This article examines what the current legal threats are to business and why these threats are as relevant to directors and senior officers as to the operators themselves. New legislation, a growing claims culture and a seemingly never ending expansion of the regulatory regime are considered.

Companies and Partnerships are often described as having limited liability. In pure financial terms this may be right but in the current legal environment sceptics may say the phrase is misleading. Most directors and senior officers looking closely at their legal obligations in 2011 may prefer to stay in bed in the morning. That, however, would be “neglect” in the eyes of the law and they may be liable anyway.

The end of the world?

The most “at risk” group under the Bribery Act, due to come into force on 1 July 2011, are small and medium sized enterprises (“SMEs”). The broadsheets have been enthusiastic to say the least about the current risks with headlines such as: “Natwest 3: could you be next?” and “Get ready to be raided” littering the press. How do they get away with this? The short answer is that the business environment has been changing rapidly in the last ten years and continues to do so. Directors are more accountable because there are more people with a grasp of the legal position who are able to bring them to account. Private litigants now have access to litigation funding and conditional fee arrangements. Auditors and external advisors are ever more probing and sceptical as they too are feeling the regulatory pinch. Shareholders are increasingly institutionalised so that directors are increasingly justifying their results and their existence to the markets and analysts.  

Whilst prosecutors and regulators have seen massive slashes in funding recently, that has not given the corporate world any breathing space. This is because there are several large and wide reaching pieces of legislation which are now bedding in and producing healthy numbers of simplified investigations. Foremost of these is the Companies Act 2006 which is the starting point for directors’ duties. Under this new code, acts and omissions can be investigated and prosecuted, for example by the Companies Investigation Branch (“CIB”) of the Department for Business Enterprise and Regulatory Reform (“BERR”). Such regulators are not shy. The increased burden under s.172 of a Director to discharge the good faith duty is an obvious example.  

The HSE and the FSA have now brought a number of cases against private individuals where arguably more time and attention could have been given to the corporate entity itself. Even when the corporate is the target of an investigation, a director is just as likely to be joined as part of any proceedings. Directors are equally as likely to be probed by a customer or client or by a liquidator receiver or administrator. Directors can also be guilty of a criminal offence when they have committed or consented to an offence of copyright or trade mark  

infringement committed by the company. What does the director get in return for this burden? Since 2005 companies have been allowed to indemnify their directors in respect of a greater range of liabilities and defaults. The company may fund the cost of the defence of any civil, regulatory or criminal proceedings of a director, providing that any such loan is repaid if the director is subsequently found liable. This is sometimes described as an optional benefit and a company is not obliged to indemnify a director facing investigation.

Sector specific liability

Considering the Licensing, Hospitality and Leisure industry for a moment, a rough sketch of risk areas may start with health and safety, food safety and hygiene, licensing, employment and the employment of illegal workers. However, it might equally include problems of bribery, cartels and providing misleading statements to the market in relation to performance, intellectual property, waste regulations, infringement, and internal and external fraud. Identifying these risks are the first stages in any effective corporate compliance strategy. By identifying your risks, then you will be better able to plan to ensure that they remain a risk and not a reality.  

Compliance systems and controls

Directors can minimise their personal risk by delegating risk management and assessment effectively. This would include a system for regular risk assessment whether locally or centrally and setting up an internal audit and investigation function. This kind of “corporate speak” often deters SMEs from addressing risk issues. Their mantra is “we are small enough to know anything that goes on”. This does not remain the case for long however and experience shows that businesses that are most at risk are the ones that are growing in size. Quite literally they become a victim of their own success. As the management function becomes stretched and shortcuts are taken, leading to increased risk for those leading the company.  

In order to reduce risk we recommend that policies need to be drafted carefully and distributed widely. They should be in soft (emails, intranet) and hard copy format. Education and training should lie at the heart of the business.

Further complaints and incidents should be recorded with care and reviewed. “An open door” environment should prevail so that all parts of the business are encouraged to communicate and speak openly about troubles and concerns.

Finally, be prepared. There is absolutely no point in having a risk and compliance policy circulated on the same day that you start an internal investigation or are raided by a prosecutor. Investigations often focus on the role of directors within the “cascade of management”. An informed awareness of risk levels and a culture of care as opposed to neglect are important assets for a well managed business and will often save directors from liability.