directors counsel compliance

In March, the Federal Court handed down the penalties judgement in the Storm Financial matter (Australian Securities and Investments Commission (ASIC) v Cassimatis (No 9) [2018] FCA 385). This brings to an end the long-running ASIC litigation arising out of the collapse of the Queensland financial planning business a decade ago.

Previously, Justice Edelman had found that both executive directors of Storm Financial had contravened their duty of care and diligence in s180(1) of the Corporations Act 2001 (Cth). Their relevant conduct was allowing Storm to provide the “Storm model” of financial advice to a group of financially vulnerable investors. In doing so, they caused or permitted Storm to contravene the financial services laws and exposed it to the risk of losing its Australian Financial Services licence.

With Justice Edelman’s subsequent elevation to the High Court of Australia, it fell to Justice Dowsett to decide the appropriate penalties. In March, Emmanuel and Julie Cassimatis were each ordered to pay civil penalties of $70,000 and disqualified from managing corporations for seven years.

In this case, ASIC chose not to proceed against the three non-executives who had joined the board in 2007, primarily to assist in a planned stock exchange listing of the business. In the liability judgement, Justice Edelman described the two non-executive directors who gave evidence as “highly qualified professionals”. The third was a major Storm client. The three were not the subject of any enforcement action by ASIC.

Justice Edelman characterised the independent non-executive directors’ participation in board meetings as passive, finding that they discussed issues raised by the Cassimatises, but did not raise new issues. Board meetings were described by one witness as “information sessions” conducted by the Cassimatises “involving consistently positive information for the independent non-executive directors concerning Storm business and decisions that the Cassimatises had made”.

Justice Edelman seemed willing to accept without criticism that “there were real limitations upon the extent to which [they] understood the details of Storm’s business and its model. These limitations were natural given their constraints as non-executive directors”.

Comments made by Justice Edelman in the Storm Financial matter raise the question whether non-executive directors can, or should be able to, avoid liability in connection with catastrophic compliance failures by companies on their watch, where their knowledge of the business model is limited and their involvement passive.

Parallels in the US

Recent shareholder actions in the United States suggest that the question is on the minds of institutional investors and class-action attorneys.

In 2016, shareholders in Capital One Financial Corporation sought to commence derivative proceedings in the Delaware courts against the board of Capital One for “purposely, knowingly or recklessly causing or allowing” the company to breach anti-money laundering laws in its cheque-cashing business, where the breaches resulted in significant regulatory action against the company over a sustained period.

Late in 2017, a large pension fund investor instigated proceedings against the board of Citigroup Inc, alleging that directors had “consciously fail[ed] to develop, implement and enforce effective internal controls” within Citigroup, resulting in (among other failures) “pervasive violations of anti-money laundering rules” in respect of which Citigroup was ordered to pay a US$140 million settlement (including a US$40m civil penalty).

Cases in the US are difficult to win, as shareholders must demonstrate that directors breached their duty of loyalty — either by failing completely to implement any reporting systems or controls, or by consciously failing to monitor company operations. Directors cannot be sued for negligence.

In Australia, the position is different. Australian directors who fail to discharge their duty of care, skill and diligence can be sued by their company (including in derivative proceedings) for loss or damage caused by their negligence and can be the subject of civil penalty proceedings brought by ASIC. The Australian duty of care requires directors to take reasonable steps to place themselves in a position to guide and monitor the management of the company. Given this, directors who sit idly by while others cause the company to breach its legal and regulatory obligations run the risk of falling short of the statutory standard.