August 17th, 2011 Alex Jurshevski
Between the FCPA, UK Bribery Act and the CFPOA there are many new cases in the bribery landscape. However, there is a very recent case involving a multinational insurance brokerage. This case is not categorized as a direct bribery issue, but rather a failure to prevent bribery. The Financial Services Authority (FSA) announced last week, here, that it fined Willis Limited 6.9 million pounds for failings in its anti-bribery and corruption systems and controls which created an unacceptable risk that payments by Willis Limited to overseas third parties could be used for corrupt purposes.
This case changes the game before most people have even started to learn the rules. It is still very common for corporate leaders to respond to news of bribery enforcement by saying everyone is doing it and that is just how we do business in (insert industry)(insert city). Most internal and third party professionals will be quick to point out that such realities are not an acceptable defence to regulatory enforcement. However, those defences are still being attempted, and the result is industry based systemic risk as regulators then say ok, where else and who else and start flipping over rocks in other regions or at industry competitors. Therefore, don’t be surprised to see similar settlements in insurance brokerage industry.
The rules of the game are that directors and senior management need to turn their minds to controls and procedures to prevent this (recently) unacceptable behaviour. In the Willis case, it seems that the organization, unlike many other organizations, did in fact create and implement appropriate anti-bribery and corruption systems and controls, but the FSA has suggested with this fine that the existence of controls is not enough and they are required to ensure that those systems and controls are adequately implemented and monitored, at the grassroots level.
The time period of the payments in question was January 2005 to December 2009, which means that there is a long tail of liability involved with FSA bribery enforcement actions and therefore organizations and their governing minds had better respond quickly to create and/or increase their controls and control enforcement and monitoring.
The Willis case, and the recent Canadian CFPOA case against Niko Resources, here, might suggest that international bribery enforcement is not a game, because the value of the fines are many multiples of the alleged inappropriate payments in question (at least those values that were disclosed.) In the Niko case the payments in question were less than C$200,000, but the fine was C$9.6 million (the actual value of Niko’s business dealings in high risk jurisdictions were not disclosed.) In the Willis case, the total value of transactions over the five year period was 27 million pounds, with the suspicions payments totalling $227,000, and the fine being 6.895 million pounds (after a 30% discount for cooperation and early settlement.)
Here is the loss control opportunity presented by this case to directors, officers, management and employees of corporations doing business overseas :
- Identify all payments to foreign third parties (especially in high risk jurisdictions). The Niko case involved Bangladesh, the Willis case involved Egypt and Russia),
- Establish and record the commercial rationale for all payments to foreign third parties. This needs to be done to the minute degree of demonstrating in each case why it was necessary to use an Overseas Third Party (OTP) to win business and what services (the company) would receive from that OTP in return for a share of its commission,
- Understand that foreign official is a much broader group than you might think (other bribery cases have set the precedent that doctors and other medical staff in most countries are considered foreign officials, World Bank and IMF staff are foreign officials),
- Realize other enforcement examples are not just a learning opportunity but an obligation; the acting director of enforcement and financial crime in the Willis case specifically said this case was particularly disappointing as we have repeatedly communicated with the industry on this issue,
- Provide formal training to staff to recognize an affected payment and to record in detail (more than a brief description) the reasons and resulting services surrounding the payment. This is the only way to demonstrate adequate monitoring and effectiveness of anti-bribery systems and controls,
- Ensure adequate due diligence on OTP to assess how the OTP is connected to the organization’s client, the foreign official and any other involved third party,
- Recognize that you are responsible for indirect bribery or alleged bribery of a foreign official, not just for direct bribery. This means you are responsible for the actions of any Third Party that could be in a position of making improper payments to help your organization win or retain business from overseas clients or prospective clients,
- Ensure that this due diligence is applied to each and every time a payment is made to a Third Party, not just the inception of business with that Third Party.
There is a very strong argument that the Willis case is not a bribery case, it is a books and records case, but FSA does not seem to care about the distinction. The case has been lumped in with the recent UK Bribery Act / FCPA / CFPOA bribery enforcement actions, so it is getting media attention that it may or may not deserve.
Is this a good example of directors’ and officers’ liability? No, not directly. There was no mention of negligence by an individually named director or officer. But many bribery enforcement actions have spawned downstream criminal, civil and securities liability lawsuits, so if directors and officers do not learn and react to the public pain suffered by other entities, they have a good chance of facing personal liability.
My advice, be careful about extending your D&O insurance policy to FCPA / UK Bribery / CFPOA enforcement action if you don’t fully understand how your policy is exposed to Entity Coverage or other risk of erosion or exhaustion of its limits of liability. There is no regulation or oversight of D&O policy wordings or pricing in Canada, so your assumption of the level of personal loss coverage in your D&O policy might be incorrect. Without early investigation you might not find that out until it is too late.
Greg Shields is a D&O, Professional Liability and Crime insurance specialist and a Partner of Mitchell Sandham Insurance Services. He can be reached at firstname.lastname@example.org, 416 862-5626, or Skype at risk.first.
February 24th, 2011 Alex Jurshevski
Those who cannot remember the past are condemned to repeat it.” George Santayana
There is a direct connection between the banks, legislative changes and directors and officers insurance premiums. Relaxation of regulation and poor policies and procedures intensified and increased the losses associated with the S&L Scandal of the 1980’s and early 1990’s. But just enough time passed since then to give decision makers the excuse to forget the lessons learned from that sorry episode. Not surprisingly all of the same issues have resurfaced prior to the onset of the Global Financial Crisis (GFC) thereby contributing to the causes of the GFC and importantly to the failure of US Banks so far and the extremely weakened condition of the entire banking sector.
The FDIC provides a chronology of S&L events on their website, and in a book,. These should be made mandatory reading for every employee of every bank, insurance company, rating agency, securities dealer, accounting firm and law firm. There are at least of few people in every level of a company who can smell a problem long before the executives are willing to do anything about it. And now, those employees can even profit from this knowledge. The Dodd-Frank Wall Street Reform and Consumer Protection Act, signed into law on July 21, 2010, includes a provision SEC. 21F, called SECURITIES WHISTLEBLOWER INCENTIVES AND PROTECTION. This provision looks to incent whistleblowers with an award of 10% to 30% of the monetary sanction over $1 million. Therefore, if one were to take the average cost of the top six most recent FCPA settlements and multiply by the lowest award, it would means a $47 million compensatory windfall to the employee who blows the whistle on these bosses.
The FDIC book on the S&L scandal suggests that total FDIC recovery from 1986 through 1996 from professional liability suits was $5.1 billion (outside counsel costs were $1 billion (ie a significant incentive for lawsuits), with $1.3 billion of that coming from D&O claims, and, surprisingly, only $300 million from fidelity bond insurers. The account does not specifically say that the D&O recovery was from insurance policies, but there is no doubt that these insured losses were material to the insurance industry.
In those days, Insured vs. Insured exclusions, and trustee/regulator exclusions and limited severability were much more common in the D&O policy. And, the policies were not as heavily extended to cover loss of the corporate entity, and other parties and matters, as they are today. Also unique to that period was the length of time that D&O insurers had to prepare for potential loss. A noticeable uptick in bank failures was identifiable as early as 1982, but the actual assets losses and deposit insurance losses were not material until 1988. The period of 1997 through 2007 saw so few bank failures that the slate was wiped clean as if the past never existed. But this time, the asset losses and deposit insurance losses, which, in the 1980’s took seven years to develop, happened in one year. And these losses occurred on the basis of only the modest increase in the number of banks that the FDIC, Fed, Treasury and the OCC have so far made public.
Therefore, with the speed of the recent downturn, the larger average size of the failed banks, the broader policy wordings (more coverage for the corporate entity), and the resources of plaintiff counsel, it might ultimately be impossible to compare the S&L debacle with the GFC.
NERA Economic Consulting released their â€œFailed Bank Litigation Report in August 2010, providing a lot of details comparing and contrasting the S&L with recent bank failures, including the resulting D&O and Professional Liability litigation. The first part of the report presents statistics on recent bank failures and the characteristics of their assets, loan portfolios and performance relative to banks that have not failed. The remainder of the report discusses failure factors and litigation in both periods.
This becomes an even more interesting having read Recovery Partners’ blog entitled Hubris Meets Nemesis, which estimates that the number of insolvent and/or severely impaired banks in the US to be well over 2000 institutions, and goes on to point out that the suspension of FASB 157 (the abolition of mark-to market accounting”) and the failure to activate the Prompt Corrective Action Law. is hiding the true extent of the deterioration in bank balance sheets in the US. If this analysis is in the ballpark, that will mean that the GFC hit in the US will vastly eclipse the losses from the S&L scandal. Of the 2,912 bank failures from 1980 to 1994, many were private and a lot smaller than the average failure today. It has been suggested that the scandal crisis cost over $150 billion and represented 3% of US GDP. Today, $150 billion is the cost to bailout one insurer. According to the DandO Diary blog, there have been 118 bank failures in 2010, and 165 in two full previous years. Recovery Partners estimates that the Deposit Insurance Fund losses from the GFC are currently in the range of some $500 to $700 billion. See also Chris Whalen’s Institutional Risk Analytics website for similar views on this issue.
The FDIC is starting to sue failed bank directors and outside professionals. FDIC filed two separate lawsuits in the Northern District of Georgia against outside law firms for the failed Integrity Bank of Alpharetta, Georgia. FDIC filed a separate suit against former directors and officers of Integrity Bank. They provide an updated list of failed banks on their website, and a separate list of authorized suits against individual directors and officers.
FDIC litigation in the S&L period was the primary source of litigation. Today the follow-on claims in private litigation by investors and creditors, and criminal proceeding by the DoJ, are very creative in order to avoid FDIC priorities and onerous pleading requirements (scienter hurdle of 10(b)-5.) This could mean that private litigation could cause even more insured loss than the FDIC. The Failed Banks topic section of the D and O Diary, provides significant detail and resources on the primary claims, third party professional claims, and on follow-on civil litigation.
The Canadians in this group are not insulated from this issue. A majority of the market share of D&O insurance premium written in this country is by insurers who are exposed to US claims. Even if they are not directly writing Bank D&O policies, bank failures affect the lawyers, accountants, pension and investment fund investors, and the bricks, clicks and mortar companies who rely on these banks. There has been a flight to safety for insurers, and that is why we have more than 27 companies writing directors’ and officers’ liability insurance in Canada. Every one of theses firms will have difficulty avoiding the direct and/or reinsurance costs of US losses in spite of the fact that insurance companies typically spread their risks across all of their insureds, whether these insureds are inter-listed, large public, private or non-profit companies.
In addition to the direct and indirect US exposures, Canada is seeing a material change in homegrown loss experience. The decision in the IMAX class action securities case, was a denial of the defendant’s motion for leave to appeal the K.van Rensburg J. decision to certify class proceedings. We all know what happens to settlement amounts when a court decision goes in favour of the plaintiff class. The underlying securities litigation commenced September 20, 2006, when Siskinds LLP, and Stutts, Strosberg LLP, brought their case alleging misrepresentation and breach of duty of care. This was the first case to be brought under Ontario’s new, at the time, Bill 198, aka, part XXIII.1 of the Ontario Securities Act (the Act), section 138.3, which provides a statutory cause of action for secondary market misrepresentation.
The insurance implication is that the IMAX 2005 information circular listed a D&O policy with a $70 million limit of liability. The circular does not provide a lot of detail, and I am not privy to any inside information, but it does say they had a split deductible of $100,000 for each claim under the policy other than claims made under U.S. securities law as to which a deductible of $500,000 applies, and paid an annual premium of $962,240.
There is no regulation of D&O or E&O policy wordings in Canada, and there are hundreds of versions of policy wordings, applications and endorsements that can mean the difference between coverage and personal financial loss. In the IMAX case, the split deductible (and the level of premium) would suggest that the policy provided at least some level of coverage for the separate and distinct loss of the corporate entity. If this policy structure, or an undisclosed policy, did not include a separate limit of liability for individual directors and officers, and their non-indemnified claims, then this $70 million is subject to erosion or even full exhaustion by loss incurred by the corporation.
Unfortunately, most directors and officers make a critical assumption that their D&O policy is designed to cover their personal liability. For many directors and executives, this sharing of limits problem is only identified after a lawsuit has been launched. The confusion is that this extension is marketed as securities coverage, which can be misleading to the individual directors. Some insurance brokers have sold this coverage by suggesting it is the only way to get coverage for claims brought by shareholders. Such a statement is absolutely false. The traditional D&O policy was always meant to apply to claims brought by shareholders, but only those claims brought against individual insured persons, not those brought against the corporation.
Much more information on Canadian securities class actions can be found in the NERA report, here.
With a relatively small premium base, when compared with the personal and commercial property and casualty market, the specialty casualty insurance marketplace can be materially affected by isolated industry events. Even within this isolated industry (if you can call US Banks an isolated industry) there was a significant historical learning opportunity. With the degree of correlation between contributing factors of the S&L event and the recent bank failures, it is not a stretch to suggest the S&L learning opportunity was completely ignored by far too many decision makers.
If the horse has already left the barn, (which, based on D&O losses to date, has not been determined), then there are two things to do: First, identify and mitigate the current and ongoing risks of this event; and then identify the contributing factors (and people) and take appropriate notice and initiate action, so the market can retain this information and use it to avoid similar situations in the future.
Based on, 1) larger bank asset losses, 2) larger FDIC losses, 3) higher D&O policy limits and broader wordings, 4) deeper pockets in the executive ranks, 5) a new profit incentive to blow the whistle to regulators and the media (and not report concerns to the audit committee and independent board members), 6) the motivation of significant plaintiff lawyer contingency damage awards, and 7) an increase in follow-on civil litigation, insured losses will increase and the risk of D&O and Professional Liability insurance premium increases and coverage limitations is therefore extremely material.
Policy expiry dates, market swings and claims rush forward very quickly. Therefore, timing is crucial. All directors, executives, officers, compliance and legal staff, and other outside professionals should be doing the following:
1) Request a personal contractual indemnity agreement from the corporation or partnership. Indemnification provisions are built into the Canadian Business Corporations Act, the Ontario Business Corporations Act, many corporate by-laws, and into most of industry specific acts, but, they are not all created equal, and none of them are as good as a well vetted individual contractual indemnity;
2) Recognize that D&O insurance is not a panacea. It should not be a priority over good commercial general liability, property or operation specific products, like professional liability, errors and omissions liability (E&O), environmental, fidelity/crime, and cyber/media/privacy insurance policies. D&O is also not a priority over good governance, risk management and compliance (GRC) activities;
3) Know the expiry dates of all policies. Notice I did not say renewal dates, because a D&O/Fidelity/E&O renewal is never guaranteed;
4) Know your notice obligations and opportunities to report claims and circumstances to the insurers and trigger your current policy for future loss (no matter when that claim is eventually launched;
5) Have your broker identify all areas of limits sharing within your policies. Limit sharing is very sneaky, because it is not isolated to an insuring agreement; it can be found in the applications (which forms part of the policy,) exclusions, allocation provisions, severability provisions, and even in the definitions;
6) Treat the D&O purchase decision as it being based on the limit liability, not on the insurance premium. The limit of liability has, or should have, a value that is material to the corporation, often the premium does not. Even for a small non-profit, it is a one or two million dollar decision; for a small publicly traded company it is a five to twenty five million dollar decision; and for a large public company it can be a $100 million decision. The purchase decision deserves this level of attention; and,
7) Examine the skill, ability and independence of your broker (not just your brokerage.) There are far too many brokers who are passing themselves off as experienced, when in fact they have limited or no direct experience with D&O policies and claims. There are also many brokers who marketed (even convince) themselves they are independent, even when they owned by, or have a material debt or non-standard remuneration agreement with, an insurance company. It is therefore appropriate to, a) request full disclosure of ownership and all potential conflicts of interest, including any exclusive insurer programs, b) ask all brokers to explain to your satisfaction the key issues regarding all coverage options as they relate to your operations, and, c) request of all brokers not approach any insurance markets on your behalf until you have made your choice of broker.
Through aggressive competition among insurance companies and under-educated and overzealous insurance brokers, policies have been broadened to such an extent that they are now a possible detriment to the appointment of directors. Claims made against the corporate entity and coverage for non-traditional parties and matters are now fair game under many D&O policies. This level of coverage can be very attractive to aggressive plaintiffs, and their even more attractive to aggressive plaintiffs lawyers, because a broader policy means a better chance for at least a modest settlement. A modest settlement reduces the down-side risk of pursuing what might be a long-shot chance of discovering a smoking gun that will produce the home run settlement (entire policy limits, plus corporate contribution, plus third party contribution, plus individual director and officer contribution.) However, there is only one limit of liability that will be shared by all parties for all claims.
We have yet to see how US bank failures will play-out for D&O insurance buyers, but given what we already know, it behooves executives, directors, corporate risk managers and their advisors to meet this issue proactively and forcefully.
This is a guest blog by Greg Shields, a Partner and commercial insurance broker with Mitchell Sandham Insurance Services in Toronto, specializing in D&O, E&O and Fidelity insurance. His blog posts can be found at http://mitchellsandham.wordpress.com/, and he can be reached directly at email@example.com, or at 416 862-5626.