A Delaware court recently allowed a stockholder's derivative complaint to proceed where the board of directors allegedly breached their duty of loyalty by knowingly allowing the company to violate a federal regulation. In upholding the complaint, the court examined the company's prior SEC disclosures describing its business practices to conclude they violated the "plain language" of the regulation. More importantly, the court inferred that the directors knew of the noncompliance, despite the absence of any "red flags" to put the board on notice, because "the Regulation itself is so clear on its face." The court acknowledged the unusual factual allegations in the complaint, but the ruling nevertheless illustrates one of many potential pitfalls arising from compliance failures, especially in regulated industries.

Background

Kandell v. Niv involved a derivative lawsuit brought by a stockholder of FXCM, Inc. (the "Company"), a foreign exchange broker that executed customer trades primarily for retail customers.1 In placing customer trades, the Company's policy was to limit the customers' risk to the amount of their original investment. According to the plaintiff, the Company's stated policy was "generally not to pursue claims for negative equity against our customers." When a customer's investment appeared likely to go into a negative balance, the Company would try to close out the open position. But, according to the court, if "[the Company was] unable to close out a customer account before its losses exceed the amount the customer invested, [the Company], and not the customer, takes the loss."

The Company was regulated by the Commodity Futures Trading Commission (the "CFTC"). The stockholder-plaintiff alleged that the Company's policy of limiting its customers' exposure violated 17 C.F.R. 5.16 ("Regulation 5.16"), enacted under the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010. Regulation 5.16 states that "[n]o retail foreign exchange dealer, futures commission merchant or introducing broker may in any way represent that it will, with respect to any retail foreign exchange transaction in any account carried... on behalf of any person... limit the loss of such person."

Prior to the litigation, a "flash crash" occurred that prevented the Company from closing out many of its trades, thus leading to significant losses. Also, while the stockholder lawsuit was pending, the CFTC brought an enforcement action against the Company alleging violations of Regulation 5.16. The Company later entered into a consent order in which it paid a $650,000 fine without admitting or denying the allegations.

The Court's Opinion

The issue before the court was whether it would have been futile for the stockholder to make a derivative demand on the board. Demand is futile if a board cannot exercise an independent business judgment in considering whether to bring the claims.

The plaintiff alleged that the directors could not exercise independent business judgment because they faced a substantial likelihood of personal liability by knowingly allowing the Company to violate Regulation 5.16 in breach of their fiduciary duty of loyalty. The defendants argued that the plaintiff's interpretation of Regulation 5.16 was not the only possible interpretation; that the CFTC had not accused the Company of violating Regulation 5.16 during the relevant time period; and that there were no "red flags" to put the directors on notice.

In ruling for the plaintiff, the court held that the stockholder had adequately pled that the Company violated Regulation 5.16. The court looked at the "plain language" of Regulation 5.16 and then compared it to the Company's prior public disclosures about its business practices to conclude that the Company had violated the regulation. The court then found it reasonable to infer that the directors were aware of the violation since they surely were familiar with the business practices described in the Company's disclosures. "[T]he Regulation itself is so clear on its face," the court said, "that, drawing the appropriate plaintiff-friendly inferences, I find it reasonably likely that the directors knowingly condoned illegal behavior." The court also rejected defendants' argument that regulators had not previously alleged a violation that would have put the board on notice. The court said this did not necessarily mean the directors thought the Company was in compliance.

The court concluded that, because "a fiduciary of a Delaware corporation cannot be loyal [to the company] by knowingly causing it to seek profits by violating the law," the directors faced personal liability sufficient to excuse the derivative demand and allow the stockholder lawsuit to proceed.

Conclusion

The court noted that this case presented "a highly unusual set of acts" and that "a more complex and nuanced law" or a "more ambiguous Company policy" might have led to a different result. In addition, one might have thought that the Company's public disclosures about its business practices would be evidence that neither the Company nor the directors were aware of the regulatory violation, since few businesses would flaunt such behavior.

It is important to recognize that the plaintiff alleged the directors knew of, and thus condoned, an ongoing violation of law. The plaintiff's theory was not based on allegations that the board was negligent. Rather, Delaware courts have indicated that knowingly allowing a corporation to violate positive law is a breach of the duty of loyalty, which gives rise to personal liability.

The Kandell case thus illustrates one of many potential pitfalls for compliance failures in which a court may second-guess a board's understanding of the corporation's regulatory environment. Directors-- particularly those serving companies in heavily regulated industries--should be diligent in trying to understand the regulatory environment, even though they are not expected to be experts in the law. To protect themselves and the corporation, directors should consider the following suggestions:

  • Understand the material regulations applicable to the company's business
  • Set a tone at the top for legal compliance
  • Make sure the company has a proper compliance program, including devotion of appropriate resources and having experienced compliance personnel
  • Consider delegating certain compliance or risk management issues to a board committee for oversight
  • Request periodic updates from management and legal counsel on the company's compliance program
  • Request updates on regulatory changes or developments affecting the company or its industry
  • Seek outside advice on compliance issues or third-party assessments of the company's compliance program
  • Document the board's compliance efforts through meeting minutes, resolutions, committee charters, and other materials
  • When appropriate, obtain advice from management, legal counsel, and other advisors in writing