As a result of the September 11 events, the importance of effective emergency preparedness and management is now greater than ever and requires fresh attention by virtually every company. It is now obvious that literally any company is susceptible to catastrophic emergencies which can have huge consequences to the company and its employees, creditors, shareholders and other constituents. Directors and officers have the ultimate responsibility to prepare for and manage through such emergencies.
Although few if any direct D&O lawsuits have emerged from the September 11 events for a variety of reasons, directors and officers should take no comfort from that fact in evaluating what they should be doing now. The world, including the corporate world, has been clearly placed on notice with respect to the magnitude and potentially incapacitating nature of severe emergencies. With this notice, directors and officers now have a heightened obligation to anticipate and prepare for this level of unprecedented exposure. Absent comprehensive and effective planning, directors and officers may face severe legal, public and moral criticism if the unimaginable happens again. Although most large companies have had disaster plans in place for years, recent developments demonstrate the importance of updating those plans and developing a predictable, functioning and effective program for catastrophic emergency preparation and response.
From a D&O claims perspective, liability exposure in this context can potentially arise in suits by (i) employees and other persons who suffered bodily injury, personal injury, property damage or other injury or economic loss, (ii) creditors and other company constituents who incur damage as a result of the company's inability to pay debts or otherwise comply with its obligations, and (iii) shareholders who allege derivative claims on behalf of the company for losses incurred by the company or who allege securities claims for failure to disclose material information regarding the company's risk and level of preparedness. In any such litigation, potential allegations could focus on the extent to which the D&Os adopted adequate precautions, implemented effective response plans and appropriately reacted to actual or threatened incidents.
The following discussion summarizes some of the many areas which should be addressed by directors and officers in anticipation of an unexpected catastrophe in today's dramatically altered world. As is now obvious, nothing can fully prevent such events, but the consequences from such events can be significantly altered with appropriate preparedness. It is now the job of directors and officers to formulate and implement those plans of preparedness, not only in the coming months but also in the coming years even if terrorist acts and threats appear to subside.
A. Emergency Planning
The goal of any emergency plan is to expect and prepare for the unexpected. There is no universal plan that applies to all companies. Rather, each company must develop a plan that reflects the unique circumstances and risk exposures of that company. When developing or updating its comprehensive emergency plans, a company should approach the task with the same sense of urgency, importance and thoroughness as is given the most important issues within the company. Use of external consultants and other resources is recommended in order to assure that an appropriate perspective is realized and all necessary components of the plan are being addressed. A number of useful written resources are available to assist companies in this process. For example, the Federal Emergency Management Agency ("FEMA") of the U. S. Government publishes a useful Guide which sets forth a step-by-step approach to emergency planning, response and recovery for companies of all sizes. The Emergency Management Guide for Business & Industry, which was sponsored in part by a number of private companies and associations representing business and industry, can be downloaded from the FEMA website.
The following summarizes some of the more important elements of an emergency preparedness plan from a D&O prospective, particularly in light of recent events.
One of the first tasks for the team is to assess and triage the company's risk for various types of emergencies. Although this assessment should include any type of man-made or natural disaster or emergency, it is particularly important now to conduct a new risk assessment relating to a terrorist exposure. For example, companies with ties to the Middle East, companies in the transportation and utility industries, petrochemical companies, companies with offices in landmark buildings or government buildings, companies with distinctively "American" products, and businesses that provide services to a large number of people (e.g. hotels, tall office buildings, casinos, sports arenas, etc.) may be at greater risk today than previously thought.
The plan that is ultimately developed should be as comprehensive yet as functional as possible. Among other things, the plan should address specific procedures for different types of emergencies. The authorities and responsibilities of key personnel both in planning for and responding to emergencies should be clearly delineated. In addition, various ongoing education and training programs should be described and mandated. The plan should be viewed as an ever-evolving process which continuously sensitizes and informs all employees regarding the importance of security and appropriate emergency responses. To be most effective, the plan should ingrain in all employees certain basic lessons so that everyone can instantly function even in the face of chaos. This is particularly important for people with emergency responsibilities, who should be trained in setting priorities, coordination and communication in emergency situations. Frequent use of realistic disaster drills and other "hands on" training exercises can be invaluable.
2. Security. Companies should reevaluate their commitment to and policies regarding security at all levels of the company. For example, many companies are now devoting more resources for security personnel, thereby allowing for a larger, better trained and more professional security network for the company. In addition, companies should evaluate their policies regarding senior executives traveling together or assembling at risky locations. Also, companies should reexamine their data and information protection and security systems to assure that in the event of an emergency there is a very high likelihood that at least the company's mission critical functions and data will be protected through redundant systems, backup storage and other information technology security practices.
3. Employee Considerations. In light of the recent terrorist activities, companies are now faced with a variety of new challenges relating to employee safety and relations. For example, companies must seek to strike an appropriate balance between fully informing employees of all potential risks or threats, on the one hand, and avoiding needless panic or anxiety to employees, on the other hand. In addition, companies may have a higher legal standard for screening the backgrounds of job applicants and current workers in order to detect possible security risks, although making employment decisions on that basis without strong evidence demonstrating a true security risk may lead to charges of wrongful employment practices. Also, companies should be sensitive to the potential for increased workplace harassment against Arab-Americans and Muslims and may need to implement specific training or other workplace protections in light of those risks.
Companies received some relief in this area through recently-adopted antiterrorism federal legislature which grants to businesses and their directors and officers an immunity from liability for reporting suspicious or dangerous employee behavior to government authorities if such conduct may pose an immediate threat. It is unclear, though, how far companies can go under this immunity legislation in investigating and monitoring employee behavior.
All of these employment-related issues present new and difficult challenges to companies and their management. Unfortunately, there are no easy answers and in some instances companies and their management are placed in a classic catch-22 and may be criticized by someone regardless which decision they make. However, companies can increase the likelihood that their decisions are eventually supported by the courts if the companies can demonstrate that their decisions were thoughtful, consistent with the advice of experts, and were made in a good faith attempt to balance the legitimate competing interests of employees and the company.
4. Business Continuity. The most severe emergencies can threaten the ability of the company to function at any level. An effective emergency plan should include contingencies for a sudden change in the location of the company's nerve-center, alternative means to perform the company's mission critical functions, and senior management emergency succession.
From a corporate governance standpoint, this business continuity planning should include an examination of how the board of directors and senior officers will function in the midst of a severe emergency. Many states by statute allow companies to adopt bylaws which become operative during certain severe emergencies. Rarely used, these statutes were initially adopted in the 1950s during the height of the cold war and allow the corporate governance process to continue even in the face of extreme external conditions. Although most states statutorily allow some type of emergency bylaw provision, approximately 14 jurisdictions have no such provision, including California, Texas and Massachusetts. In those states, it is doubtful that the type of extraordinary authority granted by the statutes is available.
Section 110 of the Delaware General Corporation Law is a good example of the approach taken in many state statutes. Pursuant to Section 110, the board of directors of a Delaware corporation may adopt at anytime bylaws which become operative during certain severe emergencies, such as during an attack on the U.S. or a locality in which the company conducts its business or customarily holds directors or stockholders meetings, or during any nuclear or atomic disaster, or during the existence of any catastrophe or other similar emergency condition, provided that as a result of such emergency a quorum of the Board or a standing Committee thereof cannot readily be convened for action. The emergency bylaws can contain any provision that may be practical and necessary for the circumstances of the emergency, including provisions that (i) a meeting of the Board or Committee may be called by any officer or director, (ii) the quorum for a Board or Committee meeting may be as small as one director, and (iii) certain officers or other persons designated on a list approved by the Board before the emergency may be deemed directors during the emergency. Among other things, the statute also allows the Board to change the head office or designate several alternative head offices during the emergency, allows notice of a Board or a Committee meeting during the emergency to be given by any means feasible, and allows officers present at a Board or Committee meeting to be deemed directors to the extent required to constitute a quorum. In addition, the statute states that no officer, director or employee acting in accordance with any such emergency bylaws shall be liable except for willful misconduct.
Relatively few companies have adopted such emergency bylaws, presumably because the need for such extraordinary provisions seemed extremely remote. However, in light of recent experience, directors and officers should examine their legal ability to adopt such bylaws and the benefits which may be realized from having such provisions in place in the event of a catastrophic emergency.
B. Insurance Considerations
Recent developments also require companies to reexamine numerous aspects of their entire insurance program. As demonstrated by the September 11 events, a catastrophic emergency can potentially implicate virtually every insurance policy within a company's insurance program. All such policies should now be audited in light of current circumstances to assure that the policies provide the type and amount of protection desired given the nature and levels of exposure now conceivable. This comprehensive audit should focus not only upon the terms and amount of coverage, but also upon the financial security of the insurers providing the coverage. It is well-documented that a number of insurers and re-insurers are suffering unprecedented losses as a result of both September 11 and other recent extraordinary incidents. As a result, companies should more closely monitor the financial stability of their insurers and, to the extent known, those insurers' re-insurers. Several recent insurance company insolvencies show that the financial strength of an insurance company can change very quickly, and therefor a continual monitoring of each insurance company's rating is important. To reduce the adverse consequences from an insurer's insolvency, it may be advisable in some instances to restructure certain insurance programs by reducing the limit of liability purchased from any one insurer and constructing a tower of insurance coverage through use of numerous small policies, rather than a few large policies.
Another insurance consequence to the recent terrorism is the increased likelihood that insurers during their underwriting process will focus more on the existence and extent of a company's emergency preparedness, training, education and precautions. Those companies which can demonstrate a thorough, comprehensive and effective approach to managing risks from terrorism and other catastrophic emergencies will likely receive better underwriting treatment in today's market than companies which have devoted inadequate attention and resources to these concerns.
From the standpoint of directors and officers, the three standard insurance policies which should be particularly re-examined in light of recent events are the D&O Liability, General Liability and the Kidnap/Ransom insurance policies. Each are briefly discussed below.
In addition, Insureds should be careful if presented with a type of terrorist exclusion in the D&O Policy. To date, such an exclusion is not commonly used by D&O insurers and therefore Insureds should not accept such an exclusion unless they confirm that terrorism coverage is not available to them from other D&O insurers. If Insureds are forced to accept such an exclusion, care should be taken to avoid an exclusion which is broader than intended. For example, traditional workplace violence incidents or other types of common criminal wrongdoing should not be included within the exclusion if possible.
2. General Liability Insurance Policy. Claims against directors and officers by persons who suffer bodily injury or property damage in connection with a terrorist or other catastrophic event will be covered, if at all, under the company's General Liability Policy, rather than the D&O Liability Policy. Stated differently, when evaluating the insurance protection for directors and officers, one must analyze not only the D&O Insurance Policy but also the General Liability Insurance Policy.
In recent years, many protective features have been added to the D&O Insurance Policy in order to increase the scope of coverage afforded for directors and officers. However, many of those protective features have not been routinely added to the General Liability Insurance Policies, thus resulting in somewhat less coverage for bodily injury/property damage claims against directors and officers than for other types of claims against directors and officers.
The following summarizes various coverage features which are standard in many D&O Policies but which are frequently not included within General Liability Policies for the protection of directors and officers. Companies should analyze whether it is desirable and possible to include some or all of these provisions in their General Liability Policies as well, at least to the extent those Policies insure directors and officers.
- The deductible and some exclusions (e.g. pollution exclusion) could be deleted for non-indemnified claims against the directors and officers;
- Spousal liability coverage could be added;
- Severability of the Application and the exclusions could be added;
- The Insureds could be given the right to select defense counsel;
- A priority of payment provision could be added pursuant to which the directors and officers would have first priority to the Policy's proceeds in the event loss exceeds the Limit of Liability;
- Outside position coverage could be added;
- If the General Liability Policy affords claims-made coverage, a broad definition of "Claim" could be added which would include not only civil proceedings, but also criminal, administrative or regulatory proceedings and written demands;
- A provision could be added waives the applicability of the bankruptcy stay to the Policy and its proceeds in the event the company becomes bankrupt;
- Express coverage for punitive damages could be added, subject to a most favorable jurisdiction provision;
- The definition of Insureds could include the foreign equivalent of directors and officers.
In addition, in order to increase the likelihood that the directors and officers will be sufficiently protected for bodily injury/property damage claims, a separate limit applicable only to non-indemnified claims against directors and officers for bodily injury or property damage could be added to the General Liability insurance program. This separate limit could take the form of an excess DIC coverage for such claims against directors and officers, similar to a Side-A only excess DIC D&O Policy in D&O insurance programs. This type of excess coverage could afford extraordinarily broad insurance protection, subject to relatively few exclusions, for bodily injury/property damage claims against directors and officers who are not indemnified by the company, and could drop-down to afford such broad coverage in lower layers of the General Liability insurance program if such lower layers exclude such coverage.
C. Summary
The events of September 11 changed the world in innumerable ways. Among other things, those events changed to some extent the focus and responsibility of directors and officers and altered not only the condition and terms of coverage available from the insurance market, but also what insureds should be requesting for coverage. Like any type of monumental event, those companies that respond to this new and volatile environment with thorough, comprehensive and informed initiatives will likely weather these changes quite well. However, those directors and officers who do not give adequate attention and urgency to these new developments run an increased risk of incurring for themselves, their company and its constituents dreadful and perhaps avoidable financial, human and other loss.