In June 2019, the Delaware Supreme Court issued a decision reaffirming director liability where there is no board-level reporting process for essential compliance matters. The facts of the case arise from a 2015 listeria outbreak at Blue Bell manufacturing which resulted in the death of three people. The outbreak followed years of food safety problems and alleged compliance deficiencies at Blue Bell, including limited-to-no board involvement in food safety matters.

Blue Bell is an ice cream manufacturer which distributes in the southern and southwestern parts of the United States. The listeria outbreak spread throughout Blue Bell’s products, resulting in a recall of all the company's products, the closure of all Blue Bell manufacturing plants, and the laying off of a significant amount of Blue Bell’s workforce. Needing cash, Blue Bell looked to raise money and suffered a down-round of fundraising, diluting the then-current shareholders.

An aggrieved shareholder brought a derivative suit against two Blue Bell executives, the CEO and the Vice President of Operations. The allegations against the executives included breach of fiduciary duties, knowing disregard of Blue Bell’s contamination risks, and failure to oversee the company's food safety operations.

Directors and officers of corporations are generally immune from liability. However, under Delaware law, and in most states, directors cannot be absent from the fundamental matters of the corporation. Such absence or disregard for fundamental duties creates a risk of significant liability. Or, as the Delaware Supreme Court put it, an “‘utter failure to attempt to assure a reasonable information and reporting systems exists’ is an act of bad faith of the duty of loyalty.” In re Caremark. To show a director has failed their duty of oversight, a plaintiff must plead the directors “(1) completely fail[ed] to implement any reporting or information system or controls, or (2) having implemented such a system or controls, consciously fail[ed] to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.” Marchand v. Barnhill.

To meet this standard, plaintiffs alleged (1) Blue Bell’s board failed to create a food safety committee; (2) there was no process for management to report to the board on food safety matters; (3) food safety was not a regular discussion or topic at board meetings; (4) board meeting minutes fail to show that identified food safety issues were raised with the board; and (5) the board received only positive information regarding Blue Bell’s food safety. Despite evidence that Blue Bell maintained safety procedures, employee safety manuals, and cooperated with occasional audits and inspections by governmental inspectors, the court held that the plaintiffs pled sufficient facts to support a claim that Blue Bell directors “made no effort to put in place a board-level compliance system.” Marchand v. Barnhill.

Here are three key points that an organization’s board of directors and executive officers should take from Marchand v. Barnhill.

  1. Determine what your organization’s fundamental compliance risks are.

The Marchand decision leaves uncertainty for boards in health care and other heavily regulated industries. Unlike Blue Bell, which had one business line – manufacturing ice cream – many businesses are regulated under a number of different regulatory frameworks. For example, a health care business may be regulated under a number of frameworks, such as federal and state data privacy regulations, patient safety regulations, and licensing regulations, and by multiple federal and state agencies. Determining which compliance matters are essential or fundamental to an organization is not always clear.

To figure out an organization’s fundamental risks, boards need to focus on the organization’s existential business compliance risks and seek out internal and external expert advice. Experts should be qualified to analyze specific industry compliance matters as related to the organization’s risk profile. The board’s engagement with these experts should be documented in the meeting minutes, which is essential - as Delaware and other states have laws protecting boards that rely, in good faith, on a company’s internal records and the advice of experts, including employees and internal and external advisors.

2. Due diligence in highly regulated industries must include a substantive review of the target’s board minutes.

Board minutes are not only an important aspect of corporate diligence, but under Marchand, board minutes are an essential component of compliance diligence. With mergers and acquisition activity in heavily regulated industries like health care continuing to increase, board minutes are an essential component of diligence. Prior to closing, all buyers need to gain a fundamental understanding of how a target analyzes, reports to the board, and deals with compliance-related matters. In insured deals, representation and warranty insurers will continue to demand and expect that buyers have sufficiently reviewed and diligenced board meeting minutes, not only for corporate-related diligence issues, but for compliance related matters as well.

3. It is not enough to only have a compliance plan.

Having a day-to-day operational compliance program is not enough to satisfy an organization's corporate diligence obligations. Blue Bell had a compliance program which flagged food safety issues, including leaking pipes, reports of listeria, standing water, and concerns raised by Food and Drug Administration officials and state regulators.

These issues were reported to management, but management never reported these issues to the board. Management only informed the board of food safety issues once Blue Bell issued its first recalls of contaminated product. Blue Bell’s board minutes reflected that there was no in-depth discussion by the board about food safety issues, and upon learning about the recalls, the board ultimately issued a resolution expressing their support of the management team.

In heavily regulated industries, like health care, food manufacturing, and medical device and drug manufacturing, key compliance issues must be reported and discussed at the board level. These discussions, including key details, should be memorialized in the meeting minutes and not merely referenced in a vague sentence or two in the minutes. Boards that take steps to become and stay informed of compliance risks and then apply what they have learned to problems that arise will protect the organization, themselves, and the organization’s employees and customers.