Article

Kevin LaCroix: The Top Ten Stories in D&O of 2023

The directors’ and officers’ liability environment is always changing, but 2023 was a particularly eventful year, with important consequences for the D&O insurance marketplace. The past year’s many developments also have significant implications for what may lie ahead in 2024 – and possibly for years to come.

Kevin Mahoney

22

 MINUTE READ

The directors’ and officers’ liability environment is always changing, but 2023 was a particularly eventful year, with important consequences for the D&O insurance marketplace. The past year’s many developments also have significant implications for what may lie ahead in 2024 – and possibly for years to come.  I have set out below the Top Ten D&O Stories of 2023, with a focus on future implications. Please note that on Thursday, January 11, 2024 at 11:00 AM EST, my colleagues Marissa Streckfus, Chris Bertola, and I will be conducting a free, hour-long webinar in which we will discuss The Top Ten D&O Stories of 2023. Registration for the webinar can be found here. I hope you can join us for the webinar.

1. The Number of Federal Court Securities Class Action Lawsuit Filings Increased in 2023

Securities class action lawsuits represent the most significant severity risk for public company D&O insurers. For that reason, the insurers closely track the annual number of securities class action lawsuit filings. The number of filings provides a significant indicator of the insurers’ likely loss experience for the year, and the filings trends represent an important factor in insurers’ calculation of their profit-making price. Accordingly, insurers will be concerned to note that the number of federal court securities class action lawsuit filings increased in 2023, after significant declines in more recent years from record-setting levels that prevailed during the period 2017-2019.

According to my tally, 213 federal court securities class action lawsuits were filed in 2023, compared to 197 in 2022, representing an increase of about 8%. The number of 2023 federal court securities class action lawsuit filings, while up compared to 2022, was well below the over 400 securities suit filings that were filed each year during the period 2017-2019. Please note that these figures include only federal court securities suit filings; the numbers do not include securities class action lawsuits filed in state court.

The number of annual federal court securities class action lawsuit filings was elevated during the period 2017-2019 by a flood of federal court merger objection class action lawsuits. However, the merger-related lawsuits were hardly a factor in the total number of federal court securities class action suit filings in 2023. By my count, there were only two federal court merger objection class action lawsuits filed in 2023. (Merger objection lawsuits were still being filed in significant numbers during 2023, but the lawsuits were filed as individual actions rather than as class actions, and so do not show up in the class action lawsuit filing tallies.)

The overall increase in the number of federal court securities class action lawsuit filings in 2023 was driven by factors that developed during the year.

Thus, as is discussed in the second section below, there were a series of new lawsuits filed in 2023 related to the Banking Crisis of 2023; indeed, banks in general were a more frequent target in 2023. By my tally, there were twelve federal court securities class action lawsuits filed in 2023 against companies in the 602 SIC Code Industry Group (Commercial Banks). High interest rates caused many of the issues at the banks; as discussed in the third section below, high interest rates and other macroeconomic factors (including economic inflation and supply chain and labor supply disruption) were generally significant factors in the total number of securities suits filed overall in 2023.

As has been the case in most recent years, there were significant numbers of federal court securities class action lawsuits filed in 2023 against companies in the biotech and high-tech sectors.

Thus, by my tally there were 25 securities class action lawsuits filed against companies in the 283 SIC Code Industry Group (Drugs), including 17 in the 2834 SIC Code category (Pharmaceutical Preparations). There were also an additional nine securities class action lawsuits filed against companies in the 384 SIC Code Industry Group (Surgical and Medical Instruments), bringing the total number of 2023 federal court securities class action lawsuit filings against companies in the biotech sector to 34, representing 16% of all securities suits filed during 2023.

With respect to the securities suit filings against high-tech companies, there were 29 federal court securities class action lawsuits filed in 2023 against companies in the 737 SIC Code Industrial Group (Computer Programming and Data Processing), including 17 in SIC Code Category 7372 (Prepackaged Software). The 29 securities suits against companies in the this SIC group represented about 13.6% of all of the federal court securities class action lawsuits filed in 2023.

The lawsuits filed against biotech and high-tech companies together represented a total of 66 suits, representing about 31% of all the 2023 federal court securities class action lawsuit filings.

As discussed in the final section below, the increase in securities suit filings in 2023 comes at a time when D&O insurance pricing is under significant pressure, one of several factors complicating the current D&O insurance marketplace.

2. The Banking Sector Has a Tumultuous Year

Over the course of several weeks from March to early May in 2023, three large U.S. banks failed in a sequence of events that has come to be known as the Banking Crisis of 2023. The failed banks’ $548.7 billion in combined asset value represents the highest amount for failed banks in a single year, ever.

Fears arose at the time that the bank failures could trigger a contagion event across the banking industry. However, the Fed, the Treasury Department, and the FDIC acted forcefully and took extraordinary measures to reassure markets and depositors of the safety and security of the banking system. These measures were sufficiently effective that within a very short time calm returned to the banking sector and there were no further large bank failures during the year.

But while the aggressive regulatory action may have helped the banking industry to dodge a contagion event, it did not necessarily remedy the underlying concerns for many banks.

In recognition of the continuing concerns, on August 7, 2023, the ratings firm Moody’s took credit rating action on 27 banks, including downgrading the credit ratings of ten banks, putting others under review, or giving their ratings a negative outlook. The reasons for the firm’s actions included rising deposit costs and risks to commercial property and construction loans posed by changes to the commercial real estate market brought about by shifts to remote work during the pandemic. On August 21, 2023, S&P also took actions similar to those of Moody’s, downgrading or cutting the ratings on a host of banks, for similar reasons.

The way that the concerns the credit rating agencies cited can lead to securities litigation, even in the absence of a bank failure, is illustrated in at least two banking crisis-related securities suits filed later in 2023.

First, on August 4, 2023, a plaintiff shareholder filed a securities class action lawsuit in the Northern District of Ohio against KeyCorp, the bank holding company for KeyBank, and certain of its executives. As discussed here, the plaintiff shareholder filed the lawsuit in the wake of declines in Key’s share price after bank executives announced reductions in the company’s earnings guidance, as the bank found itself required to pay higher interest rates to attract deposits. The complaint also referred to the bank’s disclosures about liquidity issues.

Second, as discussed here, on September 11, 2023, a plaintiff shareholder filed a securities class action lawsuit in the Central District of California against PacWest and certain of its directors and officers. In July 2023, PacWest had announced its plan to merge with the Bank of California. PacWest struggled with the many of the same issues that had taken down Silicon Valley Bank, including large unrealized losses in its bond portfolio and significant amounts of uninsured deposits. The securities complaint alleges that the defendants made misrepresentations in connection with the events surrounding the other banks’ failures and leading up to the July merger.

The worries about commercial real estate that the rating agencies noted may represent a reason to continue to be concerned about the banking sector. As the Wall Street Journal has detailed, rising vacancy rates in office buildings has stressed the  commercial real estate sector, putting many landlords in a difficult spot as they continue to try to service their debt. The well-publicized sector stress has put many borrowers in a position where they cannot roll over their debt as existing loans mature. The increased vacancy rate and the drying up of lending capacity increases the likelihood of commercial real estate loan defaults.

The net result is what the Wall Street Journal has called a “doom loop” that, according to the Journal, “threatens America’s banks.” The “doom loop” scenario involves the following stages: “losses on the loans trigger banks to cut lending, which leads to further drops in property prices and yet more losses.” How all this will play out remains to be seen, but the process won’t play out quickly; rather, it will, according to the Journal, be a “slow grind.” 2023 was difficult for commercial landlords; according to the Journal, 2024 will be worse. All of this is bad news for commercial landlords, and for their lenders.

Another problem for many banks, particularly smaller banks, is the value of the securities they hold on their balance sheets. After federal government stimulus money flooded many banks with deposits during the pandemic, some banks invested in interest-rate sensitive securities, particularly long-dated bonds. As the Fed raised interest rates starting in March 2022, and raised rates higher and faster than many banks anticipated, the banks saw the market value of their bond portfolios plummet, putting some banks balance sheets “underwater.” As the Wall Street Journal put it in a December 28, 2023 article (here), many community banks have been in a “full blown crisis”; according to the Journal, more than 300 U.S. banks have half or more of their assets in securities, and about 100 of these banks have more than 75% in securities.

The bottom line is that it may be too early to sound the “all clear” signal for the banking sector. There could still be more of the story to be told in the months ahead.

3. Macroeconomic Factors Weigh on Businesses and, in Some Cases, Translate into Securities Suits

One significant factor in the huge bank failures in 2023 was the impact of elevated interest rates, as discussed above. But high interest rates were only one of several macroeconomic factors affecting the overall business environment in 2023. Other significant macroeconomic factors included rising economic inflation, and labor supply and supply chain disruption. These factors not only presented companies with business challenges; in many cases, the impact of these factors on company operations translated into securities class action litigation.

Thus, for example, in March 2023, the coffee-shop chain Dutch Bros was hit with a securities class action lawsuit after the company announced disappointing financial results due to inflationary pressure on the company’s margins. Similarly, and also in March 2023, the organic food company United Natural Foods was sued in a securities suit after the company disclosed a profitability decline, despite increased sales, due to inflationary pressure. The backup power supply company Generac Holdings was sued in a securities class action lawsuit in November 2023 after the company announced decreased sales due to declining consumer demand because of elevated interest rates.

Labor supply and supply chain issues led to securities lawsuits in other cases. Thus, for example, in January 2023, the chain eye care firm National Vision was sued in a securities lawsuit after the company announced disappointing financial results the company blamed on its difficulties in recruiting and retaining professional staff after the pandemic. In April 2023, the hydrogen fuel cell company Plug Power was hit with a securities suit after the company announced disappointing revenue growth due to supply chain “complexity.” In July 2023, the drug company Baxter International was sued in a securities lawsuit after the company announced that continuing supply chain issues were setting back its operations.

In yet another lawsuit during the year in which macroeconomic factors played an important role, and as discussed here, in November 2023 investors filed a securities class action lawsuit against the software company Expensify. The shareholder plaintiff alleged not that a single macroeconomic factor undercut the company’s results, but rather that adverse macroeconomic conditions in general – what the plaintiff’s complaint called “macroeconomic headwinds” — hurt the company’s financial results and caused it to fall short of the growth projections it made in its IPO.

As challenging as the economic circumstances were in 2023, things could have been worse. At the outset of the year, a majority of economists surveyed were predicting that the U.S. would enter a recession during 2023. Fortunately, the country managed to avoid falling into a recession during the year; some hope that perhaps the U.S. has managed to pull off the almost mythical “soft landing.”

The extent to which the challenging economic circumstances will continue to weigh on the economy as we head into 2024 of course remains to be seen. Much will depend on what happens with interest rates. At its final meeting for the year in December 2023, the Federal Reserve not only held interest rates steady,  but signaled that it was ready to pivot its interest rate approach in 2024. Though his remarks following the meeting were guarded and cautious, Federal Reserve Jerome Powell (and accompanying documentation) suggested that Fed officials anticipate as many as three rate cuts in 2024.

The reasons the Fed has shifted on its interest rate policy signaling is also good news; inflation appears to have eased significantly in recent months – although it still remains above the Fed’s target rate. Labor supply issues and supply chain issues appear to be continuing to improve as the economy recovers from the pandemic-related shutdowns.

The possibility for interest rate easing represents a positive sign for the economy and for economic prospects in the New Year. Were macroeconomic challenges to ease, it could reduce at least one source that presented significant securities litigation risk in 2023.

4. Geopolitical Risk Contributes to Corporate Litigation Exposures

In addition to the macroeconomic factors discussed above, an additional consideration complicated the global business environment and also heightened corporate and securities litigation risk during 2023. As discussed below, a variety of issues contributed to geopolitical risks during the year; a host of additional issues that could come into play in the months ahead could made geopolitical risk an even bigger factor in 2024.

For starters, several securities lawsuits filed in 2023 underscored the political challenges associated with doing business in China. For example, in June 2023, the China-based video company DouYu International Holding Limited, whose securities trade on Nasdaq, was hit with a securities lawsuit after Chinese government crackdown on video game and computer addiction resulted in Chinese regulatory enforcement action against the company.

Similarly, Futu Holdings Limited, a Hong-Kong based digital financial services company with securities trading on Nasdaq and that was providing services to consumers in China. was also sued in a securities class action lawsuit after it was subject to a regulatory crackdown based on questions surrounding its licensure to provide the financial services to Chinese consumers.

Questions concerning international trade regulations and trade sanctions also led to securities lawsuits during the year. For example, in July 2023, and as discussed here, the computer memory device company Seagate Technology Holdings was sued in a securities lawsuit after a Department of Commerce division imposed a $300 million penalty against the company for violation of export restrictions related to the Chinese company, Huawei. In November 2023, as discussed here, the directors and officers of the bankrupt medical device company Rockley Photonics Holdings were sued in a securities suit after the company lost revenue from a joint venture partnership when the venture partner was added to the U.S. Department of Commerce’s export restrictions entities’ list.

The list of geopolitical risk-related securities lawsuits filed in 2023 may appear to be relatively short. However, there is no doubt that as we head into 2024, the world is in a very dangerous geopolitical environment. There are not only two hot wars being fought, each of which has a dangerous and worrisome potential to spread, but there are tensions in the South China Sea with further worrisome potential, as well as ongoing trade tensions between the U.S. and China.

There are a host of other sources of geopolitical stress that could lead to business and operating difficulties for many companies.  To focus on just one topic heading, there are a number of elections scheduled or likely to be scheduled in 2024 that could significantly affect the geopolitical environment. The U.S. Presidential election scheduled for 2024 could have (and seems likely to have) enormous geopolitical implications. But the U.S. is not the only country with a Presidential election scheduled next year – Mexico, Indonesia, and South Africa also will have elections in 2024. Elections are also likely in Canada, the U.K., and India. And in an election that could have enormous geopolitical implications, Taiwan’s voters will go to the polls in January 2024. In all, more than two billion people in roughly 50 countries representing over 60% of global GDP will go to the polls in 2024.

I emphasize these points here, and indeed I set up geopolitical risk as a separate topic in this survey, to set a marker down; I believe geopolitical risk will create significant operating and business challenges for many companies, and I believe further that in many cases these challenges will translate into corporate and securities litigation, in 2024 – and beyond.

5. Regulatory and Legislative Actions Ensure That ESG Remains a Hot Button Issue

One of the hot button topics for several years has been “ESG” – which is an acronym representing a grab bag of Environmental, Social, and Governance concerns. In recent years, many companies have felt pressured by institutional investors and other constituencies to show that they are “good” on ESG (even though there is no consensus on what it actually means to be “good” on ESG).

More recently, as the issues surrounding ESG have evolved, companies have found themselves under very different kinds of scrutiny. As pressure from activists at other points on the political spectrum has developed, an ESG backlash has emerged, resulting in political and legislative action in some conservative states, and in litigation in other instances as well. Companies themselves increasingly trying to avoid the cross-fire, as a result of which increasing numbers of companies are resorting to “greenhushing” – that is, taking a much lower profile on ESG-related concerns. For these and for a variety of other reasons, there have been public calls from academics and others to the effect that it may be time to “say RIP to ESG.”

While some commentators may be be done with ESG, the fact is that ESG is not done with us. Pending and existing regulatory and regulatory changes ensure that ESG will continue to be a high-profile issue for corporate executives, regulators, investors, and others, for some time to come.

Among the pending regulatory concerns is the long-awaited final release of the SEC’s final climate change disclosure guidelines. The agency first released the draft guidelines for public comment in March 2022. The release of the final rules has been delayed multiple times. It now appears that the agency will not release the final climate change disclosure guidelines until at least April 2024, at the earliest. Although it still remains to be seen what will be in the final guidelines, at this point it must be assumed, based on the draft release, that final rules will impose significant disclosure requirements on reporting companies concerning greenhouse gas emissions and climate change-related risk management.

While we continue to await the SEC’s final guidelines, other regulators and other authorities have moved forward. Among other things, both the EU and the California legislation have put in place extensive climate change and ESG-related guidelines that will affect many companies, including those outside the EU and California.

First, On July 31, 2023, the European Commission adopted the first set of European Sustainability Reporting Standards (ESRS), which require EU and non-EU companies with specified levels of EU activity to file annual sustainability reports with their financial statements. The standards will soon become law and apply in all 27 EU Member states, with compliance requirements effective as early as 2025 for the 2024 reporting period. The ESRS set out detailed reporting requirements for EU companies, including general reporting requirements; a list of mandatory disclosure requirements related to the identification and governance of sustainability matters; and ten ESG-related topics on which disclosure is required, subject to a materiality assessment.

The standards adopted in the first ESRS go considerably further than the disclosure requirements in the SEC’s proposed climate change disclosure guidelines; among other things, the EU standards require companies to report on a broader set of sustainability topics, such as biodiversity, water, and pollution. The EU standards also apply to private companies.

Of critical importance, for the fiscal year 2028 (that is, to be reported in 2029), non-EU companies that generate a net turnover of more than 150 million euros in the EU in the last two consecutive financial years must comply with the reporting standards. Similarly for the fiscal year 2028, non-EU companies that have at least one subsidiary or branch within the EU must comply with the reporting requirements. In other words, the EU disclosure requirements could — and are intended to – have a huge impact on companies based outside the EU.

As if that were not enough, in September 2023, as discussed at length here, the California legislature adopted two pieces of legislation, subsequently signed into law by the California governor,  that will similarly impose significant disclosure obligations on a host of companies, including even those not based in California.  

Senate Bill 253, signed into law on October 7, 2023, requires Scopes 1,2, and 3 greenhouse gas (GHG) emissions disclosures from all business entities “doing business” in California with revenues greater than $1 billion. The disclosure requirements in effect require companies to make disclosures concerning GHG both up and down the companies’ value chains. The annual GHG disclosures are to commence in 2026 with respect to Scopes 1 and 2; disclosures with respect to Scope 3 emissions commence in 2027.

Senate Bill 267, also signed into law on October 7, 2023, requires that on or before January 1, 2026, and every two years thereafter a “covered entity” must disclose its “climate-related financial risk” and measures taken to reduce and adapt to climate risk. A “covered entity” is a business with over $500 million in revenue and that does business in California.

The California legislature estimated that SB 253 will affect as many as 5,300 companies, and SB 267 will affect as many as 10,000 companies. The two bills are almost certain to face legal challenge; among other obvious concerns is that neither of the two bills defines what it means to be “doing business” in California.

Among the many risks with the various disclosure requirements is the possibility that the new guidelines could increase the potential shareholder litigation exposure for publicly traded companies. Companies that make optimistic claims about their emissions efforts or the sustainability of their operations could be subject to “greenwashing”-type claims. Companies that experience operating setbacks or diminished financial results because of climate impacts (as for example companies experience extreme weather events or of changed climate conditions) will have their prior disclosures closely scrutinized.

Even though the new guidelines have not yet taken effect, and the SEC’s final guidelines have not even yet been released, the new and anticipated disclosure requirements represent a significant challenge for many companies. The bottom line is that, regardless of what some observers may want, ESG is going to remain a hot-button issue for a long time to come.

6. New SEC Disclosure Guidelines Could Mean Cybersecurity Claims Ahead

The possibility of a corporate or securities lawsuit arising out of a cybersecurity incident is nothing new – the threat of cybersecurity-related litigation has been a recurring theme for several years. The litigation threat is continuing; for example, in March 2023, a plaintiff shareholder filed a securities class action lawsuit against pay TV services provide Dish Networks after the company experienced a cybersecurity incident involving its internal communications network, as discussed here.

The SEC itself has also been active in filing securities enforcement actions based on cybersecurity-related issues. For example, as discussed here, in March 2023, the SEC filed a settled action against Blackbaud, Inc., which agreed to pay a $3 million penalty in connection with allegations that the company had made misleading disclosures about a ransomware attack. In a high-profile move, and as discussed here, in late October 2023, the SEC filed an enforcement action against software company SolarWinds and its Chief Information Security Officer alleging that the company had misled investors by understating the company’s cyber vulnerabilities and the ability of hackers to penetrate the company’s systems. (The SolarWinds incident was the subject of a prior securities class action lawsuit; as discussed here, in October 2022, the suit settled for $26 million.)

The possible future direction and content of cybersecurity incident-related securities suits may be significantly influenced by the new cybersecurity-related disclosure guidelines the SEC approved in July 2023. As discussed here, the new guidelines are quite detailed; the key features of the guidelines are the requirements that companies (i) disclose material cybersecurity incidents they experience, and also (ii) disclose on an annual basis material information regarding their cybersecurity risk management and governance. The new rules require disclosures for annual reports on Form 10-K (or the foreign company equivalent) for reporting periods ending after December 15, 2023. The rules regarding incident reporting took effect on December 18, 2023.

The new incident disclosure provision requires reporting companies to disclose any cybersecurity incident they determine to be material, within four days of determining the materiality, and to describe the material aspects of the nature and scope of the incident as well as the likely material impact of the incident on the company’s operations and financial condition.

Under the new rules, reporting companies will be required to disclose in their annual filing their processes for assessing, identifying, and managing material risks from cybersecurity threats, including whether any threats have materially affected or are reasonably likely to materially affect the company. The final rules also require the company to describe the board of directors’ oversight of the risk from cybersecurity threats and the role and expertise of company management in assessing and managing cybersecurity risks.

These new rules could increase the litigation risk for companies experiencing a cybersecurity incident. For example, after a company suffers a cybersecurity incident, plaintiffs’ lawyers, armed with the knowledge of what kind of incident the company suffered, will go back and scrutinize the company’s disclosure and say that the company did not properly disclose to investors the risk of the specific incident that later took place, or that the company described procedures that were represented as sufficient to prevent the kind of incident that occurred.

Similarly, mandated disclosures concerning board cybersecurity governance practices, particularly with respect to board oversight processes concerning cybersecurity could also contribute to securities litigation. Again, the plaintiffs’ lawyers armed with the benefit of hindsight after an incident has occurred will go back and scrutinize the prior board governance disclosures to try to argue that actual practices differed or omitted disclosures of oversight inadequacies that permitted the incident that occurred.

The four-day incident reporting requirement could prove to be a challenge.  To be sure, the four days run only from the date that the company determines that the cyber incident is material. The concern is that the company may be quite sure that an incident is material but not yet be in a position to be able to report all of the specific items the rules require companies to disclose. One can easily imagine a securities suit being filed based on the allegation that the initial, rushed 4-day disclosure was misleading because the incident turns out to have been far different than was initially thought. Plaintiffs’ lawyer may later claim these rushed disclosures were misleading and that the companies deliberately tried to “soft pedal” the description of the incident. Plaintiffs’ lawyers may try to raise arguments about allegedly delayed materiality determinations as well.

Even though cybersecurity lawsuits and enforcement actions have been a part of the litigation scene for years now, the new reporting guidelines could mean more challenging cybersecurity-related D&O claims environment in the months ahead.

7. The U.S. Supreme Court Agrees to Take up Two Potentially Significant Securities Cases

Securities litigation is not always a part of the U.S. Supreme Court’s docket. The Court sometimes goes for years without hearing a securities law case. However, in its current 2023-2024 term, the Court has agreed to take up two cases. Both cases potentially could have a significant impact on securities litigation and enforcement.

First, on June 30, 2023, the U.S. Supreme Court agreed to take up a case to consider the SEC’s use of in-house administrative tribunals, as discussed here. The agency sought Supreme Court review of a federal appellate court ruling that held the administrative courts to be unconstitutional.

The case involves hedge-fund operator George Jarkesy. In 2013, the SEC commenced an administrative proceeding against Jarkesy and his advisory firm that resulted in a liability finding and an order for him to pay a $300,000 fine and barring him from participating in the securities industry.

Jarkesy filed an action in federal court challenging the SEC’s authority to bring the enforcement action against him before the administrative tribunal. In May 2022, a divided three-judge panel of the Fifth Circuit ruled in Jarkesy’s favor, holding that the SEC’s administrative courts violate the Seventh Amendment’s right to a jury trial. The appellate court also held that the agency’s authority to choose between pursuing enforcement actions in district court or in an administrative tribunal overstepped the limits on Congressional delegation of power. Finally, the appellate court held that Congress violated the separation of powers pertaining to the removal of executive officials.

In March 2023, the agency filed a petition to the Supreme Court for a writ of certiorari. The agency argued that the Supreme Court has a history of upholding laws in which Congress has provided for the laws’ enforcement through administrative proceedings. The agency argued that the Court has long held these types of proceedings to be consistent with the Seventh Amendment. The agency also argued that the agency’s authority to enforce the federal securities laws either in the district courts or through administrative tribunals does not create violate the constitution, as the choice is purely an executive function and not a legislative power delegated by Congress.

At a minimum, the case will require the court to consider how the SEC will enforce the federal securities laws. The case could have a significant impact on the way that agency pursues enforcement actions against individuals and firms that are accused of violating the federal securities laws.

Second, on September 29, 2023, the Supreme Court agreed to take up a case in which the court must address the recurring question of whether the failure to make disclosure required by Item 303 of Reg. S-K is an actionable omission under Section 10(b) and Rule 10b-5. A copy of the Court’s September 29, 2023, order agreeing to take up the case, Macquarie Infrastructure Corporation v. Moab Partners, L.P., can be found here.

Item 303 of Reg. S-K states in pertinent part that in its periodic reports to the SEC, a company is to “[d]escribe any known trends or uncertainties that have had or that the registrant reasonably expects will have a materially favorable or unfavorable impact” on the company.

The underlying complaint alleges that Macquarie misled investors about the impact of the eventual elimination of sulfur-heavy form of marine fuel oil. The district court granted the defendants’ motion to dismiss, holding, among other things, that the plaintiffs had failed to allege a violation of Item 303 or that the omission was material. The plaintiffs appealed the district court ruling.

In an unpublished summary order dated February 23, 2023 (here), a three-judge panel of the Second Circuit affirmed in part and reversed in part the district court’s order. Among other things, the appellate court held that the plaintiffs had adequately alleged violations of Item 303. In reviving the claims based on Item 303, the appellate court cited its own prior authority that Item 303 disclosure can support a claim under Section 10(b) if the other elements have been sufficiently pleaded.

In their petition to the Supreme Court for a writ of certiorari, the defendants urged the Court to take up the question “whether a Section 10(b) claim can rest on a failure to provide a disclosure required under Item 303 of SEC Regulation S-K, even without an affirmative statement that is rendered misleading by omission.” The defendants pointed out that while the Ninth, Third, and Eleventh Circuits had rejected this possibility, the Second Circuit, in express recognition that its contrary position puts it “at odds” with the Ninth Circuit, has long held that an Item 303 violation can be a basis of a Section 10(b) claim, even in the absence of an otherwise misleading statement.

Item 303 allegations are a regular feature of securities class action complaints. Item 303 allegations are useful for plaintiffs because they help the plaintiffs’ counsel solve a pleading problem. That is, under the U.S. securities laws, it is generally held that absent a duty to speak, a defendant company cannot be held liable for failing to disclose information – unless further disclosure is required in order to make a prior statement not misleading. Item 303 provides a way for the plaintiffs’ lawyers to argue that the defendants had a duty to speak, even if there isn’t a prior statement for which further disclosure is required in order to avoid the prior statement from being misleading.

Precisely because the U.S. Supreme Court only occasionally takes up securities cases, any time the Court agrees to take up a case there is the potential for the Court to provide a perspective or pronouncement that could significantly affect the way the securities laws are applied. In any event, the specific questions the cases present in and of themselves present important and potentially influential questions.

8. Mega-Settlements of Shareholder Derivative Lawsuits Continue to Proliferate

There was a time not long ago when it was unusual for the settlement of a shareholder derivative lawsuit to involve a significant cash component. The cases usually settled for the defendants’ agreement to adopt corporate therapeutics and the payment of plaintiffs’ attorneys’ fees. In more recent years, it has become more common for derivative suit settlements to include a significant cash component. Indeed, nine of the top ten largest derivative suit settlements over the last 20 years have taken place just in the last four years alone.

The trend toward shareholder derivative settlements with significant cash components continued in 2023, as there were several settlements announced this year that are among the all-time largest settlements. Two of these settlements are particularly noteworthy.

First, as discussed here, in April 2023, Paramount Global announced the $167.5 million settlement of the derivative lawsuit brought by CBS shareholders in Delaware Chancery Court in connection with CBS’s $30 billion  acquisition of Viacom in 2019. (The combined company was known as ViacomCBS, which changed its named to Paramount Global in February 2022.)   The settlement of the CBS shareholders’ action is noteworthy in and of itself, but it takes on even greater significance when considered along with the fact that there was a separate direct action for damages relating to the same merger transaction filed on behalf of Viacom shareholders that settled for $122.5 million (as reflected here). The $290 million collective value of the two settlements is an impressive milestone.

Second, and as discussed here, in what is the largest shareholder derivative lawsuit settlement ever as measured by nominal dollar value, the defendant board members in the Tesla Board compensation derivative lawsuit agreed in July 2023 to settle the case for a combination of payments and transfers with a total stated value of $735 million. The lawsuit alleged that the board had paid themselves “outrageous” compensation in the form of directors pay, stock awards, stock options, and other benefits and bonuses. Among other things, the settlement included the directors’ agreement to return massive amounts of cash, stock, and options they were awarded as compensation for board service.

Some observers may question whether the Tesla derivative suit settlement actually has the same value to Tesla’s treasury as the stated $735 million nominal cash value. These objections notwithstanding, the fact is that the settlement is, by any measure, massive. Even though the Tesla settlement did not involve the payment of any D&O insurance dollars, a settlement of that size could have an impact on future settlements – which could in turn cause the expenditure of D&O dollars. The two recent settlements, and in particular, the Tesla settlement, underscore how much things have changed since the days when derivative suit settlements rarely involved the payment of significant cash amounts.

9. AI Emerges as a Important Technological Development and as a Potentially Significant New Corporate Risk

Whenever the discussion turns to the question of emerging risks these days, among the first topics to come up is artificial intelligence (AI). But just as AI technology itself is still taking shape, the legal risks and exposures that the emergence of AI may present are still emerging as well.

On October 30, 2023, in what is unquestionably a key step in the development of a regulatory and legal framework for AI, the White House issued an Executive Order on the development and use of AI. The Order, which is entitled “Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” can be found here.  The Order seeks to initiate a coordinated effort at the federal government level to ensure the “development and use of AI safely and responsibly.”

The Executive Order identifies a variety of actions and initiatives, as discussed in a November 3, 2023, memo from the Wachtell Lipton law firm on The CLS Blue Sky Blog (here).

First, the Order requires a number of federal agencies to assess AI risk within the industries the agencies oversee, after which the regulatory agencies must publish guidelines for companies within those industries.

Second, the Order also directs agencies to evaluate and determine the extent of AI-related discrimination and bias.

Third, in light of existing concerns about competition protection in arenas dominated by large technology companies, the Order directs federal agencies to consider and assess the possibilities for concentration of market power, in order to ensure continued competition in the AI marketplace.

Fourth, the order directs the Department of Labor to prepare guidelines to protect workers, given concerns about the use of AI to “undermine rights, worsen job quality, encourage undue worker surveillance, lessen market competition, introduce new health and safety risks, or chase harmful labor-force disruption.”

The Executive Order is not prescriptive; instead, the Order requires future federal agency actions that will lay down the AI-related requirements to which companies must adhere. But while the actual requirements are yet to come, the Order clearly points to an environment in which the federal government aims to impose a wide variety of AI-related regulatory requirements.

In addition to the White House Executive Order, there have been other AI-related regulatory initiatives as well. In that regard, the EU has been active with respect to AI as it has been in other areas.

As discussed in a December 8, 2023 Wall Street Journal article (here), the EU recently “reached a political deal” on regulating artificial intelligence. The EU’s Artificial Intelligence Act arguably is the first set of detailed regulations to regulate AI; the Journal article speculates that the Act could become the standard for other governments. The Act lays down restrictions in certain areas, such as with respect to the use of facial recognition technology. It also sets transparency rules for AI systems and the models on which they are based. According to the Journal, the Act still needs “final approval from parliamentarians and representatives from the EU’s 27 countries and is unlikely to take full effect before 2026.”

These and other regulatory initiatives clearly will create an environment in which companies must work to manage their AI-related regulatory risks. The likely future development of an AI-related regulatory environment also raises the question of companies’ future AI-related legal and liability risks, as well.

The fact is that while AI itself as a technology is still just emerging, AI-related litigation has already arrived. An interesting September 5, 2023 memo from the K&L Gates law firm (here), details the “growing number of recently filed lawsuits associated with generative artificial intelligence (AI) training practices, products, and services.” The memo describes the legal theories that have served as the basis of existing AI-related claims, including invasion of privacy and property rights; patent, trademark, and copyright infringement; libel and defamation; and violations of consumer protection laws, among others. It is worth noting that to date much of the litigation has been targeted against AI developers, by contrast to AI users, as was the case, for example, in the lawsuit that the New York Times recently filed against OpenAI and Microsoft.

For D&O insurance professionals, one rather urgent question is the extent to which AI also presents corporate and securities litigation risks. At this point, there are certain categories of corporate and securities law claims that seem to be the most likely.

First, the regulatory initiatives discussed above foreshadows a business environment in which companies use of AI tools could involve significant regulatory risk. Companies use of AI in their operations could lead to regulatory concerns, particularly when it comes to workplace issues (including, for example, in hiring and supervision).

Second, particularly for publicly traded companies, there will be a host of disclosure-related issues, including, for example, disclosures around companies’ use of AI; the impact of AI on its operations, competitive environment, and financial results; and the impact of AI on future revenues and overall financial performance. For example, companies touting a supposed business advantage they enjoy because of the company’s incorporation of AI technology in their operations may be subject to allegations concerning the extent to which investors were fully informed about the risks associated with the strategy.

In a December 5, 2023, speech SEC Chair underscored the potential disclosure-related AI risks, as discussed here. In particular, Gensler commented on the kinds of AI-related corporate behaviors that he and his agency consider to be problematic.

The first corporate behavior that Gensler alluded to echoes concerns about “greenwashing,” in which companies allegedly overstate the sustainability of their products or operations.  Gensler said that just as companies should not “greenwash,” companies should not “not AI wash.” By that, Gensler apparently meant that companies should not overstate or mislead investors as to their true AI capabilities or the extent to which the company has incorporated AI into their operations or products.

In particular, Gensler noted that as AI-related technology is emerging, there are a variety of processes and operations encompassed within the term “AI,” and that ambiguity means that businesses may seek to try to promote their use of AI when the businesses are in fact using only a small amount of AI, or even none at all.

Gensler also expressed a concern about the gap that could arise between what companies may be promising with respect to their adoption of AI-related tools and the reality of what the tools may actually be able to deliver.

Beyond regulatory and disclosure-related concerns, boards also likely will be subject to claims based on allegations pertaining to the board’s duties of oversight. For example, picture a company that is using images or other content generated by AI and that subsequently faces claims that it has been using synthetic content deceptively. These kinds of allegations could not only lead to consumer protection-type claims but could also lead to allegations that the company’s board failed to properly oversee a critical corporate function.

There undoubtedly will be other types of claims to emerge as well, not the least of which may be employment-related claims based on allegations of discrimination or bias, as well as other workplace-related allegations, such as invasion of privacy.

Gensler’s point – that though AI is a new technology, the same disclosure principles still apply – is an important one. While there may be a sense in the current climate that we have to be talking about AI because it is the hot topic du jour does not take away from the fact that there are some real and identifiable litigation risks associated with corporate adoption of AI tools.

10. Competition Defines a “Softer” D&O Insurance Market

From late 2018 through the end of 2021, the D&O insurance marketplace was in a so-called “hard” market, meaning that most buyers saw their D&O insurance premiums increase significantly.

The hard market pricing environment attracted new capital and new market participants. The new participants’ presence started to have a significant effect in 2022, as competition returned to the marketplace. Many buyers saw the overall pricing for their D&O insurance decline, at least relative to the higher pricing that prevailed during the hard market.

The more competitive conditions continued in 2023. Many buyers continue to see reductions in the cost of their D&O insurance, particularly with respect to excess layers of insurance. Of course, there are certain buyers who are seeing more elevated pricing (such as financially troubled companies or companies with a poor claims history), but many other buyers are seeing price decreases, in some cases significant price decreases.

Insurance is a cyclical business and it is always difficult to project in advance when the insurance market will move into the next phase of the cycle. There are some commentators in the D&O insurance arena expressing concern that the more recent price decreases have already fallen below risk-based pricing levels; indeed, in September 2023, Patrick Tiernan, the Chief of Markets at Lloyd’s, decried the “moronic underwriting approach” being pursued with respect to D&O insurance in London, adding further that the D&O insurance market currently is “irrational” and “shambolic.”

While these remarks are certainly interesting, efforts to jawbone the market have rarely worked in the past, particularly in a competitive market like the one currently in effect. The laws of supply and demand generally control the insurance marketplace, and at the current moment the supply remains ample.

On the other hand, there are enough factors of concern that D&O insurance underwriters (or at least some of them) might well turn cautious. There are indeed a host of uncertainties in the D&O insurance marketplace as we head into 2024, particularly with respect to ESG, Cybersecurity, and AI. These uncertainties arise at a time when the claims trends are distinctly unfavorable, as well.

For the moment, at least, competitive conditions remain in effect and it remains a more favorable pricing environment for policyholders than in the recent past. What the future will bring remains to be seen.