f) changed the rules for allocating damages among the parties once liability has been established by the fact finder. Under Section 21(D)(f), a controlling person is jointly and severally liable for the entirety of plaintiffs' damages only if it knowingly (i.e., with actual knowledge) commits a violation of the securities laws.Defendants whose violations were not carried out "knowingly" are subject to proportionate liability, which means they may be required to pay only the portion of the judgment that corresponds to the percentage of responsibility attributed to them. Thus, a defendant found liable for one percent of the harm would be required to pay only one percent of the damages, a more palatable result than joint and several liability.
In the hypothetical, using Section 21(D)(f) to determine liability, the fact finder would first determine whether Company B, the controlled person, violated the securities laws. Then the fact finder would assign a percentage of responsibility to Company B and any other persons who contributed to the plaintiff's loss. Next, the fact finder would determine whether Company B "knowingly" violated the securities laws. If it finds that Company B violated the securities laws, then Company B is liable jointly and severally, meaning the plaintiff can recover the full judgment from Company B. ( Laperriere, 526 F.3d at 720.)
The Laperriere Decision
The enactment of Section 21(D)(f) posed the following question: Which statute is used to determine the damages a control person must pay if it is found liable under Section 20(a)? Is it Section 20(a), which means that Company A is jointly and severally liable for the damages, or is it Section 21(D)(f) of the PSLRA, under which the plaintiff can only collect damages from Company A that reflect its proportionate share of the damages?
The Eleventh Circuit, in essence, held that both statutes should be used, and that proportionate liability does not replace the longstanding joint and several liability rubric set forth by Section 20(a). Put simply, the court held that Section 20(a) answers the question of whether Company A is liable, and Section 21(D)(f) answers the question of how much Company A is liable for. The first step of the analysis is under Section 20(a):
If Company B is liable as a primary violator of the federal securities laws, and Company A is liable as a control person under Section 20(a), then the fact finder must determine if Company A's violation of Section 20(a) was or was not "knowing." However, the court did not address the issue of how a control person "knowingly" violates Section 20(a), especially since scienter, meaning intent or knowledge of wrongdoing, is not a part of a Section 20(a) violation.
Impact of Laperriere
This was an important decision for directors, who are often named as control persons in class action securities cases based on, among others, Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5. In holding that the Section 20(a) control person liability survives the PSLRA, the court affirmed that control persons such as directors and companies that control subsidiaries can be liable for the actions of, and to the same extent as, the primary violator. Furthermore, depending on whether the control person knowingly violated the securities laws, it can be forced to pay 100 percent of the judgment.
In a worst-case scenario for directors, Laperriere could stand for the proposition that a director of a company that is a major shareholder of a primary violator, who meets the criteria for a control person, and who acted knowingly in violating Section 20(a), could be personally liable for 100 percent of the damages, even if found liable for only one percent of the harm.
How Directors Can Reduce the Impact of Laperriere
Following Laperriere, the potential increase in damages that liable control persons, including directors of companies that are major shareholders in the primary violator, may have to pay puts increased pressure on directors to minimize the risk of liability. Since the court held that Section 20(a) should be used to analyze control person liability, and Section 21(D)(f) used for damages allocation, then control persons should attempt to limit liability under the former, and limit the amount of damages they may be required to pay under the latter.
The way to limit the amount of damages required to be paid by a control person once liability has been established is to argue that the control person did not knowingly commit a securities law violation. Again, the Laperriere court did not address what it would mean for a control person to knowingly commit a violation. Suffice it to say that a control person having actual knowledge of a securities law violation risks joint and several liability.
Good Faith Defense
To avoid liability under Section 20(a), directors should be able to rely on the "good faith" defense. Good faith means due care in enforcing a reasonable and proper system of supervision and internal controls. This means that the director or control person cannot induce, even indirectly, the acts of the controlled person that constitute the violation. See In re WorldCom, Inc. Sec. Litig., 02 Civ.3288, 2005 WL 638268 (S.D.N.Y. Mar. 21, 2005) and Ingenito v. Bermec Corp., 441 F. Supp. 525, 533 (S.D.N.Y.1977) "[T]he inquiry centers on whether adequate mechanisms were established to discover and prevent the alleged fraud...If the perpetration of fraud went unnoticed because of willful or reckless disregard, the good faith defense is unavailable."
According to Loftus C. Carson, II, in The Liability of Controlling Persons Under the Federal Securities Acts, (Notre Dame Law Review, 1997), to satisfy this standard, a board of directors might instruct its legal counsel to design and implement a compliance or audit program to monitor its operations in areas where the potential for securities law violations exist, and to ensure that its subsidiaries do the same. A failure to do so when the director has knowledge of a violation or a potential violation would likely prevent invocation of the good faith defense.
As an illustration, the following are situations in which courts have held that a director could not rely on the good faith defense:
Where an officer/director control person signed financial statements "in the face of potentially alarming information" about the company's financial state, the court held that the director could not use the good faith defense. Evidence showed that the director knew of several weaknesses in the company's controls, including a report that showed there was "lack of vertical accountability amongst staff" and "no internal audits." Furthermore, the company's outside auditor issued a report which, although it did not conclude that the company's financial statements were generated on the basis of faulty accounting practices, did find irregularities in customer credits. It also found that sales projections were overly optimistic, and that there was no appropriate system for dealing with obsolete inventory and reserves. See Howard v. Everex Systems, Inc., 228 F.3d 1057, 1063-67 (9th Cir. 2000).
Where an outside director signed a Form 10-K that contained false information concerning sales revenues, the good faith defense did not apply, given evidence that, among other things, the director: (1) never reviewed the audited financial statements and never met or conferred with the company's auditors; (2) expressed concerns regarding the company's chief financial officer, and recommended that he be replaced "with a qualified C.F.O."; and (3) knew that the company had continuing problems with its accounting firms and had changed auditors several times. The court held that the director did not act in good faith, given that he was on notice concerning problems with the company's SEC compliance and its accounting department and auditors, and he did not undertake any investigation or analysis of these issues. See Stat-Tech Liquidating Trust v. Fenster, 981 F. Supp. 1325, 1341-43 (D. Colo. 1997).
Where the director's only evidence of good faith was that he: (1) had confidence in the company's existing management and prospects; and (2) was unaware of fraud and was motivated to act in the long-term interests of the company, as evidenced by the fact that he continuously held stock in the company. As a result, the good faith defense failed. See In re WorldCom, Inc. Sec. Litig., 02 Civ. 3288, 2005 WL 638268, at *15 (S.D.N.Y. Mar. 21, 2005).
Directors cannot be expected to monitor every aspect of the corporation's business, and a securities violation committed by an employee or subsidiary that the director or its company controls may be purposely concealed from the director. However, there are steps directors can take in their own companies to develop a good faith defense in the event that they or the company are named as a control person defendant. Parent companies should be able to show a good faith effort to ensure that adequate controls are implemented at the subsidiary level, and to immediately address any potential securities law violations.
In relying on the good faith defense, directors should be able to show that they attended relevant meetings, thoroughly reviewed documents, and asked the right questions to satisfy themselves that a transaction or financial statement is not in violation of the securities laws. A director should rely on documents prepared by management only to the extent that such reliance is reasonable.In anticipation of presenting a good faith defense, a director would do well to preserve any proof that he questioned and addressed any red flags immediately, and to ensure that there is comprehensive documentation of the implementation and maintenance of internal controls. To limit their own liability and resulting monetary damages, directors of parent corporations should ensure that directors of subsidiary companies follow these same guidelines.