COVID-19: From Our Experts
What Business Leaders Should Know About COVID-19 and Management Liability Insurance
BOK Financial Insurance | May 28, 2020
Directors and Officers Liability Exposures Post-Pandemic
It’s time for business leaders to prepare for potential legal challenges
Below are some of the top exposures and concerns for businesses to consider in order to protect directors and officers against potential claims arising from the COVID-19 pandemic.
Civil Liability Exposures
One of the leading exposures for directors and officers involves civil liability, such as alleged breaches of contract with customers or suppliers, loss of liquidity and subsequent bankruptcy proceedings. Claims brought by creditors, shareholders, trustees or other company stakeholders that arise from possible insolvency or bankruptcy could trigger coverage under a directors and officers (D&O) insurance policy.
“Because of day-to-day management complexity right now, it is normal for directors and officers to not be thinking about potential liabilities that may be targeted at them,” explains Todd McLean, president of BOK Financial Insurance. “They are in execution mode, not defense mode.”
D&O insurance protects directors, officers and their spouses—assuming complete coverage language—if they are sued for actual or alleged wrongful acts in managing a company. D&O insurance also protects these individuals' assets and estates, as well as a company's assets. D&O insurance policies typically contain a broad range of protections for individual insureds in the event of a company’s bankruptcy or insolvency. However, personal assets may be at risk if the company’s D&O policy provides insufficient coverage for individual insureds, either in the form of too-low limits or limited coverage scope.
Cyber Security and Data Privacy Claims
Considering that many companies are requiring employees to work remotely, another key D&O liability concern pertains to cybersecurity and data privacy. Failure to sufficiently protect a company’s network leaves the company vulnerable to cyberattacks, ransom demands, loss of company data and overall exposure for failing to insure against cyber risks. Though many existing D&O policies may not be written with cyber and technology-related risks in mind, failure to protect against and insure for privacy or cyber liabilities could potentially lead to D&O liability claims. Securities action lawsuits against the directors and officers of the company could also arise if a cyber breach causes significant loss to the company’s reputation and value.
Securities and Shareholder Derivative Claims
In March 2020, the U.S. Securities and Exchange Commission (SEC) instructed companies to disclose information related to COVID-19 and notify investors of the anticipated impact COVID-19 would have on their business. The SEC provided extensions of filings required under the Exchange Act as well as disclosure obligations under the federal securities laws, including but not limited to, insider trading, selective disclosure and safe harbor for forward-looking statements. The volatility of the stock market following the announcement of the COVID-19 pandemic could attract securities litigation and/or shareholder derivative claims alleging mismanagement and/or failure to act or disclose by officers and directors in response to COVID-19.
Disclosure claims are likely to be evaluated on the basis of what companies have learned from what has happened, how well they address or disclose all of the facts and risks associated with their response to what has happened, and their future response plans. “Considering COVID-19’s unpredictable total impact on the economy, there has never been a better time to admit you don’t have all the answers or withdraw guidance,” said McLean.
Businesses who fail to make an effort to follow SEC guidance or inaccurately blame COVID-19 for the mismanagement and poor executive conduct of their directors and/or officers, are at an increased risk of liability claims and may be denied coverage under a D&O policy. Furthermore, directors and/or officers may be held liable under Caremark if they fail to establish oversight procedures for their company’s mission critical functions.
Fiduciary Duty Claims
Company leaders facing claims alleging breaches of fiduciary duty and corporate mismanagement related to COVID-19 could also trigger coverage under a D&O liability insurance policy. If a third party brought a claim against the directors and/or officers of a company for damages related to breach of their fiduciary duties, a D&O policy would likely respond. D&O would also respond to claims alleging the mismanagement or mishandling of selling assets, closing locations, selling the company, declaring or suspending dividends.
D&O insurance is not likely to respond to a breach of fiduciary duties claim alleging bodily injury. However, some D&O policies have a "broad form" exclusion for claims "based upon, arising out of, or attributable to" any bodily injury. With this broad form exclusion, a breach of fiduciary duty claim most likely would be excluded if it has any relation to a personal injury claim. On the other hand, if the D&O policy has the narrower "for" preamble to the bodily injury exclusion (excluding only those claims "for" bodily injury), there is a potential chance for coverage for a breach of fiduciary duty claim.
“My hope is that after reading this, business leaders will pause and ask members of finance, HR and risk management to review D&O policy language with their advisors and report back,” said McLean.
Key Considerations and Recommendations for Directors and Officers Pertaining to COVID-19
- Business leaders should work with a risk management consultant and review D&O insurance policy language to help identify and limit gaps or lapses in coverage, as well as exclusions on COVID-19-related claims, cyber-related D&O claims and bodily injury claims.
- Directors should form a board committee, if appropriate, to oversee COVID-19 or future pandemics, concerns and potential impact on the company.
- Directors and officers should take a systematic approach to communicating with shareholders, employees, suppliers and all other parties involved to help them understand the impact of COVID-19 to the business in the short term and long term.
- Directors should ensure there are regular protocols in place that require management to keep the board or committee informed of risks and safety concerns related to the pandemic. This includes a reporting system to maintain appropriate meeting minutes that document the board’s oversight activities as well as monitoring system for any red flags that may indicate the system in place is not working properly.
- Directors and officers should review the company’s cybersecurity and data privacy standards and action plans to ensure they meet legal requirements and comply with any breach-notification laws. They should also establish and review plans addressing the potential for increased cybercrime due to a remote access workforce, including data breaches through employees’ remote access devices.
- Directors and officers should seek professional counsel from legal advisors and consider retaining counsel separate from the company to help illustrate different interests are protected.
Employment Practices Liability
To combat the spread of COVID-19, businesses across the country have been forced to shut down operations, furlough, lay off employees, and adopt new social distancing and sanitation procedures. These dramatic changes to standard operations should prompt employers to review employment practices liability insurance (EPLI) polices and prepare for potential claims brought by employees.
“Each of these circumstances creates new challenges and exposures, which is why it is essential for employers to review their employment practices liability insurance program now in order to be prepared for potential employment disputes,” said Todd McLean, president of BOK Financial Insurance. “Unfortunately, this is what owners and managers need to be thinking about and planning for now.”
EPLI provides employers coverage, typically for both defense costs and damages, involving non-bodily injury claims brought by employees, such as discrimination or harassment, wrongful termination, and other allegedly unfair employment practices. It is important to note that EPLI policies generally exclude coverage for claims arising out of the Occupational Safety and Health Act's, or OSHA's, “general duty” clause, so it is important to review specific policy language.
Questioning employees about COVID-19
Employers should be careful how they question employees regarding COVID-19. For example, questioning employees about recent travel could imply an invasion of privacy, potential discrimination, or harassment which could trigger an employment wrongful acts claim. Claims for employment wrongful acts typically include alleged employment-related invasion of privacy, defamation, discrimination, harassment, retaliation or violation of FMLA, all of which appear to be relevant to possible COVID-19 related employment claims. EPLI will likely cover costs but policy language, retention and limits vary.
Another example that could trigger EPLI is if an employee or group of employees feel they are being targeted or mistreated due to suspicion of being infected with COVID-19 and/or because of their national origin. They may claim discrimination or harassment. Likewise, if an employee or group of employees feel they are being retaliated against for their unwillingness to attend or perform a work-related activity due to the perceived risk of contracting COVID-19, they could file a retaliation claim. If employers were to take disciplinary action or terminate these employees, they could face an unfair labor practice claim.
“Businesses forced to lay off or furlough employees due to COVID-19 should prepare for EPL claims, such as alleging wrongful termination” said McLean. “EPLI can cover wrongful termination claims, subject to your policy language, and provide legal support if employees sue because they were fired for failing to fulfill work obligations due to COVID-19.”
Best practices for employers to consider
- Employers should carefully review the language of their EPLI policy, which tends to vary from policy to policy. Exclusions under one policy may actually be covered under another.
- Employers should keep their primary focus on health and safety, as well as communicate the current and future measures that have been and will be implemented to protect employees and help limit the spread of COVID-19.
- Employers should stay informed and follow guidance and recommendations issued by the Centers for Disease Control and Prevention (CDC), Occupational Safety and Health Administration (OSHA), World Health Organization (WHO) and state departments of health.
- Employers should seek advice from an experienced consultant on how to clearly communicate to their employees that fear of COVID-19 should not be misdirected to any individuals based on national origin, race or to those in any other protected class.
- Employers allowing or requiring employees to work from home should determine if some or all functions of the employees’ job duties can be performed at home and provide the resources and equipment necessary to enable employees to work at home. Employers should also communicate that working remotely is a temporary measure and employees will be expected to return to the workplace when it is determined safe to do so.
- Employers should avoid subjecting employees to engage in work that may be considered a protected activity under the Occupational Safety and Health Act (OSH Act), if employers believe the work puts their employees’ health in danger.
- Employers should keep in mind that any written communications from employees regarding COVID-19 could be deemed a claim. Employers should seek advice from their insurance advisors regarding communication with their carrier, including potentially filing a “notice of circumstances.”
- Employers should develop mitigation plans in response to epidemics and pandemics, and assess their risks of potential disputes, while being mindful that COVID-19 may resurface in the fall similar to influenza.
- Employers should consult with legal counsel before implementing or updating policies and procedures, and before making employment practice decisions to ensure legal compliance. Consider if changes need to occur in your employee handbook, mobile device policies, app management and other policies related to daily work.
Directors and Officers Liability Exposures Post-Pandemic References:
JD Supra LLC https://www.jdsupra.com/legalnews/the-effect-of-coronavirus-covid-19-on-28475/ | https://www.jdsupra.com/legalnews/underwriting-d-o-risks-for-coronavirus-62195/ | LaCroix, Kevin M. D&O Diary | National Law Review | Holland & Knight LLP
Employment Practices Liability References:
National Law Review | U.S. Equal Employment Opportunity Commission | U.S. Department of Labor Occupational Safety and Health Administration | Larkin Hoffman Employment and Labor Law | Pepper Hamilton LLP | Lowenstein Sandler National Law Firm
This article does not address the potential impacts of additional local, state and federal orders that have been issued in response to the COVID-19 pandemic, including, without limitation, potential liability should an employee become ill, requirements regarding family leave, sick pay and other issues. The information contained is not intended to be exhaustive nor should any discussion or opinions be construed as professional advice. Coverage depends on actual facts of each case and the terms, conditions and exclusions of the issued policy. Insurance products and services are offered by BOK Financial Insurance, a subsidiary of BOK Financial Corporation. BOK Financial, a division of BOKF, NA, Member FDIC. Equal Housing Lender.