Executive Risk
Unique Executive Risks for Privately Owned Companies
November 7, 2023
If you are the director or officer of a private company, you might assume your position is relatively low risk compared to the executive management at a public company, which is subject to heavy securities regulation.
Even though private firms are spared from some of the costly securities lawsuits that plague public companies, the directors and officers of private companies face a collection of their own unique risks and challenges. In many cases, these risks have even more fallout for private companies. A directors and officers liability (D&O) lawsuit can take a substantial amount of time and capital to defend, which can damage or bankrupt a company.
To protect your private company from a costly lawsuit, understanding the areas where your business faces the most risk is the first step. Use this list as a starting point to identify the potential liabilities in your company so you can create or tailor a risk management program to attack these issues.
What D&O Claims Do Private Companies Face?
Private businesses of all sizes and industries are susceptible to D&O lawsuits. Plaintiffs include regulatory agencies, shareholders, employees and clients. One of the most financially damaging claims to a private company is an employment practices liability lawsuit.
Shareholders are especially prime plaintiffs for D&O lawsuits, as they often have a higher personal stake due to the typically limited number of investors in the company. Some types of lawsuits include the following:
- Merger objection lawsuits, filed by displeased shareholders when the company is or is about to be acquired
- Majority shareholders buy out the minority shareholders and then go public as soon as they own all the stock
- Freeze-out mergers, in which minority shareholders are forced to sell their stock for less than fair market value
- Breach of fiduciary duty, including self-dealing and conflicts of interest
- General business mismanagement and bankruptcy lawsuits
Clients can claim that the company failed to deliver services, failed to disclose information or disclosed materially false or misleading information. Even competitors bring lawsuits, accusing directors and officers of slander and defamation, which degrades the value of competing products or services.
Risk #1: Complying with Regulations
Although shareholder lawsuits and employment claims comprise the bulk of D&O liability, regulatory litigation is a growing trend.
Recognizing the regulations that apply to private companies is a critical executive management responsibility. Just because a corporation is not publicly traded does not mean it is exempt from complying with provisions in the legislation, including the Dodd-Frank Act, the Foreign Corrupt Practices Act (FCPA) and the Sarbanes-Oxley (SOX) Act. It is generally advisable to work with an attorney to ensure your firm is complying with securities regulations, such as the following:
- The Dodd-Frank Act. The Dodd-Frank Act was enacted to improve accountability and transparency in the financial system to protect the economy, consumers, investors and businesses. The Act streamlines the regulatory process by increasing the oversight of those financial companies regarded as a risk, with the goal of ending taxpayer bailouts of those companies.
- The FCPA. This legislation focuses on the accounting transparency requirements under the Securities Exchange Act of 1934 and the bribery of foreign officials. Alarmingly, your company could be violating FCPA without even knowing it, which usually occurs in emerging and fast-growing markets where private companies are increasingly venturing. Small and mid-size private businesses that are entering foreign markets for the first time and don’t have an in-house legal team to advise them should especially pay attention to the particulars of this Act.
- The SOX Act. Prompted by the major corporate scandals of publicly traded companies such as Enron and Tyco in the early 2000s, the SOX Act was created to protect investors in those companies by increasing the truthfulness of corporate disclosures. For private companies contemplating going public, understanding regulatory risks under the SOX Act should be key in your decision-making process. In some cases, you may want to consult an expert to ensure you understand the complexity of the provisions and regulatory requirements.
Even if a private company does not plan to go public, it must adhere to two provisions in the Act: “Whistleblower Protection” and “Document Destruction.” Under the Whistleblower Protection provision, directors and officers must not retaliate against those who report suspected illegal activities in the organization. Under the Document Destruction provision, directors, officers and employees cannot destroy documents intended for use in official proceedings. Each state has specific regulations for how long documents must be kept.
Risk #2: Going Public
As a private business grows, it may consider becoming a publicly held company. Going public is the process of selling shares that used to be privately owned to new investors for the first time. While going public can increase a company’s capital, it brings a stack of risks:
- Increased executive management responsibilities
- Increased director and officer personal liability for violation of securities laws
- Lack of confidentiality about the company’s affairs
- Expensive transactional costs
- Pressure for short-term profits and for the company to perform up to expectation
The following list highlights three ways for a firm to go public, including each option’s unique risks:
- Initial public offering (IPO). Although expensive, an IPO is the most common way for a company to go public. In addition to costing 10 to 15 percent of the money a company raises to go public, the process can also be time-consuming, taking between six and 24 months. IPOs rely on market conditions; when the market conditions are poor, sometimes IPOs must be withdrawn. Directors and officers face the risk of lawsuits, especially if the company doesn’t perform up to expectations.
- Reverse merger. Going public through a reverse merger usually involves less money and time than an IPO. A reverse merger occurs when a private company merges with a public company—a “shell”—with no assets or liabilities; it’s simply an organizational structure that the private company can use. If the public company is already SEC-registered, this saves the private company time registering with state and federal regulators. Reverse mergers aren’t infallible, though. Many companies either fail or struggle following a reverse merger, and there can be unforeseen liabilities with the shell company. Thoroughly investigating the shell company and its principals before merging is crucial. Also, beware of the price of the shell company; sometimes, inexperienced buyers are unaware of market prices and wind up paying a lot more than the shell company is worth.
- Spin-off. Going public through a spin-off occurs when a public company sponsors a private company by distributing free stock of the private company to its shareholders. This action creates an opportunity for the new shareholders to purchase additional stock on the open market. Like reverse mergers, spin-offs can also be risky when management miscalculates, and one or more companies do not perform as well as expected. Whatever method a company chooses to go public, each brings risks that should be managed to avoid disasters that could impede growth and success.
Risk #3: Occupational Fraud
Of the for-profit-company fraud reports by survey respondents in the Association of Certified Fraud Examiners (ACFE) “Occupational Fraud 2022” report, private companies were the victims 44% of the time. Public companies were the victims 25% of the time. Fraud can occur at all levels of the company, from senior management to frontline employees.
Minimize the Risk of a Lawsuit
Risk management is just as important for private companies, if not more so, due to fewer resources available to handle unexpected claims. Private company executives need to focus on anticipating change and managing the new risks that come with that change.
Most mid-size private firms lack a chief risk officer. Nonetheless, a private company should have a sound corporate governance program to identify, manage and monitor risks at all levels.
D&O Insurance
D&O insurance should be a part of every company’s risk management strategy, whether private, public or family-owned business. Because the cost of defending a lawsuit may exceed the net worth of most private companies, D&O insurance
covers the risk of directors’ and officers’ personal assets that could be seized to cover the cost of their own defense, even if they are found innocent.
When purchasing D&O insurance, private companies should be aware of the following:
- Contractual liability exclusions. This exclusion is especially pertinent to private companies with broad entity coverage under a D&O policy. Since contractual obligations are not liabilities imposed by law but rather an obligation that is voluntarily undertaken, many D&O policies have an exclusion that prevents insurers from having to cover contract-related claims, especially breaches of contract that arise when the company enters into a contract with another party. This is usually one of the most contested provisions in a private company’s D&O policy.
- Duty to indemnify versus duty to defend. Does your company have indemnification for executive management? With the duty to defend, the insurer selects the defense counsel and controls the defense. The duty to defend can be found in most D&O policies.
Learn More
Contact Hylant to learn more about the insurance tools and risk resources we can offer to help you protect your private company.
The above information does not constitute advice. Always contact your insurance broker or trusted advisor for insurance-related questions.