#quarterly d&o claims trends
Text
Quarterly D&O Claims Trends: Q2 2018
On Wednesday, July 25 Advisen will host a webinar that examines the D&O claims trends for the second quarter of 2018. Advisen’s Jim Blinn and a panel of experts will discuss the frequency and severity of securities suits in Q2 2018 and share their insights on emerging trends on securities litigation.
This is a free, one-hour webinar.
For more info and registration of this upcoming webinar, visit https://www.advisenltd.com/2018/07/25/quarterly-claims-trends-q2-2018/
Advisen Ltd. July 2018. Quarterly D&O Claims Trends: Q2 2018 [Webinar].
#quarterly d&o claims trends#d&o claims trends 2018 q2#d&o claims trends 2018 2nd quarter#d&o claims trends q2 2018#directors and officers claims trends#securities litigation#d&o claims trends#securities suits in q2 2018#q2 2018 d&o claims trends
0 notes
Link
Trump encounters broad pushback to his suggestion to delay the Nov. 3 election
3 hrs ago
President Trump drew immediate rebukes from across the political spectrum Thursday after proposing a delay to the November election and claiming without evidence that widespread mail balloting would be a “catastrophic disaster” leading to fraudulent results.
The suggestion represented Trump’s latest, and most dramatic, attempt to undermine public faith in the Nov. 3 election, a trend that has grown more frequent and emphatic as polls have shown his political fortunes declining. The president has attacked mail voting nearly 70 times since late March in interviews, remarks, and tweets, including at least 17 times this month, according to a tally by The Washington Post.
Thursday’s tweet came on the heels of a devastating report showing that the economy shrank nearly 10 percent from April through June, the largest quarterly decline since the government began publishing such data 70 years ago.
The president does not have the authority to change the date of the general election, which is set by Congress. Trump encountered unprecedented pushback to his idea from senior Republicans on the Hill and conservative leaders outside government, as well as legal scholars, historians, and Democrats.
Former President Barack Obama, speaking at the funeral of the late civil rights icon John Lewis in Atlanta, alluded to the intensifying war over voting rights, saying that “even as we sit here, there are those in power who are doing their darndest to discourage people from voting.” Obama, who has avoided public comments on much of Trump’s presidency, did not specifically cite his successor’s latest suggestion or mention him by name.
Senate Majority Leader Mitch McConnell (R-Ky.) was among many Republican senators who quickly and unequivocally rejected Trump’s idea. “Never in the history of the country, through wars, depressions, and the Civil War, have we ever not had a federally scheduled election on time,” McConnell said in a television interview with WNKY of Bowling Green, Ky. “We’ll find a way to do that again this Nov. 3.”
Click to expand
Trump gave no indication that he would launch a serious push for the date change, or that he thinks he has the power to do so without congressional approval. But he appeared unfazed by the criticism.
He “pinned” the tweet in which he first floated the idea Thursday, fixing it to the top of his Twitter feed.
“With Universal Mail-In Voting (not Absentee Voting, which is good), 2020 will be the most INACCURATE & FRAUDULENT Election in history,” he wrote in the message. “It will be a great embarrassment to the USA. Delay the Election until people can properly, securely, and safely vote???”
At a news conference late in the day, Trump said does not want to delay the election, but said the alternative is a “crooked election” that could take months or even years to resolve — suggesting he is prepared to contest the results if he loses.
“I want to have the election,” he said. “But I also don’t want to wait for three months and find out that all the ballots are all missing and the election won’t mean anything. That’s what’s going to happen, and everyone knows it.”
Several Trump advisers said no internal discussions were underway within the White House about moving the date. The tweet caught aides by surprise, said one senior adviser who, like others, spoke on the condition of anonymity to describe internal conversation. “He is just trolling,” said another.
a man wearing a suit and tie: President Trump stops to talk to reporters as he walks to board Marine One and depart from the South Lawn at the White House on Wednesday.© Jabin Botsford/The Washington Post President Trump stops to talk to reporters as he walks to board Marine One and depart from the South Lawn at the White House on Wednesday.
The U.S. Constitution gives the power to regulate the “time, place, and manner” of general elections to Congress, while states control the dates of primary elections. Nowhere is the president granted such power.
In addition, the Constitution’s 20th Amendment spells out a hard end to a president’s and vice president’s four-year terms on Jan. 20, whether an election is held or not.
“The President has no power to change the date of the election,” said Richard L. Hasen, a law professor at the University of California at Irvine. “This is yet another statement by the President which undermines voter confidence and that seeks without evidence to undermine the legitimacy of voting by mail.”
No president has ever before tried to postpone a federal election, said historian Michael Beschloss. The idea was floated to President Abraham Lincoln in 1864, during the Civil War, and to President Franklin D. Roosevelt in 1942, during World War II.
Lincoln said at the time that postponing an election because of the “Southern rebellion” would mean “our system has been defeated,” while Roosevelt said doing so while fighting the fascists would mean “we have become fascists ourselves,” Beschloss said.
“That tweet claims powers that he does not have, period,” he said. “He is not a dictator.”
One of the most dramatic critiques of Trump’s tweet came from Steven G. Calabrese, a co-founder of the conservative Federalist Society, who wrote in an opinion piece published in The New York Times Thursday that the idea was “fascistic” and “grounds for the president’s immediate impeachment.”
Trump has enjoyed full-throated support from conservatives and nearly all congressional Republicans; the Federalist Society, for instance, has cheered on and even helped select his Supreme Court nominations. That backing appeared to wobble on Thursday, with many Republicans not only alarmed by the president’s apparent disregard for the limits of his power but emboldened to say so in public.
“Election Day is and will be Nov 3, 2020,” said Republican Ari Fleischer, a former press secretary to George W. Bush. “Mr. President — please don’t even pretend to mess with this. It’s a harmful idea.”
Added Rep. Liz Cheney (R-Wyo.) on Twitter: “We are not moving the date of the election. The resistance to this idea among Republicans is overwhelming.” Sen. Marco Rubio (R-Fla.), Sen. Lindsey O. Graham (R-S.C.), and House Minority Leader Kevin McCarthy (R-Calif.) weighed in similarly.
House Speaker Nancy Pelosi (D-Calif.), meanwhile, simply tweeted the relevant passage from the Constitution granting Congress the power to set election dates. Joe Biden, the presumptive Democratic nominee, told supporters at a virtual fundraiser Thursday that Trump was probably trying to steal attention away from Lewis’s funeral.
Other Democrats suggested that Trump’s suggestion reflected a realization that he could lose to Biden, who has been leading in national and many battleground state polls.
“Donald Trump is terrified,” tweeted Sen. Kamala D. Harris (D-Calif.), who is among those being considered as a running mate for Biden. “He knows he’s going to lose to @JoeBiden. It will require every single one of us to make that happen. We will see you at the ballot box on November 3rd, @realDonaldTrump.”
Some Democrats used the occasion to promote how-to instructions on mail balloting.
“President Trump is talking about delaying the November election because he is afraid of people voting by mail,” Rep. Donna Shalala (D-Fla.) said in a tweet, in which she included a link to a Florida government website with instructions on how to do so. “You know what to do,” she added.
The president of the American Postal Workers Union, Mark Dimondstein, also rebuked the president for undermining confidence in the U.S. Postal Service. He noted that there is “essentially no fraud” in mail balloting.
“It’s a tremendous insult for the president be railing against vote by mail over and over and over and over, railing against the post office,” Dimondstein said. “It’s an insult to every postal worker and every customer who trusts the post office.”
Ronna McDaniel, chairwoman of the Republican National Committee, said on Fox Business that “obviously” the president understands that he doesn’t have the authority to move the election.
A Justice Department spokeswoman declined to comment on Trump’s tweet. Earlier this week at a House Judiciary Committee hearing, however, Attorney General William P. Barr told Rep. Cedric L. Richmond (D-La.) he had not studied the question of whether the president could move the election date.
“I’ve never been asked the question before. I’ve never looked into it,” Barr said.
Biden suggested in April that Trump might try to move the election date. At the time, Trump campaign spokesman Tim Murtaugh accused Biden of “incoherent, conspiracy-theory ramblings” and said the president “has been clear” that the election will happen on Nov. 3.
Another Trump campaign spokesman, Hogan Gidley, said in a statement Thursday that the president was merely “raising a question about the chaos Democrats have created with their insistence on all mail-in voting.”
In fact, most Democrats are pushing for mail balloting in addition to early in-person and Election Day voting — not universal mail balloting, as Trump has alleged — because even though many voters have expressed a new preference for voting by mail because of fear of infection, many other voters remain more comfortable casting their ballots in person.
Trump has argued that mail-in voting tends to hurt Republicans at the ballot box, but some Republicans worry that the president’s own rhetoric is what’s turning their own voters off of mail balloting.
A Washington Post-ABC News poll conducted this month shows that 51 percent of Democrats prefer voting by mail this fall, compared with 20 percent of Republicans. A recent study by Stanford University researchers found no partisan impact of expanding voting by mail.
At the congressional hearing, Barr repeated his concern that he felt there was a “high risk” that mail-in voting would lead to fraud but said he did not believe the election would be rigged — seeming to break with Trump.
“I have no reason to think it will be,” Barr said.
Even if Congress voted to delay the general election, the electoral college is still required to elect a president under federal law. If lawmakers changed that, too, Trump and Vice President Pence would still be required to leave office by noon on Jan. 20. With no successor, the speaker of the House of Representatives, currently, Pelosi, would be next in line.
0 notes
Text
FedEx Hit with Cyber Attack-Related Securities Suit
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. The latest of these lawsuits is the securities class action lawsuit filed this week against FedEx, in which the plaintiff shareholder alleges the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. A number of the allegations in the new FedEx complaint are similar to those raised in prior cybersecurity-related securities suit, suggesting some of the factors that might lead to this type of cybersecurity follow-on lawsuit. A copy of the complaint, filed in the Southern District of New York on June 26, 2019, can be found here.
Background
In June 2016, FedEx completed the $4.8 billion acquisition of TNT Express, N.V., a Netherlands based logistics company. FedEx hoped the acquisition would significantly expand its European footprint and would prove significantly accretive to earnings. However, on June 27, 2017, the TNT operation were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The class period in the complaint starts on September 19, 2017, when the company released its fiscal first quarter results and noted that the cyberattack had negatively affect the company’s financial performance. However, allegedly in this disclosure and in subsequent disclosures during the class period, the company provided reassurance’s that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The full extent of the disruption at TNT was, according to the complaint, not fully disclosed until December 18, 2018, when the company again announced disappointing quarterly results, which it attributed to lower package volumes in Europe and a negative shift in TNT’s product mix to lower margin freight business after the cyberattack that had taken place more than a year previously. The complaint alleges that the company’s share price decline over 12% on the news.
As plaintiff’s counsel states in their June 26, 2017 press release about the lawsuit (here), the complaint alleges that notwithstanding the reassurances the company gave the markets during the class period, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The complaint names as defendants the company itself and certain of its directors and officers. The complaint purports to be filed on behalf of a class of investors who purchased the company’s common stock during the period September 19, 2017 to December 18, 2018. The complaint alleges that as a result of their alleged misrepresentations to the class, the defendants are liable to the class for damages under Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder.
Discussion
As I noted at the outset, there have not been as many cybersecurity securities lawsuits as some may have expected. I think the main reason for this is that as the financial markets have gotten used to the steady drumbeat of disclosures about data breaches and cyberattacks, the share prices of the companies involved typically do not react significantly to the news. Nevertheless there have been a few companies that have been hit with cybersecurity-related securities suit in recent years, and the complaint that was just filed against FedEx has a number of features in common with the complaint previously filed against other companies.
First, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
Second, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that the allegation is not report the incident itself in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global attack raises some interesting issues. As far as I know, FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. I understand that dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits.
It is a common (though poorly appreciated) observation that cyber insurance carries with it the imbedded risk of a massive aggregation problem. It doesn’t require much imagination to see how a coordinated global attack like NotPetya could simultaneously hit many companies in an insurer’s cyber insurance portfolio. However, it had never previously occurred to me that there is a cybersecurity aggregation risk imbedded in D&O insurance as well. A cyber attack that shut down New York or London or that affected companies even more broadly than the NotPetya attack could at least theoretically result in scores of claims and massive losses for insurers. To be sure, some might say that this observation is alarmist crazy talk, and they might be right. It is just that this possibility, no matter how theoretical, had never previously occurred to me.
Because the FedEx lawsuit arises out of the malware incident at the company’s TNT division, it could be said that this lawsuit represents yet another example of event-driven litigation. However, I am not quite sure that this case quite fits the event-driven litigation model. Yes, the supposed misrepresentations and omissions all relate back to the malware incident, but the alleged deception relates to the way the company soft-pedaled the news and allegedly failed to fully disclose the disruptive impact of the incident. The allegations of deceptive disclosure arguably make this lawsuit more like a more traditional securities class action lawsuit and less like the recently prevalent phenomenon of event-driven litigation.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing a data breach, but also for companies involved in privacy violations or that are hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment.
The post FedEx Hit with Cyber Attack-Related Securities Suit appeared first on The D&O Diary.
FedEx Hit with Cyber Attack-Related Securities Suit syndicated from https://ronenkurzfeldweb.wordpress.com/
0 notes
Text
FedEx Hit with Cyber Attack-Related Securities Suit
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. The latest of these lawsuits is the securities class action lawsuit filed this week against FedEx, in which the plaintiff shareholder alleges the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. A number of the allegations in the new FedEx complaint are similar to those raised in prior cybersecurity-related securities suit, suggesting some of the factors that might lead to this type of cybersecurity follow-on lawsuit. A copy of the complaint, filed in the Southern District of New York on June 26, 2019, can be found here.
Background
In June 2016, FedEx completed the $4.8 billion acquisition of TNT Express, N.V., a Netherlands based logistics company. FedEx hoped the acquisition would significantly expand its European footprint and would prove significantly accretive to earnings. However, on June 27, 2017, the TNT operation were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The class period in the complaint starts on September 19, 2017, when the company released its fiscal first quarter results and noted that the cyberattack had negatively affect the company’s financial performance. However, allegedly in this disclosure and in subsequent disclosures during the class period, the company provided reassurance’s that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The full extent of the disruption at TNT was, according to the complaint, not fully disclosed until December 18, 2018, when the company again announced disappointing quarterly results, which it attributed to lower package volumes in Europe and a negative shift in TNT’s product mix to lower margin freight business after the cyberattack that had taken place more than a year previously. The complaint alleges that the company’s share price decline over 12% on the news.
As plaintiff’s counsel states in their June 26, 2017 press release about the lawsuit (here), the complaint alleges that notwithstanding the reassurances the company gave the markets during the class period, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The complaint names as defendants the company itself and certain of its directors and officers. The complaint purports to be filed on behalf of a class of investors who purchased the company’s common stock during the period September 19, 2017 to December 18, 2018. The complaint alleges that as a result of their alleged misrepresentations to the class, the defendants are liable to the class for damages under Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder.
Discussion
As I noted at the outset, there have not been as many cybersecurity securities lawsuits as some may have expected. I think the main reason for this is that as the financial markets have gotten used to the steady drumbeat of disclosures about data breaches and cyberattacks, the share prices of the companies involved typically do not react significantly to the news. Nevertheless there have been a few companies that have been hit with cybersecurity-related securities suit in recent years, and the complaint that was just filed against FedEx has a number of features in common with the complaint previously filed against other companies.
First, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
Second, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that the allegation is not report the incident itself in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global attack raises some interesting issues. As far as I know, FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. I understand that dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits.
It is a common (though poorly appreciated) observation that cyber insurance carries with it the imbedded risk of a massive aggregation problem. It doesn’t require much imagination to see how a coordinated global attack like NotPetya could simultaneously hit many companies in an insurer’s cyber insurance portfolio. However, it had never previously occurred to me that there is a cybersecurity aggregation risk imbedded in D&O insurance as well. A cyber attack that shut down New York or London or that affected companies even more broadly than the NotPetya attack could at least theoretically result in scores of claims and massive losses for insurers. To be sure, some might say that this observation is alarmist crazy talk, and they might be right. It is just that this possibility, no matter how theoretical, had never previously occurred to me.
Because the FedEx lawsuit arises out of the malware incident at the company’s TNT division, it could be said that this lawsuit represents yet another example of event-driven litigation. However, I am not quite sure that this case quite fits the event-driven litigation model. Yes, the supposed misrepresentations and omissions all relate back to the malware incident, but the alleged deception relates to the way the company soft-pedaled the news and allegedly failed to fully disclose the disruptive impact of the incident. The allegations of deceptive disclosure arguably make this lawsuit more like a more traditional securities class action lawsuit and less like the recently prevalent phenomenon of event-driven litigation.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing a data breach, but also for companies involved in privacy violations or that are hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment.
The post FedEx Hit with Cyber Attack-Related Securities Suit appeared first on The D&O Diary.
FedEx Hit with Cyber Attack-Related Securities Suit published first on
0 notes
Text
FedEx Hit with Cyber Attack-Related Securities Suit
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. The latest of these lawsuits is the securities class action lawsuit filed this week against FedEx, in which the plaintiff shareholder alleges the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. A number of the allegations in the new FedEx complaint are similar to those raised in prior cybersecurity-related securities suit, suggesting some of the factors that might lead to this type of cybersecurity follow-on lawsuit. A copy of the complaint, filed in the Southern District of New York on June 26, 2019, can be found here.
Background
In June 2016, FedEx completed the $4.8 billion acquisition of TNT Express, N.V., a Netherlands based logistics company. FedEx hoped the acquisition would significantly expand its European footprint and would prove significantly accretive to earnings. However, on June 27, 2017, the TNT operation were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The class period in the complaint starts on September 19, 2017, when the company released its fiscal first quarter results and noted that the cyberattack had negatively affect the company’s financial performance. However, allegedly in this disclosure and in subsequent disclosures during the class period, the company provided reassurance’s that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The full extent of the disruption at TNT was, according to the complaint, not fully disclosed until December 18, 2018, when the company again announced disappointing quarterly results, which it attributed to lower package volumes in Europe and a negative shift in TNT’s product mix to lower margin freight business after the cyberattack that had taken place more than a year previously. The complaint alleges that the company’s share price decline over 12% on the news.
As plaintiff’s counsel states in their June 26, 2017 press release about the lawsuit (here), the complaint alleges that notwithstanding the reassurances the company gave the markets during the class period, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The complaint names as defendants the company itself and certain of its directors and officers. The complaint purports to be filed on behalf of a class of investors who purchased the company’s common stock during the period September 19, 2017 to December 18, 2018. The complaint alleges that as a result of their alleged misrepresentations to the class, the defendants are liable to the class for damages under Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder.
Discussion
As I noted at the outset, there have not been as many cybersecurity securities lawsuits as some may have expected. I think the main reason for this is that as the financial markets have gotten used to the steady drumbeat of disclosures about data breaches and cyberattacks, the share prices of the companies involved typically do not react significantly to the news. Nevertheless there have been a few companies that have been hit with cybersecurity-related securities suit in recent years, and the complaint that was just filed against FedEx has a number of features in common with the complaint previously filed against other companies.
First, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
Second, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that the allegation is not report the incident itself in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global attack raises some interesting issues. As far as I know, FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. I understand that dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits.
It is a common (though poorly appreciated) observation that cyber insurance carries with it the imbedded risk of a massive aggregation problem. It doesn’t require much imagination to see how a coordinated global attack like NotPetya could simultaneously hit many companies in an insurer’s cyber insurance portfolio. However, it had never previously occurred to me that there is a cybersecurity aggregation risk imbedded in D&O insurance as well. A cyber attack that shut down New York or London or that affected companies even more broadly than the NotPetya attack could at least theoretically result in scores of claims and massive losses for insurers. To be sure, some might say that this observation is alarmist crazy talk, and they might be right. It is just that this possibility, no matter how theoretical, had never previously occurred to me.
Because the FedEx lawsuit arises out of the malware incident at the company’s TNT division, it could be said that this lawsuit represents yet another example of event-driven litigation. However, I am not quite sure that this case quite fits the event-driven litigation model. Yes, the supposed misrepresentations and omissions all relate back to the malware incident, but the alleged deception relates to the way the company soft-pedaled the news and allegedly failed to fully disclose the disruptive impact of the incident. The allegations of deceptive disclosure arguably make this lawsuit more like a more traditional securities class action lawsuit and less like the recently prevalent phenomenon of event-driven litigation.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing a data breach, but also for companies involved in privacy violations or that are hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment.
The post FedEx Hit with Cyber Attack-Related Securities Suit appeared first on The D&O Diary.
FedEx Hit with Cyber Attack-Related Securities Suit published first on http://simonconsultancypage.tumblr.com/
0 notes
Text
Quarterly D&O Claims Trends: Q1 2018
On Tuesday, April 24 Advisen will host a webinar that examines the D&O claims trends for the first quarter of 2018. Advisen’s Jim Blinn and a panel of experts will discuss the frequency and severity of securities suits in Q1 2018 and share their insights on emerging trends on securities litigation.
This is a free, one-hour webinar.
For more info and registration of this upcoming webinar, visit https://www.advisenltd.com/2018/04/24/quarterly-claims-trends-q1-2018/
Advisen Ltd. April 2018. Quarterly D&O Claims Trends: Q1 2018 [Webinar].
#quarterly d&o claims trends#d&o claims trends 2018 q1#d&o claims trends 2018 1st quarter#d&o claims trends q1 2018#directors and officers claims trends#securities litigation#d&o claims trends#securities suits in q1 2018#q1 2018 d&o claims trends
0 notes
Text
Quarterly D&O Claims Trends: Q1 2017
April 27, 2017 (Thursday) at 11am ET
Advisen will host a webinar that examines the D&O claims trends for the first quarter of 2017. On April 27, Advisen’s Jim Blinn and a panel of experts will discuss the frequency and severity of securities suits in Q1 2017 and share their insights on emerging trends on securities litigation.
This is a free, one-hour webinar.
For more info and registration, visit http://www.in.advisenltd.com/quarterly-do-claims-trends-q1-2017/
Advisen Ltd. (2017). Quarterly D&O Claims Trends: Q1 2017 [Webinar].
#quarterly d&o claims trends#d&o#d&o claims#d&o claims trends q1 2017#securities suits#securities suits in q1 2017#securities litigation#merger objection cases
0 notes
Text
Quarterly D&O Claims Trends: Q3 2017
October 11, 2017 (Wednesday) at 11am ET
On Wednesday, October 11 Advisen will host a webinar that examines the D&O claims trends for the third quarter of 2017. Advisen’s Jim Blinn and a panel of experts will discuss the frequency and severity of securities suits in Q3 2017 and share their insights on emerging trends on securities litigation.
This is a free, one-hour webinar.
For more info and registration, visit http://www.in.advisenltd.com/quarterly-do-claims-trends-q3-2017/
Advisen Ltd. (2017). Quarterly D&O Claims Trends: Q3 2017 [Webinar].
#q3 2017 quarterly d&o claims trends#directors and officers#d&o claims q3 2017#d&o claims trends q3 2017#securities suits#securities suits in q3 2017#securities litigation#merger objection cases
0 notes
Text
Quarterly D&O Claims Trends: Q2 2017
July 26, 2017 (Wednesday) at 11am ET
On Wednesday, July 26 Advisen will host a webinar that examines the D&O claims trends for the second quarter of 2017. Advisen’s Jim Blinn and a panel of experts will discuss the frequency and severity of securities suits in Q2 2017 and share their insights on emerging trends on securities litigation.
This is a free, one-hour webinar.
For more info and registration, visit http://www.in.advisenltd.com/quarterly-do-claims-trends-q2-2017/
Advisen Ltd. (2017). Quarterly D&O Claims Trends: Q2 2017 [Webinar].
#q2 2017 quarterly d&o claims trends#directors and officers#d&o claims q2 2017#d&o claims trends q2 2017#securities suits#securities suits in q2 2017#securities litigation#merger objection cases
0 notes
Text
FedEx Hit with Cyber Attack-Related Securities Suit
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. The latest of these lawsuits is the securities class action lawsuit filed this week against FedEx, in which the plaintiff shareholder alleges the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. A number of the allegations in the new FedEx complaint are similar to those raised in prior cybersecurity-related securities suit, suggesting some of the factors that might lead to this type of cybersecurity follow-on lawsuit. A copy of the complaint, filed in the Southern District of New York on June 26, 2019, can be found here.
Background
In June 2016, FedEx completed the $4.8 billion acquisition of TNT Express, N.V., a Netherlands based logistics company. FedEx hoped the acquisition would significantly expand its European footprint and would prove significantly accretive to earnings. However, on June 27, 2017, the TNT operation were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The class period in the complaint starts on September 19, 2017, when the company released its fiscal first quarter results and noted that the cyberattack had negatively affect the company’s financial performance. However, allegedly in this disclosure and in subsequent disclosures during the class period, the company provided reassurance’s that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The full extent of the disruption at TNT was, according to the complaint, not fully disclosed until December 18, 2018, when the company again announced disappointing quarterly results, which it attributed to lower package volumes in Europe and a negative shift in TNT’s product mix to lower margin freight business after the cyberattack that had taken place more than a year previously. The complaint alleges that the company’s share price decline over 12% on the news.
As plaintiff’s counsel states in their June 26, 2017 press release about the lawsuit (here), the complaint alleges that notwithstanding the reassurances the company gave the markets during the class period, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The complaint names as defendants the company itself and certain of its directors and officers. The complaint purports to be filed on behalf of a class of investors who purchased the company’s common stock during the period September 19, 2017 to December 18, 2018. The complaint alleges that as a result of their alleged misrepresentations to the class, the defendants are liable to the class for damages under Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder.
Discussion
As I noted at the outset, there have not been as many cybersecurity securities lawsuits as some may have expected. I think the main reason for this is that as the financial markets have gotten used to the steady drumbeat of disclosures about data breaches and cyberattacks, the share prices of the companies involved typically do not react significantly to the news. Nevertheless there have been a few companies that have been hit with cybersecurity-related securities suit in recent years, and the complaint that was just filed against FedEx has a number of features in common with the complaint previously filed against other companies.
First, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
Second, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that the allegation is not report the incident itself in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global attack raises some interesting issues. As far as I know, FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. I understand that dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits.
It is a common (though poorly appreciated) observation that cyber insurance carries with it the imbedded risk of a massive aggregation problem. It doesn’t require much imagination to see how a coordinated global attack like NotPetya could simultaneously hit many companies in an insurer’s cyber insurance portfolio. However, it had never previously occurred to me that there is a cybersecurity aggregation risk imbedded in D&O insurance as well. A cyber attack that shut down New York or London or that affected companies even more broadly than the NotPetya attack could at least theoretically result in scores of claims and massive losses for insurers. To be sure, some might say that this observation is alarmist crazy talk, and they might be right. It is just that this possibility, no matter how theoretical, had never previously occurred to me.
Because the FedEx lawsuit arises out of the malware incident at the company’s TNT division, it could be said that this lawsuit represents yet another example of event-driven litigation. However, I am not quite sure that this case quite fits the event-driven litigation model. Yes, the supposed misrepresentations and omissions all relate back to the malware incident, but the alleged deception relates to the way the company soft-pedaled the news and allegedly failed to fully disclose the disruptive impact of the incident. The allegations of deceptive disclosure arguably make this lawsuit more like a more traditional securities class action lawsuit and less like the recently prevalent phenomenon of event-driven litigation.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing a data breach, but also for companies involved in privacy violations or that are hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment .
The post FedEx Hit with Cyber Attack-Related Securities Suit appeared first on The D&O Diary.
FedEx Hit with Cyber Attack-Related Securities Suit published first on
0 notes
Text
FedEx Hit with Cyber Attack-Related Securities Suit
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. The latest of these lawsuits is the securities class action lawsuit filed this week against FedEx, in which the plaintiff shareholder alleges the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. A number of the allegations in the new FedEx complaint are similar to those raised in prior cybersecurity-related securities suit, suggesting some of the factors that might lead to this type of cybersecurity follow-on lawsuit. A copy of the complaint, filed in the Southern District of New York on June 26, 2019, can be found here.
Background
In June 2016, FedEx completed the $4.8 billion acquisition of TNT Express, N.V., a Netherlands based logistics company. FedEx hoped the acquisition would significantly expand its European footprint and would prove significantly accretive to earnings. However, on June 27, 2017, the TNT operation were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The class period in the complaint starts on September 19, 2017, when the company released its fiscal first quarter results and noted that the cyberattack had negatively affect the company’s financial performance. However, allegedly in this disclosure and in subsequent disclosures during the class period, the company provided reassurance’s that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The full extent of the disruption at TNT was, according to the complaint, not fully disclosed until December 18, 2018, when the company again announced disappointing quarterly results, which it attributed to lower package volumes in Europe and a negative shift in TNT’s product mix to lower margin freight business after the cyberattack that had taken place more than a year previously. The complaint alleges that the company’s share price decline over 12% on the news.
As plaintiff’s counsel states in their June 26, 2017 press release about the lawsuit (here), the complaint alleges that notwithstanding the reassurances the company gave the markets during the class period, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The complaint names as defendants the company itself and certain of its directors and officers. The complaint purports to be filed on behalf of a class of investors who purchased the company’s common stock during the period September 19, 2017 to December 18, 2018. The complaint alleges that as a result of their alleged misrepresentations to the class, the defendants are liable to the class for damages under Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder.
Discussion
As I noted at the outset, there have not been as many cybersecurity securities lawsuits as some may have expected. I think the main reason for this is that as the financial markets have gotten used to the steady drumbeat of disclosures about data breaches and cyberattacks, the share prices of the companies involved typically do not react significantly to the news. Nevertheless there have been a few companies that have been hit with cybersecurity-related securities suit in recent years, and the complaint that was just filed against FedEx has a number of features in common with the complaint previously filed against other companies.
First, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
Second, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that the allegation is not report the incident itself in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global attack raises some interesting issues. As far as I know, FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. I understand that dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits.
It is a common (though poorly appreciated) observation that cyber insurance carries with it the imbedded risk of a massive aggregation problem. It doesn’t require much imagination to see how a coordinated global attack like NotPetya could simultaneously hit many companies in an insurer’s cyber insurance portfolio. However, it had never previously occurred to me that there is a cybersecurity aggregation risk imbedded in D&O insurance as well. A cyber attack that shut down New York or London or that affected companies even more broadly than the NotPetya attack could at least theoretically result in scores of claims and massive losses for insurers. To be sure, some might say that this observation is alarmist crazy talk, and they might be right. It is just that this possibility, no matter how theoretical, had never previously occurred to me.
Because the FedEx lawsuit arises out of the malware incident at the company’s TNT division, it could be said that this lawsuit represents yet another example of event-driven litigation. However, I am not quite sure that this case quite fits the event-driven litigation model. Yes, the supposed misrepresentations and omissions all relate back to the malware incident, but the alleged deception relates to the way the company soft-pedaled the news and allegedly failed to fully disclose the disruptive impact of the incident. The allegations of deceptive disclosure arguably make this lawsuit more like a more traditional securities class action lawsuit and less like the recently prevalent phenomenon of event-driven litigation.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing a data breach, but also for companies involved in privacy violations or that are hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment .
The post FedEx Hit with Cyber Attack-Related Securities Suit appeared first on The D&O Diary.
FedEx Hit with Cyber Attack-Related Securities Suit published first on http://simonconsultancypage.tumblr.com/
0 notes
Text
FedEx Hit with Cyber Attack-Related Securities Suit
One of the most watched and commented on corporate and securities litigation trends over the last several years has been the rise of management liability related lawsuits arising from cybersecurity-related incidents. While there has never been the volume of cases that some commentators expected, there have been a number of cases filed. The latest of these lawsuits is the securities class action lawsuit filed this week against FedEx, in which the plaintiff shareholder alleges the company did not fully disclose the extent of the disruption at its European operation after it was hit with the NotPetya malware virus in June 2017. A number of the allegations in the new FedEx complaint are similar to those raised in prior cybersecurity-related securities suit, suggesting some of the factors that might lead to this type of cybersecurity follow-on lawsuit. A copy of the complaint, filed in the Southern District of New York on June 26, 2019, can be found here.
Background
In June 2016, FedEx completed the $4.8 billion acquisition of TNT Express, N.V., a Netherlands based logistics company. FedEx hoped the acquisition would significantly expand its European footprint and would prove significantly accretive to earnings. However, on June 27, 2017, the TNT operation were, according to the complaint, “crippled” by the NotPetya cyberattack, which some consider one of the largest cyberattacks in history and that affected many companies on a global scale. The NotPetya cyberattack spread a malware virus throughout TNT’s systems during a critical period of TNT’s integration into FedEx’s operations.
The class period in the complaint starts on September 19, 2017, when the company released its fiscal first quarter results and noted that the cyberattack had negatively affect the company’s financial performance. However, allegedly in this disclosure and in subsequent disclosures during the class period, the company provided reassurance’s that TNT’s systems were fully restored , that it customers “stuck with us,” and that its revenue and earnings targets for the TNT acquisition remained on track.
The full extent of the disruption at TNT was, according to the complaint, not fully disclosed until December 18, 2018, when the company again announced disappointing quarterly results, which it attributed to lower package volumes in Europe and a negative shift in TNT’s product mix to lower margin freight business after the cyberattack that had taken place more than a year previously. The complaint alleges that the company’s share price decline over 12% on the news.
As plaintiff’s counsel states in their June 26, 2017 press release about the lawsuit (here), the complaint alleges that notwithstanding the reassurances the company gave the markets during the class period, the defendants made false and misleading statements and/or failed to disclose that: “(1) TNT’s overall package volume growth was slowing as TNT’s large customers permanently took their business to competitors after the Cyberattack; (2) as a result of the customer attrition, TNT was experiencing an increased shift in product mix from higher-margin parcel services to lower-margin freight services; (3) the anticipated costs and timeframe to integrate and restore the TNT network were significantly larger and longer than disclosed; (4) FedEx was not on track to achieve TNT synergy targets; and (5) as a result of these undisclosed negative trends and cost issues, FedEx’s positive statements about TNT’s recovery from the Cyberattack, integration into FedEx’s legacy operations, customer mix, customer service levels, profitability, and prospects lacked a reasonable basis.”
The complaint names as defendants the company itself and certain of its directors and officers. The complaint purports to be filed on behalf of a class of investors who purchased the company’s common stock during the period September 19, 2017 to December 18, 2018. The complaint alleges that as a result of their alleged misrepresentations to the class, the defendants are liable to the class for damages under Sections 10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder.
Discussion
As I noted at the outset, there have not been as many cybersecurity securities lawsuits as some may have expected. I think the main reason for this is that as the financial markets have gotten used to the steady drumbeat of disclosures about data breaches and cyberattacks, the share prices of the companies involved typically do not react significantly to the news. Nevertheless there have been a few companies that have been hit with cybersecurity-related securities suit in recent years, and the complaint that was just filed against FedEx has a number of features in common with the complaint previously filed against other companies.
First, the FedEx complaint and many of the prior complaints involve a cybersecurity incident that took place at a newly acquired business or operation. The securities class action lawsuit filed last year against Marriott related to a data breach that occurred at the company’s recently acquired Starwood division. In addition, as discussed here, the securities class action lawsuit that was filed in 2017 against PayPal involved data security issues that arose at the company’s recently acquired bill-pay management company.
Second, among the important allegations in the FedEx complaint is that the company delayed fully informing investors of the extent that the malware attack caused its TNT operation. A delay in making disclosure was also an important element of the data breach-related securities class action lawsuit that was filed against Yahoo, a securities suit that ultimately settled for $80 million. (A related shareholder derivative suit was later settled for $29 million.) Although it should be noted that the allegation is not report the incident itself in a timely way; rather, the allegation in the FedEx lawsuit is that the disruption the malware attach caused was not fully disclosed in a timely way.
While the FedEx complaint has certain features in common with some of the previous cybersecurity-related securities suit, there are also some important differences. For example, the FedEx complaint does not involve data breach allegations. There is no suggestion that the cyber incident at the company’s TNT division resulted in the disclosure of sensitive or private information. Instead, the FedEx complaint relates to financial and operational harm that the malware attack caused.
The fact that the FedEx complaint arises out of a coordinated, global attack raises some interesting issues. As far as I know, FedEx is the first publicly traded company to get hit with a D&O lawsuit arising out of the NotPetya attack, but it was far from the only company affected. I understand that dozens of companies globally had their operations disrupted by the attack. Even though FedEx is the only one that has been sued (so far), it is not hard to imagine a similar set of circumstances that could in fact result in multiple lawsuits, even dozens of lawsuits.
It is a common (though poorly appreciated) observation that cyber insurance carries with it the imbedded risk of a massive aggregation problem. It doesn’t require much imagination to see how a coordinated global attack like NotPetya could simultaneously hit many companies in an insurer’s cyber insurance portfolio. However, it had never previously occurred to me that there is a cybersecurity aggregation risk imbedded in D&O insurance as well. A cyber attack that shut down New York or London or that affected companies even more broadly than the NotPetya attack could at least theoretically result in scores of claims and massive losses for insurers. To be sure, some might say that this observation is alarmist crazy talk, and they might be right. It is just that this possibility, no matter how theoretical, had never previously occurred to me.
Because the FedEx lawsuit arises out of the malware incident at the company’s TNT division, it could be said that this lawsuit represents yet another example of event-driven litigation. However, I am not quite sure that this case quite fits the event-driven litigation model. Yes, the supposed misrepresentations and omissions all relate back to the malware incident, but the alleged deception relates to the way the company soft-pedaled the news and allegedly failed to fully disclose the disruptive impact of the incident. The allegations of deceptive disclosure arguably make this lawsuit more like a more traditional securities class action lawsuit and less like the recently prevalent phenomenon of event-driven litigation.
In any event, the recently filed FedEx complaint does reconfirm that the possibility for companies to get hit with D&O lawsuits following a cybersecurity incident. This possibility exists not just for companies experiencing a data breach, but also for companies involved in privacy violations or that are hit by a malware attack. Even if we have not seen as many of these kinds of lawsuits as might have been expected, they seem likely to continue to be an important part of the corporate and securities litigation environment .
The post FedEx Hit with Cyber Attack-Related Securities Suit appeared first on The D&O Diary.
FedEx Hit with Cyber Attack-Related Securities Suit syndicated from https://ronenkurzfeldweb.wordpress.com/
0 notes
Text
Quarterly D&O Claims Trends: 2017 Wrap-Up
On Wednesday, January 24 Advisen will host a webinar that examines the D&O claims trends for the fourth quarter of 2017. Advisen’s Jim Blinn and a panel of experts will discuss the frequency and severity of securities suits in Q4 2017 and share their insights on emerging trends on securities litigation.
This is a free, one-hour webinar.
For more info and registration of this upcoming webinar, visit https://www.advisenltd.com/2018/01/24/quarterly-claims-trends-q4-2017/
Advisen Ltd. January 2018. Quarterly D&O Claims Trends: 2017 Wrap-Up [Webinar].
0 notes
Text
D&O Insurance Coverage and the Rise of Appraisal Litigation
As I have detailed on this blog (most recently here), due to two Delaware court decisions — the Delaware Supreme Court’s 2015 decision in Corwin v. KKR Financial Holdings LLC (here) and the Delaware Chancery Court’s January 2016 court decision in the In re Trulia Shareholder litigation (here)—deal litigation that in the past would have been filed in Delaware is now being filed elsewhere. But while the deal litigation in Delaware generally may be declining, in recent years there has been a significant uptick in Delaware appraisal litigation. As these cases have become more common in recent years, the question of whether or not D&O insurance covers the costs companies incur in defending appraisal actions has become increasingly common as well. Indeed, in the October 11, 2017 Advisen Quarterly D&O Claims Trends Webinar (refer here), the question of D&O insurance coverage for appraisal claim-related defense expenses was a key topic of conversation. In the following post, I review the issues involved in the question of whether or not a D&O insurance covers the costs defendants incur in defending appraisal claims.
At the outset, I would like to thank my fellow panelists in the recent Advisen webinar for the thoughts they offered on these topics during the webinar. I would particularly like to thank Jeroen van Kwawegen of the Bernstein Litowitz law firm firm, who provided the panel with links to many of the sources to which I have linked below.
Background
In an effort to protect minority shareholders who may feel they are being compelled to give up their shares without their consent, various states, including in particular, Delaware, have created a remedy for “dissenting shareholders,” allowing them to seek a judicial appraisal of the fair value of their shares. Under Delaware General Corporations Code Section 262, subject to certain conditions and qualifications, any shareholder voting against a merger on the grounds that the consideration is inadequate “shall be entitled to an appraisal by the Court of Chancery of the fair value of the stockholder’s shares of stock.”
Appraisal actions are, of course, not new. They have been around and have been filed for years. However, as detailed in a July 29, 2017 article by the Fried Frank law firm on the Harvard Law School Forum on Corporate Governance and Financial Regulation entitled “The Evolving World of Delaware Appraisal” (here), the number of Delaware appraisal action has increased significantly in recent years. According to the article, the number of transaction in which appraisals have been sought has increased from 20 in 2012 to 48 in 2016. Indeed, one recent article about appraisal litigation states that in recent years a “cottage industry of ‘appraisal arbitrage’” has developed, “in which hedge funds purchase shares in hoped of securing a higher price for those shares through appraisal.” (However, as discussed below, due to changes in the law and changes in the courts’ approach to these cases, the number of appraisal actions in has declined in 2017 YTD compared to the year before.)
The Insurance Coverage Issues
Along with the rise in the number of appraisal actions has come questions about the availability of insurance coverage for the costs companies incur in defending appraisal actions. These questions involve a number of recurring issues, including whether an appraisal proceeding involves an actual or alleged “Wrongful Act” and whether or not the appraisal action meets the definition of a “Securities Claim.”
In order for coverage to be triggered, most D&O insurance policies require that a claim has been made involving an actual or alleged wrongful act. As discussed in the August 17, 2017 article on the Harvard Law School Forum on Corporate Governance and Financial Regulation by Peter M. Gillon and Benjamin D. Tievsky of the Pillsbury law firm and entitled “Why Your D&O Policies Should Cover Delaware Appraisal Proceedings” (here), because one of the fundamental issues in the appraisal proceeding is the per-share acquisition price, “many in the D&O insurance ‘community’ have viewed appraisal proceedings incorrectly as a simple exercise in economics, not an allegation of Wrongful Acts.” (Please note that I discussed a prior version of the Pillsbury attorneys’ article in a prior post, here.)
The question of whether or not the allegations in an appraisal action meet the policy definition of the term “Wrongful Act” will depend on the actual wording used. As the Pillsbury law firm memo points out, most policy definitions of the term are quite broad and are extensive enough to reach any corporate act or omission; the authors note that “while the burden of proof in establishing liability under Section 262 is relatively low, so is the standard for meeting the typical D&O policy’s requirement of an alleged “Wrongful Act.” Indeed as recently came up in the coverage action in which CEC Entertainment is seeking insurance coverage for the defense fees in the appraisal action (refer here), some policy definitions of the term “Wrongful Act” refer to an “act,” without a requirement that the act be negligent or deficient.
Not only that, but as Jeroen van Kwawegen pointed out in the recent Advisen webinar, Delaware court increasingly are requiring in order for appraisal actions to go forward that there be some allegation that there was something wrong with the process that resulted in the agreed-upon per share transaction price. As a result of these requirements of the Delaware courts, it is increasingly likely that the appraisal action itself will involve express allegations of misconduct, which in turn should make it increasingly likely that the allegations in the proceeding meet the requirements of the relevant wording of the policy’s definition of “Wrongful Act.”
Other recent developments in Delaware appraisal litigation increase the likelihood going forward that an appraisal complaint will involve express allegations that would satisfy the “Wrongful Act” requirement. As discussed in an article by lawyers from the Fried Frank law firm on the Harvard Law School Forum on Corporate Governance and Financial Regulation earlier this year, Delaware’s courts increasingly are relying on the merger price itself to determine the fair value of the dissenting shares, while awarding an appraisal premium over the merger price only in the case of “interested transactions” (that is, “those involving a controlling shareholder, parent-subsidiary, management buy-out or other element of self-interest”). These developments suggest that if the deal is not an “interested transaction,” dissenting shareholders are less likely to bring an appraisal action, making it likelier that the appraisal action that are brought will involve actual or alleged self-interest, which in turn makes it more likely that the appraisal complaint will contain allegations sufficient to satisfy the “Wrongful Act” requirement. (These developments in the Delaware courts’ approach may be part of the explanation for the decline in the number of appraisal actions in 2017 YTD, discussed below.)
As the Pillsbury law firm memo also points out, the appraisal claimants may couple their appraisal claim with a breach of fiduciary duty claim, in line with the mandate under Section 262, which charges the Chancery Court to consider “all relevant factors” in reviewing the sales process and in determining the true pre-merger value of the company.
Another question that recurs in disputes involving questions of coverage for the costs companies incur in defending appraisal actions. Typically, appraisal actions will name as defendants just the corporate entity itself. A public company D&O insurance policy provides coverage for the corporate entity (under the policy’s Side C coverage) only for a “Securities Claim” as that term is defined in the policy. The question of whether or not an appraisal action meeting the policy’s definition of the term “Securities Claim” thus is critical in the determination of whether or not the policy provides coverage for the costs a company incurs in defending an appraisal action.
Those of us who are active in this area know that there is policy definitions of the term “Securities Claim” vary widely, and the question of whether or not an appraisal action meets the definition of the term is going to depend on the specific wording of the relevant policy definition.
There are at least three different important ways that the definition of the term “Securities Claim” vary: (1) according to the whether and how the substantive law is referenced; (2) according to the identity of the claimant involved; and (3) according to the specific securities involved.
Items 2 and 3, though they can be the source of a significant disagreement, are less likely to be troublesome in an appraisal dispute. The issue referenced in Item 2 is the requirement that the claimant be a securityholder of the company. Since only a stockholder of the company can bring an appraisal action, this issue likely will not be a source of dispute in determining whether or not an appraisal action meets the definition of the term Securities Claim. Similarly, Item 3, referencing the securities involved, is unlikely to be an issue here, either; this item becomes relevant if the definition requires that the dispute involve the securities “of the Organization” or “of the Company” in order to constitute a Securities Claim. Again, because an appraisal action is only in play if the shareholder owns shares of the company involved, this item is unlikely to be relevant to the question of whether or not an appraisal action is a “Securities Claim.”
However the question of whether or to what extent the definition references substantive law could well be relevant. Here it is important to keep in mind two basic but fundamentally different ways that public company policies define the term “Securities Claim.” Under one of these two approaches, the definition restricts the definition of the term to claims involving allegations of the securities laws; under the alternative approach, the policies define the term by reference to who is bringing the claim — that is, generally limiting the term to claims brought by shareholder or securityholders of the company. This latter approach does not require a claim to specifically allege a violation of the securities laws in order for a claim to be a Securities Claim.
Even with respect to the policies whose definitions of the term Securities Claim expressly require an actual or alleged violation of the securities laws, it could be argued that the description of the securities laws in the typical definition is sufficiently broad that it could encompass an appraisal action. In that regard, the Pillsbury law firm memo references a recent Delaware Superior Court decision in which the court applied a broad view of the term “Securities Claim,” to extent to “allegations related to issues inherent in laws regulating securities transactions.” The decision to which the law firm memo is referring is the March 2017 ruling by Judge William Carpenter in a claim arising out of Verizon’s spinout of its electronic directories business, which I discuss at length here. To be sure, the Verizon dispute did not involve an appraisal action, but the ruling did involve a broad interpretation of the use of the term “rule” in the relevant policy’s definition of “Securities Claim.”
The Pillsbury law firm memo makes one more point in favor of coverage, based on the bump-up exclusion found in many insurance policies. These exclusions typically preclude coverage for an agreement or obligation to increase the consideration to be paid in a merger or acquisition transaction; the exclusion bars coverage for the amount of the increase (the so-called “bump up”), but often these exclusions also carve-out defense expenses from the exclusions’ preclusive effect. The law firm memo’s authors argue that the carve-out “indicates that insurers intend to cover defense costs for exactly those kinds of claims – claims that appear in appraisal actions.” So the bump up-exclusion and the exclusion’s carve back for defense expenses “appear to provide strong support for coverage of defendants’ appraisal action defense costs under standard D&O policies.”
As I suggested above, there is an important note about appraisal action filings trends. While it is true that during the period 2012 to 2016 the number of appraisal actions increased, the evidence now suggests that more recently the number of appraisal actions may actually be going down.
Last summer the Delaware legislature amended Section 262 in order to eliminate de minimus appraisal actions and to try to reduce interest rate appraisal arbitrate. A September 8, 2017 post on the Harvard Law School Forum on Corporate Governance and Financial Regulation (here) suggests that the number of appraisal actions in the first half of 2017 actually declined by one-third compared to the same period in 2016. The developments in the Delaware courts’ approach to appraisal cases – in which the courts are prepared to accept the actual deal price as representing “fair value” if the deal does not involve an interested transaction – may also explain the decline in the number of appraisal actions so far this year. If these declining filing trends continue, the urgency of these questions about coverage for appraisal actions could decline as well.
The post D&O Insurance Coverage and the Rise of Appraisal Litigation appeared first on The D&O Diary.
D&O Insurance Coverage and the Rise of Appraisal Litigation published first on http://ift.tt/2kTPCwo
0 notes
Text
D&O Insurance Coverage and the Rise of Appraisal Litigation
As I have detailed on this blog (most recently here), due to two Delaware court decisions — the Delaware Supreme Court’s 2015 decision in Corwin v. KKR Financial Holdings LLC (here) and the Delaware Chancery Court’s January 2016 court decision in the In re Trulia Shareholder litigation (here)—deal litigation that in the past would have been filed in Delaware is now being filed elsewhere. But while the deal litigation in Delaware generally may be declining, in recent years there has been a significant uptick in Delaware appraisal litigation. As these cases have become more common in recent years, the question of whether or not D&O insurance covers the costs companies incur in defending appraisal actions has become increasingly common as well. Indeed, in the October 11, 2017 Advisen Quarterly D&O Claims Trends Webinar (refer here), the question of D&O insurance coverage for appraisal claim-related defense expenses was a key topic of conversation. In the following post, I review the issues involved in the question of whether or not a D&O insurance covers the costs defendants incur in defending appraisal claims.
At the outset, I would like to thank my fellow panelists in the recent Advisen webinar for the thoughts they offered on these topics during the webinar. I would particularly like to thank Jeroen van Kwawegen of the Bernstein Litowitz law firm firm, who provided the panel with links to many of the sources to which I have linked below.
Background
In an effort to protect minority shareholders who may feel they are being compelled to give up their shares without their consent, various states, including in particular, Delaware, have created a remedy for “dissenting shareholders,” allowing them to seek a judicial appraisal of the fair value of their shares. Under Delaware General Corporations Code Section 262, subject to certain conditions and qualifications, any shareholder voting against a merger on the grounds that the consideration is inadequate “shall be entitled to an appraisal by the Court of Chancery of the fair value of the stockholder’s shares of stock.”
Appraisal actions are, of course, not new. They have been around and have been filed for years. However, as detailed in a July 29, 2017 article by the Fried Frank law firm on the Harvard Law School Forum on Corporate Governance and Financial Regulation entitled “The Evolving World of Delaware Appraisal” (here), the number of Delaware appraisal action has increased significantly in recent years. According to the article, the number of transaction in which appraisals have been sought has increased from 20 in 2012 to 48 in 2016. Indeed, one recent article about appraisal litigation states that in recent years a “cottage industry of ‘appraisal arbitrage’” has developed, “in which hedge funds purchase shares in hoped of securing a higher price for those shares through appraisal.” (However, as discussed below, due to changes in the law and changes in the courts’ approach to these cases, the number of appraisal actions in has declined in 2017 YTD compared to the year before.)
The Insurance Coverage Issues
Along with the rise in the number of appraisal actions has come questions about the availability of insurance coverage for the costs companies incur in defending appraisal actions. These questions involve a number of recurring issues, including whether an appraisal proceeding involves an actual or alleged “Wrongful Act” and whether or not the appraisal action meets the definition of a “Securities Claim.”
In order for coverage to be triggered, most D&O insurance policies require that a claim has been made involving an actual or alleged wrongful act. As discussed in the August 17, 2017 article on the Harvard Law School Forum on Corporate Governance and Financial Regulation by Peter M. Gillon and Benjamin D. Tievsky of the Pillsbury law firm and entitled “Why Your D&O Policies Should Cover Delaware Appraisal Proceedings” (here), because one of the fundamental issues in the appraisal proceeding is the per-share acquisition price, “many in the D&O insurance ‘community’ have viewed appraisal proceedings incorrectly as a simple exercise in economics, not an allegation of Wrongful Acts.” (Please note that I discussed a prior version of the Pillsbury attorneys’ article in a prior post, here.)
The question of whether or not the allegations in an appraisal action meet the policy definition of the term “Wrongful Act” will depend on the actual wording used. As the Pillsbury law firm memo points out, most policy definitions of the term are quite broad and are extensive enough to reach any corporate act or omission; the authors note that “while the burden of proof in establishing liability under Section 262 is relatively low, so is the standard for meeting the typical D&O policy’s requirement of an alleged “Wrongful Act.” Indeed as recently came up in the coverage action in which CEC Entertainment is seeking insurance coverage for the defense fees in the appraisal action (refer here), some policy definitions of the term “Wrongful Act” refer to an “act,” without a requirement that the act be negligent or deficient.
Not only that, but as Jaroen van Kwakenen pointed out in the recent Advisen webinar, Delaware court increasingly are requiring in order for appraisal actions to go forward that there be some allegation that there was something wrong with the process that resulted in the agreed-upon per share transaction price. As a result of these requirements of the Delaware courts, it is increasingly likely that the appraisal action itself will involve express allegations of misconduct, which in turn should make it increasingly likely that the allegations in the proceeding meet the requirements of the relevant wording of the policy’s definition of “Wrongful Act.”
Other recent developments in Delaware appraisal litigation increase the likelihood going forward that an appraisal complaint will involve express allegations that would satisfy the “Wrongful Act” requirement. As discussed in an article by lawyers from the Fried Frank law firm on the Harvard Law School Forum on Corporate Governance and Financial Regulation earlier this year, Delaware’s courts increasingly are relying on the merger price itself to determine the fair value of the dissenting shares, while awarding an appraisal premium over the merger price only in the case of “interested transactions” (that is, “those involving a controlling shareholder, parent-subsidiary, management buy-out or other element of self-interest”). These developments suggest that if the deal is not an “interested transaction,” dissenting shareholders are less likely to bring an appraisal action, making it likelier that the appraisal action that are brought will involve actual or alleged self-interest, which in turn makes it more likely that the appraisal complaint will contain allegations sufficient to satisfy the “Wrongful Act” requirement. (These developments in the Delaware courts’ approach may be part of the explanation for the decline in the number of appraisal actions in 2017 YTD, discussed below.)
As the Pillsbury law firm memo also points out, the appraisal claimants may couple their appraisal claim with a breach of fiduciary duty claim, in line with the mandate under Section 262, which charges the Chancery Court to consider “all relevant factors” in reviewing the sales process and in determining the true pre-merger value of the company.
Another question that recurs in disputes involving questions of coverage for the costs companies incur in defending appraisal actions. Typically, appraisal actions will name as defendants just the corporate entity itself. A public company D&O insurance policy provides coverage for the corporate entity (under the policy’s Side C coverage) only for a “Securities Claim” as that term is defined in the policy. The question of whether or not an appraisal action meeting the policy’s definition of the term “Securities Claim” thus is critical in the determination of whether or not the policy provides coverage for the costs a company incurs in defending an appraisal action.
Those of us who are active in this area know that there is policy definitions of the term “Securities Claim” vary widely, and the question of whether or not an appraisal action meets the definition of the term is going to depend on the specific wording of the relevant policy definition.
There are at least three different important ways that the definition of the term “Securities Claim” vary: (1) according to the whether and how the substantive law is referenced; (2) according to the identity of the claimant involved; and (3) according to the specific securities involved.
Items 2 and 3, though they can be the source of a significant disagreement, are less likely to be troublesome in an appraisal dispute. The issue referenced in Item 2 is the requirement that the claimant be a securityholder of the company. Since only a stockholder of the company can bring an appraisal action, this issue likely will not be a source of dispute in determining whether or not an appraisal action meets the definition of the term Securities Claim. Similarly, Item 3, referencing the securities involved, is unlikely to be an issue here, either; this item becomes relevant if the definition requires that the dispute involve the securities “of the Organization” or “of the Company” in order to constitute a Securities Claim. Again, because an appraisal action is only in play if the shareholder owns shares of the company involved, this item is unlikely to be relevant to the question of whether or not an appraisal action is a “Securities Claim.”
However the question of whether or to what extent the definition references substantive law could well be relevant. Here it is important to keep in mind two basic but fundamentally different ways that public company policies define the term “Securities Claim.” Under one of these two approaches, the definition restricts the definition of the term to claims involving allegations of the securities laws; under the alternative approach, the policies define the term by reference to who is bringing the claim — that is, generally limiting the term to claims brought by shareholder or securityholders of the company. This latter approach does not require a claim to specifically allege a violation of the securities laws in order for a claim to be a Securities Claim.
Even with respect to the policies whose definitions of the term Securities Claim expressly require an actual or alleged violation of the securities laws, it could be argued that the description of the securities laws in the typical definition is sufficiently broad that it could encompass an appraisal action. In that regard, the Pillsbury law firm memo references a recent Delaware Superior Court decision in which the court applied a broad view of the term “Securities Claim,” to extent to “allegations related to issues inherent in laws regulating securities transactions.” The decision to which the law firm memo is referring is the March 2017 ruling by Judge William Carpenter in a claim arising out of Verizon’s spinout of its electronic directories business, which I discuss at length here. To be sure, the Verizon dispute did not involve an appraisal action, but the ruling did involve a broad interpretation of the use of the term “rule” in the relevant policy’s definition of “Securities Claim.”
The Pillsbury law firm memo makes one more point in favor of coverage, based on the bump-up exclusion found in many insurance policies. These exclusions typically preclude coverage for an agreement or obligation to increase the consideration to be paid in a merger or acquisition transaction; the exclusion bars coverage for the amount of the increase (the so-called “bump up”), but often these exclusions also carve-out defense expenses from the exclusions’ preclusive effect. The law firm memo’s authors argue that the carve-out “indicates that insurers intend to cover defense costs for exactly those kinds of claims – claims that appear in appraisal actions.” So the bump up-exclusion and the exclusion’s carve back for defense expenses “appear to provide strong support for coverage of defendants’ appraisal action defense costs under standard D&O policies.”
As I suggested above, there is an important note about appraisal action filings trends. While it is true that during the period 2012 to 2016 the number of appraisal actions increased, the evidence now suggests that more recently the number of appraisal actions may actually be going down.
Last summer the Delaware legislature amended Section 262 in order to eliminate de minimus appraisal actions and to try to reduce interest rate appraisal arbitrate. A September 8, 2017 post on the Harvard Law School Forum on Corporate Governance and Financial Regulation (here) suggests that the number of appraisal actions in the first half of 2017 actually declined by one-third compared to the same period in 2016. The developments in the Delaware courts’ approach to appraisal cases – in which the courts are prepared to accept the actual deal price as representing “fair value” if the deal does not involve an interested transaction – may also explain the decline in the number of appraisal actions so far this year. If these declining filing trends continue, the urgency of these questions about coverage for appraisal actions could decline as well.
The post D&O Insurance Coverage and the Rise of Appraisal Litigation appeared first on The D&O Diary.
D&O Insurance Coverage and the Rise of Appraisal Litigation syndicated from http://ift.tt/2qyreAv
0 notes
Text
D&O Insurance Coverage and the Rise of Appraisal Litigation
As I have detailed on this blog (most recently here), due to two Delaware court decisions — the Delaware Supreme Court’s 2015 decision in Corwin v. KKR Financial Holdings LLC (here) and the Delaware Chancery Court’s January 2016 court decision in the In re Trulia Shareholder litigation (here)—deal litigation that in the past would have been filed in Delaware is now being filed elsewhere. But while the deal litigation in Delaware generally may be declining, in recent years there has been a significant uptick in Delaware appraisal litigation. As these cases have become more common in recent years, the question of whether or not D&O insurance covers the costs companies incur in defending appraisal actions has become increasingly common as well. Indeed, in the October 11, 2017 Advisen Quarterly D&O Claims Trends Webinar (refer here), the question of D&O insurance coverage for appraisal claim-related defense expenses was a key topic of conversation. In the following post, I review the issues involved in the question of whether or not a D&O insurance covers the costs defendants incur in defending appraisal claims.
At the outset, I would like to thank my fellow panelists in the recent Advisen webinar for the thoughts they offered on these topics during the webinar. I would particularly like to thank Jeroen van Kwawegen of the Bernstein Litowitz law firm firm, who provided the panel with links to many of the sources to which I have linked below.
Background
In an effort to protect minority shareholders who may feel they are being compelled to give up their shares without their consent, various states, including in particular, Delaware, have created a remedy for “dissenting shareholders,” allowing them to seek a judicial appraisal of the fair value of their shares. Under Delaware General Corporations Code Section 262, subject to certain conditions and qualifications, any shareholder voting against a merger on the grounds that the consideration is inadequate “shall be entitled to an appraisal by the Court of Chancery of the fair value of the stockholder’s shares of stock.”
Appraisal actions are, of course, not new. They have been around and have been filed for years. However, as detailed in a July 29, 2017 article by the Fried Frank law firm on the Harvard Law School Forum on Corporate Governance and Financial Regulation entitled “The Evolving World of Delaware Appraisal” (here), the number of Delaware appraisal action has increased significantly in recent years. According to the article, the number of transaction in which appraisals have been sought has increased from 20 in 2012 to 48 in 2016. Indeed, one recent article about appraisal litigation states that in recent years a “cottage industry of ‘appraisal arbitrage’” has developed, “in which hedge funds purchase shares in hoped of securing a higher price for those shares through appraisal.” (However, as discussed below, due to changes in the law and changes in the courts’ approach to these cases, the number of appraisal actions in has declined in 2017 YTD compared to the year before.)
The Insurance Coverage Issues
Along with the rise in the number of appraisal actions has come questions about the availability of insurance coverage for the costs companies incur in defending appraisal actions. These questions involve a number of recurring issues, including whether an appraisal proceeding involves an actual or alleged “Wrongful Act” and whether or not the appraisal action meets the definition of a “Securities Claim.”
In order for coverage to be triggered, most D&O insurance policies require that a claim has been made involving an actual or alleged wrongful act. As discussed in the August 17, 2017 article on the Harvard Law School Forum on Corporate Governance and Financial Regulation by Peter M. Gillon and Benjamin D. Tievsky of the Pillsbury law firm and entitled “Why Your D&O Policies Should Cover Delaware Appraisal Proceedings” (here), because one of the fundamental issues in the appraisal proceeding is the per-share acquisition price, “many in the D&O insurance ‘community’ have viewed appraisal proceedings incorrectly as a simple exercise in economics, not an allegation of Wrongful Acts.” (Please note that I discussed a prior version of the Pillsbury attorneys’ article in a prior post, here.)
The question of whether or not the allegations in an appraisal action meet the policy definition of the term “Wrongful Act” will depend on the actual wording used. As the Pillsbury law firm memo points out, most policy definitions of the term are quite broad and are extensive enough to reach any corporate act or omission; the authors note that “while the burden of proof in establishing liability under Section 262 is relatively low, so is the standard for meeting the typical D&O policy’s requirement of an alleged “Wrongful Act.” Indeed as recently came up in the coverage action in which CEC Entertainment is seeking insurance coverage for the defense fees in the appraisal action (refer here), some policy definitions of the term “Wrongful Act” refer to an “act,” without a requirement that the act be negligent or deficient.
Not only that, but as Jaroen van Kwakenen pointed out in the recent Advisen webinar, Delaware court increasingly are requiring in order for appraisal actions to go forward that there be some allegation that there was something wrong with the process that resulted in the agreed-upon per share transaction price. As a result of these requirements of the Delaware courts, it is increasingly likely that the appraisal action itself will involve express allegations of misconduct, which in turn should make it increasingly likely that the allegations in the proceeding meet the requirements of the relevant wording of the policy’s definition of “Wrongful Act.”
Other recent developments in Delaware appraisal litigation increase the likelihood going forward that an appraisal complaint will involve express allegations that would satisfy the “Wrongful Act” requirement. As discussed in an article by lawyers from the Fried Frank law firm on the Harvard Law School Forum on Corporate Governance and Financial Regulation earlier this year, Delaware’s courts increasingly are relying on the merger price itself to determine the fair value of the dissenting shares, while awarding an appraisal premium over the merger price only in the case of “interested transactions” (that is, “those involving a controlling shareholder, parent-subsidiary, management buy-out or other element of self-interest”). These developments suggest that if the deal is not an “interested transaction,” dissenting shareholders are less likely to bring an appraisal action, making it likelier that the appraisal action that are brought will involve actual or alleged self-interest, which in turn makes it more likely that the appraisal complaint will contain allegations sufficient to satisfy the “Wrongful Act” requirement. (These developments in the Delaware courts’ approach may be part of the explanation for the decline in the number of appraisal actions in 2017 YTD, discussed below.)
As the Pillsbury law firm memo also points out, the appraisal claimants may couple their appraisal claim with a breach of fiduciary duty claim, in line with the mandate under Section 262, which charges the Chancery Court to consider “all relevant factors” in reviewing the sales process and in determining the true pre-merger value of the company.
Another question that recurs in disputes involving questions of coverage for the costs companies incur in defending appraisal actions. Typically, appraisal actions will name as defendants just the corporate entity itself. A public company D&O insurance policy provides coverage for the corporate entity (under the policy’s Side C coverage) only for a “Securities Claim” as that term is defined in the policy. The question of whether or not an appraisal action meeting the policy’s definition of the term “Securities Claim” thus is critical in the determination of whether or not the policy provides coverage for the costs a company incurs in defending an appraisal action.
Those of us who are active in this area know that there is policy definitions of the term “Securities Claim” vary widely, and the question of whether or not an appraisal action meets the definition of the term is going to depend on the specific wording of the relevant policy definition.
There are at least three different important ways that the definition of the term “Securities Claim” vary: (1) according to the whether and how the substantive law is referenced; (2) according to the identity of the claimant involved; and (3) according to the specific securities involved.
Items 2 and 3, though they can be the source of a significant disagreement, are less likely to be troublesome in an appraisal dispute. The issue referenced in Item 2 is the requirement that the claimant be a securityholder of the company. Since only a stockholder of the company can bring an appraisal action, this issue likely will not be a source of dispute in determining whether or not an appraisal action meets the definition of the term Securities Claim. Similarly, Item 3, referencing the securities involved, is unlikely to be an issue here, either; this item becomes relevant if the definition requires that the dispute involve the securities “of the Organization” or “of the Company” in order to constitute a Securities Claim. Again, because an appraisal action is only in play if the shareholder owns shares of the company involved, this item is unlikely to be relevant to the question of whether or not an appraisal action is a “Securities Claim.”
However the question of whether or to what extent the definition references substantive law could well be relevant. Here it is important to keep in mind two basic but fundamentally different ways that public company policies define the term “Securities Claim.” Under one of these two approaches, the definition restricts the definition of the term to claims involving allegations of the securities laws; under the alternative approach, the policies define the term by reference to who is bringing the claim — that is, generally limiting the term to claims brought by shareholder or securityholders of the company. This latter approach does not require a claim to specifically allege a violation of the securities laws in order for a claim to be a Securities Claim.
Even with respect to the policies whose definitions of the term Securities Claim expressly require an actual or alleged violation of the securities laws, it could be argued that the description of the securities laws in the typical definition is sufficiently broad that it could encompass an appraisal action. In that regard, the Pillsbury law firm memo references a recent Delaware Superior Court decision in which the court applied a broad view of the term “Securities Claim,” to extent to “allegations related to issues inherent in laws regulating securities transactions.” The decision to which the law firm memo is referring is the March 2017 ruling by Judge William Carpenter in a claim arising out of Verizon’s spinout of its electronic directories business, which I discuss at length here. To be sure, the Verizon dispute did not involve an appraisal action, but the ruling did involve a broad interpretation of the use of the term “rule” in the relevant policy’s definition of “Securities Claim.”
The Pillsbury law firm memo makes one more point in favor of coverage, based on the bump-up exclusion found in many insurance policies. These exclusions typically preclude coverage for an agreement or obligation to increase the consideration to be paid in a merger or acquisition transaction; the exclusion bars coverage for the amount of the increase (the so-called “bump up”), but often these exclusions also carve-out defense expenses from the exclusions’ preclusive effect. The law firm memo’s authors argue that the carve-out “indicates that insurers intend to cover defense costs for exactly those kinds of claims – claims that appear in appraisal actions.” So the bump up-exclusion and the exclusion’s carve back for defense expenses “appear to provide strong support for coverage of defendants’ appraisal action defense costs under standard D&O policies.”
As I suggested above, there is an important note about appraisal action filings trends. While it is true that during the period 2012 to 2016 the number of appraisal actions increased, the evidence now suggests that more recently the number of appraisal actions may actually be going down.
Last summer the Delaware legislature amended Section 262 in order to eliminate de minimus appraisal actions and to try to reduce interest rate appraisal arbitrate. A September 8, 2017 post on the Harvard Law School Forum on Corporate Governance and Financial Regulation (here) suggests that the number of appraisal actions in the first half of 2017 actually declined by one-third compared to the same period in 2016. The developments in the Delaware courts’ approach to appraisal cases – in which the courts are prepared to accept the actual deal price as representing “fair value” if the deal does not involve an interested transaction – may also explain the decline in the number of appraisal actions so far this year. If these declining filing trends continue, the urgency of these questions about coverage for appraisal actions could decline as well.
The post D&O Insurance Coverage and the Rise of Appraisal Litigation appeared first on The D&O Diary.
D&O Insurance Coverage and the Rise of Appraisal Litigation published first on
0 notes
Last Seen Blogs
nona-la-nona
wizard PRESIDENT?
shelbycobra-tpwk
ShelbyCobra
shelbyohwx
Untitled
berisiqbal
berisiqbal
