Foreward by Andrew Chilvers
As companies continue to look for opportunities in global markets, directors from diverse jurisdictions are hired to serve on the boards of foreign businesses as well as domestic ones that have operations and assets in other countries.
Enterprises across the world look for directors from other jurisdictions for any number of reasons. Hiring board directors from other countries can help to build investor confidence, for example. Likewise, an enterprise that is headquartered in a different jurisdiction but with a subsidiary in the US or Europe could seek directors to gain expertise and credibility. The director may have valuable international or local geographic expertise regarding business objectives, strategy, operations and risk management.
Nevertheless, serving as a director on the board of a global enterprise can bring major challenges. It’s true that during the past few years corporate governance laws and regulations have started to converge across regions, but there remain critical international differences regarding the responsibilities and liabilities of directors.
With recent data protection legislation across different jurisdictions, companies are now being held to account regarding their use of personal data. Will this result in a more litigious culture for companies and what does this mean for boards?
Boards are not only judged for the way that they react to a crisis, but they are also exposed to liability for how they resolve a problem after the fact. In the United States, class actions regarding data breaches have failed to result in class action liability for fiduciary duty violations inside and outside of important jurisdictions such as Delaware, and almost all have been based on the reasoning that cyber-attacks are very difficult to defend against because of their frequency and the ingenuity of those committing the attacks.
However, there is a growing concern that failure to supervise vendors or the negligent hiring of third parties will survive the early stages of a class action. In addition to the sanctions for the legal entity, the CEO may be held personally liable. Failure to exercise due diligence in monitoring the implementation of data privacy compliance structures by employees or third parties could result in personal liability. Many jurisdictions inside and outside of the EU also have personal liability provisions, including criminal liability, under national data protection laws, including France, Canada, Hong Kong, the U.K., Singapore, Malaysia, Ireland, and the Philippines.
The GDPR also imposes strict limitations surrounding the transfer of personal data to third party countries that the EU deems to have inadequate protections of personal data. This makes it more important than ever to know the details behind where all your data resides and that jurisdiction’s approach to data privacy.
A good illustration that shows how the GDPR might open up this liability for the negligent supervision or hiring of third parties is found in the EU Whistle-blower Directive, which was adopted on October 7, 2019, and requires a whistle-blower policy and procedures in place with all companies with more than 50 employees as well as financial service providers and municipalities with more than 10,000 inhabitants. Whistle-blower reporting channels must be secure to ensure the confidentiality of the identity of the whistle-blower, as well as third parties which are part of any whistle-blower report.
With global directors now increasingly in demand, how important is it for boards and directors to understand the different expectations of directors and different cultures of governance?
The lack of confidence by consumers is watched and channelled by investors into activism, especially institutional investors. Shareholders are hoisting stakeholders onto their shoulders and moving away from the pure shareholder primacy model. Global investors are engaging in a dialogue that includes social value; longer time horizons, and environment, social, and governance (“ESG”) reforms. The most critical issues to asset managers and asset owners who drive investment are climate change and sustainability and heavily influencing governance in many countries. Technology disruption and cybersecurity is also increasingly seen as relevant to ESG. Global directors are more and more being categorized as such, because they are sensitive to these ESG reforms. While ESG has plenty of critics, even they acknowledge that ESG has finally reached a tipping point.
Recently, no less than the now retired Chief Justice of the Delaware Supreme Court has called for companies to focus on their employees and move back towards the true purpose of corporate governance. He called for ESG to become “EESG” adding employees to the reforms, citing the statistic that since the late 1970s, worker productivity has grown nearly 70% while hourly pay has increased roughly 12%, and despite corporate profit eclipsing prior gains. He also cited that institutional investors who hold the savings of these same workers should be equally as concerned on this new focus on governance as they are using the earnings of these same workers to invest in corporations.
Various states in the US have taken the lead on new governance legislation. The Sustainable Investing Act, also known as HB 2460, which became effective in January 2020 requires all public or government agencies involved in managing public funds in Illinois to “develop, publish, and implement sustainable investment policies applicable to the management of all public funds under its control.” Certain leading states are also looking to extend their ESG energy beyond public funds.
How important is an effective board that follows core principles of international corporate governance? Does this give boards a shield against litigation and other issues such as bankruptcy and bribery?
The biggest push towards the harmonization of corporate governance standards internationally are investors and consumers. Directors face increased pressure to make sure their members have industry expertise, capital allocation experience, and vision. Institutional investors want not only their board members independent, but also the compensation and selection of the board to be made by independent board members. Issues related to executive pay, gender diversity of boards, independence of board members, and strengthening the voice of shareholders are global. Equally, compliance structures put into place by anti-corruption legislation, such as Sarbanes Oxley, were blamed for the delisting of foreign companies in the U.S. at first, but then seen as a necessity to attract investors.
The conventional wisdom was that foreign companies are declining to list their shares on US exchanges because of the spectre of class action securities litigation. International investors, however, demanded management accountability and pursued class actions both in the US and abroad, as many jurisdictions around 2006 passed legislation to facilitate derivative actions and other shareholder litigation in response to investor demands.
Any company with a dual listing on a US exchange that has 500 or more US-based shareholders needs to make itself compliant with SOX. Many foreign companies delisted and went private when they discovered SOX would affect them as well as US entities. However, over time, studies have shown that while foreign companies list with the UK more often now, as opposed to the US, after the passage of SOX, the foreign companies that listed in the US have an average return that is four percent higher after the passage of SOX. While insiders have the perception that SOX is too expensive, outside investors tend to see SOX as a way to increase investment value and act as a check on those same insiders.