Like many others, I look forward to Warren Buffett’s annual letter to Berkshire Hathaway shareholders, and like many others, I read his annual letter closely, looking for any investment insights I can glean as well for Buffett’s now-famous homespun brand of wisdom and humor. Although Buffett latest letter to Berkshire shareholders – which was published Saturday morning – does offer readers a little under each of these headings, I think many reading Buffet’s latest letter might have come away a little disappointed, as I discuss further below. Buffett’s 2019 February 22, 2020 letter to Berkshire shareholders can be found here. (Full disclosure: I own BRK.B shares, although not as many as I wish I did.) As someone who had carefully read Buffett’s letters for decades now, I have to say I am more than a little bit troubled about how short they have become. I was struck last year how short his letter was, and I had the same reaction again this year. Along with the increasing brevity, the letters seem to have become increasingly formulaic and consist of well-worn tropes – such as, for example, the long-term value of equity investing, the importance of accrued earnings, and the value of insurance float. I know he repeats these themes because they are important to understanding how he runs Berkshire, but he is not saying anything on these topics that he has not said many times before. For me, it is impossible to observe the uncharacteristic brevity of Buffett’s most recent letters and not to think about his advancing age. Buffett will be ninety years old this summer. To be sure, this year’s letter, arguably by contrast to prior letters, expressly acknowledges and addresses his age. In a section of the shareholder letter captioned “The Road Ahead,” Buffett in fact recognizes that he and Berkshire’s Vice Chairman Charlie Munger “long ago entered the urgent zone.” However, he says, the company is “100% prepared for our departure.” After laying out the case for the company’s continued prosperity, Buffett details the outlines of his estate plan, by which over the course of 12 to 15 years, his A shares will be converted to B shares and then distributed to various foundations. In yet another tacit recognition of the need for the company to be prepared for its life after Buffett, this year’s letter states that at the upcoming Berkshire shareholder meetings, the two designated management successors, Ajit Jain and Greg Abel will be “given more exposure.” For me, the acknowledgement of his age, the transparency about Buffett’s long-term estate plan, and the overt management transition are all positive and important developments. The letter is of course first and foremost a report to Berkshire’s shareholders, and from that perspective, the news is good. Berkshire had GAAP earnings of $81.4 billion, an astonishing figure that requires some significant explanation. Of that $81.4 billion, fully $53.7 billion represents net unrealized capital gains, which Buffett argues should not be taking into account for earnings purposed but is required because of changes to GAAP. The more important figure, from Buffett’s perspective, is the company’s 2019 operating earnings of $24 billion, which, it should be noted, is roughly equal with the equivalent figure for the year prior. Interestingly, while Berkshire had another good year, it arguably did not meet the target of one of Buffett’s standard measurements. For years, Buffett has opened the shareholder letter comparing the annual percentage change in the per-share market value of Berkshire to the annual percentage change in the S&P 500 (with dividends included). Over the long haul, Berkshire has far surpassed the S&P 500 under this measure. However, in 2019, Berkshire fell short, with Berkshire showing a change of 11% and the S&P 500 showing a change of 31.5%. The relative underperformance in 2019 was the largest since 2009. Indeed, in the 11 years from 2009-2019, the S&P has beaten Berkshire four time, and there were three other years in which the measures were very close to even. Berkshire’s most significant changes in value relative to the S&P 500 are now years in the past – Berkshire has in fact underperformed the S&P 500 over the past decade. One of the basic facts about Berkshire these days is that it is big – really BIG. As of December 31, 2019, the company was carrying $128 billion in cash on its balance sheet. It is hard to put that much cash to work and it is hard to produce the changes in value that the company was able to show in the past. Buffett himself has emphasized many times over the years how much harder it has become as the company has grown larger to be able to produce returns on a percentage basis. A question that gets asked frequently about Berkshire these days is whether it has just grown too big to beat the market. Another way in which Berkshire is big in almost unfathomable ways is with respect to the company’s equity investment portfolio. The aggregate market value of the company’s equity investments as of the end of 2019 was $248 billion (up from $172 billion as of the end of 2018). In looking at the list of Berkshire’s top 15 equity investments one thing that jumps out is how large the company’s investment in Apple has become. Indeed, with now over $35 billion invested in the company, Berkshire’s investment in Apple represents the company’s largest ever investment in a single company (exceeding even the company’s $32 billion acquisition in 2016 of Precision Castparts). The Apple investment has done well – as of year-end 2019, the market value of Berkshire’s $35 billion Apple investment was over $73 billion. At year-end 2019 valuations, Berkshire’s Apple investment represented nearly 30% of the Berkshire’s equity investment portfolio value. This skew in the company’s investment portfolio is all the more curious given Buffett’s famous refusal during the dot-com boom to invest in technology companies because he professed not to understand their businesses. The Apple investment clearly reflects the impact of Berkshire investment managers Todd Combs and Ted Wechsler, who both joined the company in the 2010-2011 time frame. When I look at Berkshire’s Apple investment, I cannot help but reflect that though Buffett is still in charge, the company has already changed in significant ways. One other thing about Berkshire’s top 15 holdings that I find surprising is how significant the company’s investment in airlines is. Three of the company’s top 15 investments are in airlines: Delta Air Lines (year-end value of $4.1 billion); Southwest Airlines (year-end value of $2.5 billion); and United Continental Holdings (year-end value of $1.9 billion). I find this concentrated investment in airlines curious, as in the past Buffett publicly acknowledged Berkshire’s prior investment in U.S. Air to be one of his mistakes. In his 2007 letter, he described the airline industry as a “bottomless pit” that has sucked up investors’ money; he said “to his shame,” he had “participated in this foolishness.” He said of Berkshire’s 1989 investment in U.S. Air preferred shares that “as the ink was drying, the company went into a tailspin and before long our preferred dividend was no longer being paid.” Even though he later was able to sell the preferred shares for a gain, the airline itself ultimately went bankrupt – twice. Once again, it seems to me when I look at Berkshire’s current investment in multiple airlines that Buffett is still around, there are signs that the company is already changing in arguably significant ways. By way of contrast perhaps, one industry Buffett has always favored is the insurance business. As Buffett says in this year’s letter in talking about Berkshire’s vast portfolio of controlled businesses, “our insurance business has been the superstar.” During the past 17 years, Berkshire has produced an underwriting profit in its insurance operations, with an aggregate pre-tax profit during that period of $27.5 billion (of which $400 million was recorded in 2019). As has always been customary in his commentary on this topic, Buffett is cautious to forewarn that Berkshire will not always produce these kinds of returns. As he puts it, “we will most certainly not have an underwriting profit in 16 of the next 17 years. Danger always lurks.” In discussing what future danger might look like, Buffett slides in a comment that may be of particular interest to readers of this blog. Among the list of things that could produce adverse underwriting results, Buffett mentions some familiar items but adds one further item that is not always on the list. He says that “’The Big One’ might come from a traditional source, such as wind or earthquake, or it may be a total surprise involving, say, a cyber attack having disastrous consequences beyond anything insurers now contemplate.” The possibility of a cyber event causing consequences beyond anything insurers now contemplate is a nightmare that the insurance industry as a whole would rather not confront. Buffett’s suggestion of that possibility seems to me to be something of a message to the industry about the dangers out there. It is interesting to me and particularly telling that in identifying the possible source of the ultimate catastrophe, Buffett refers not (as he might have given recent history) to a terrorist event, but rather to a cyber security event. This strikes me as something important for the insurance industry to consider. Buffett’s exploration of one other topic may also be of interest to this blog’s readers. In this year’s letter, Buffett has a lot to say about boards of directors, noting that he has himself over the course of the last 62 years served as a director of 21 publicly-owned companies. He notes during the first 30 years of that period, it was rare to find a woman in the room, and that the efforts for more women to be heard in the board room “remains a work in progress.” Buffett goes on to note that despite many changes, most boards are still controlled by their company’s CEO. For example, audit committees now work harder than they once did, but “they remain no match for managers who wish to game numbers.” Acquisition proposals “remain a particularly vexing problem for board members,” because the deck is stacked if favor of deals the CEO backs. And while there is increased emphasis on board independence, director compensation in recent years has soared, making the lure of rich board fees a “subconscious factor affecting the behavior of many non-wealthy members.” The upshot of it all is that while almost all of the directors Buffett has served with were “decent, likable and intelligent,” many of these “good souls are people whom I would never have chosen to handle money or business matters. It simply was not their game.” In the face of this negative picture of captive boards filled with underqualified members, Buffett identifies a few things that might make a difference. For example, at Berkshire, he says, “we will continue to look for business-savvy directors who are owner-oriented and arrive with a strong specific interest in your company.” Buffett also notes that he feels better about directors who have purchased shares in their company’s stock using their own money rather than just receiving them through grants. And as far as board governance goes, there has been at least one “very important improvement” – that is, the increase in the use of regularly scheduled “executive sessions” of directors at which the CEO is barred. While Buffett seems to suggest that it is possible for boards to be filled with sufficiently skilled individuals who have independent financial motivations, and while there are governance processes that can encourage board independence, the overall picture he paints of board capture and lack of competence is really pretty discouraging. In the context of his letter to Berkshire shareholders, Buffett’s comments about companies in general and about their boards all come back to Berkshire itself. In his list of reasons why he believe the company is “100% prepared” for his departure, he states that he believes that the company has “skilled and devoted top managers for whom running Berkshire is far more than simply having a high-paying and prestigious job” and that the company’s directors — “your guardians” – are constantly focused on both the welfare of owners and the nurturing of a culture that is rare among giant corporations.” In other words, Berkshire’s performance on “The Road Ahead” depends a lot on the caliber and performance of the company’s managers and directors. Buffett will still be at center-stage at the upcoming annual shareholders’ meeting. But it seems to me, in a number of ways I noted above, the company may (finally?) be readying for what comes next, after Buffett. And that is a good thing, if we truly are to believe that the company is “100% prepared” for Buffett’s eventual departure. The Upcoming PLUS D&O Symposium: This upcoming week I will be in New York for the PLUS D&O Symposium. On Tuesday, February 25, 2020, I will be moderating a panel at the Symposium on the topic “Time for Another Round of Securities Litigation Reform?” I will be joined on the panel by Sara Brody of the Sidley Austin law firm; Sean Griffith of the Fordham Law School; Jeremy Lieberman of the Pomerantz law firm; and Jerrod Schlesinger of Chubb. It should be a great session and I hope to see everybody there. I know that many of this blog’s readers will be at the Symposium. If you see me at the Symposium, I hope you will make a point of saying hello, particularly if we have not previously met. See you all in New York! And Finally: The February 22, 2020 Wall Street Journal carried a wonderful tribute in recognition of the 50th anniversary of the release of the album “Nilsson Sings Newman,” which features a range of songs written by Randy Newman and sung by Harry Nilsson while Newman plays the piano. Even though I know I am showing my age, I fully endorse to the author’s view that this album is one of the greatest of all times. I recommend the article, and I strongly recommend the album, which, if you have never heard it, is a revelation. The songs on the album, as interpreted by Nilsson’s vocals, are wry, entertaining, and occasionally moving. As the Journal article’s author notes, “Half a century on, ‘Nilsson Sings Newman’ still sounds singular, inspired and fresh. If you haven’t heard it, a sparkling aural discovery awaits you.” Here is a recording from the album of Nilsson singing Newman’s “Love Story”: A Closer Look at Warren Buffett’s Annual Letter to Berkshire Shareholders published first on via Tumblr A Closer Look at Warren Buffett’s Annual Letter to Berkshire Shareholders
0 Comments
The board of the Spencer Educational Foundation has declared Monday, February 24, 2020 as Spencer Day. The Spencer Education Foundation was founded in 1979 to fund the education of tomorrow’s risk management and insurance leaders through scholarships and grants for students risk management, insurance, actuarial science and business. The organization also facilitates internship opportunities, provides on and off campus experiential learning opportunities through grants, and funds development of risk management/insurance curriculum. The purpose of the Spencer Day designation is to showcase Spencer scholarship recipients, the companies who hire them, and the myriad ways that Spencer supports industry education. The Foundation’s announcement about Spencer Day and the related activities can be found here. The organization’s press release about Spencer Day provides, in part, as follows: The Board of Directors of the Spencer Educational Foundation has pronounced the last Monday of February as Spencer Day. The purpose of this designation is to showcase Spencer scholarship recipients, the companies who hire them, and the myriad ways that Spencer supports industry education. This announcement follows a significant sustaining gift just received from the FM Global, one of the world’s largest commercial property insurers. FM Global’s generous $650,000 gift is the largest single pledge received in Spencer’s 41-year history, and will enable Spencer to eclipse their 2019 high water mark of giving away close to $1.5M to fund industry education. Marya Propis, SVP and Director of Distribution & Broker Partnerships at All Risks, Ltd. and Spencer Board Chair, commented, “The mission of Spencer is simple; we are helping to manufacture talent for the entire industry, and as our support grows, our capacity to generate more results increases, too. We are excited to call upon all Spencer Scholars – and the companies who employ them – to stand up today and be acknowledged. We also want to shine a bright spotlight on standout industry partners like FM Global on our Spencer Day.” What is the Spencer Day call to action? TODAY, via social media, industry professionals are encouraged to promote #SpencerScholars whom they mentored, advised, and assisted, and employers can make clear that they place a value on hiring and supporting #SpencerScholars. Currently, Spencer relies on annual, recurring support from hundreds of donor companies and industry professionals, and is so grateful for these ongoing partnerships. Of course, if you’re a Spencer Scholar – past or present – we want to salute you, too, and encourage you to identify yourself via social media or on our website. Over 1,000 P&C insurance professionals have benefited from Spencer’s philanthropic efforts since the first three scholarships were granted in 1980. By gathering at annual events such as the Gallagher Spencer Golf event on Sat May 2 and the Spencer & Sedgwick FunRun on Tues May 5 at the RIMS Annual Conference in Denver, as well as the Spencer Gala Dinner on Thurs Sept 17 at the Sheraton Times Square in New York, insurance professionals can support Spencer’s ability to propel careers by removing financial obstacles. Monday February 24, 2020 is Spencer Day published first on via Tumblr Monday February 24, 2020 is Spencer Day Combining the experience and thought leadership of Venable’s advertising law practice – one of the nation’s largest and highest ranked – with key insights from government and industry insiders, our renowned Advertising Law Symposium offers sessions designed to educate and enlighten. Attendees span both the legal and business worlds, and include clients and professionals working across the industry. Session topics will cover broad trends and anticipated developments, as well as industry-specific hurdles, highlights, and more. Interested in attending? Sign up to learn more about this exciting annual event. Save the date: Venable’s Seventh Annual Advertising Law Symposium will be held in Washington, DC on March 19, 2020 published first on via Tumblr Save the date: Venable’s Seventh Annual Advertising Law Symposium will be held in Washington, DC on March 19, 2020 In prior posts on this site (for example, here), I have noted the phenomenon of directors’ and officers’ liability claims arising in the wake of antitrust enforcement actions. These follow-on civil actions arguably represent one part of an increasing trend toward trying to hold individual directors and officers accountable for their companies’ antitrust violations. According to a recent paper, as a result of trends in relevant doctrines and enforcement policies, the risk to directors and officers from these developments is “likely to continue rising in the foreseeable future.” In his February 12, 2020 paper entitled “D&O Liability for Antitrust Violations” (here), University of Arizona Law Professor Barak Orbach details the developments contributing to these trends and reviews the implications for director and officer liability. Professor Orbach’s paper raises a number of interesting considerations, particularly from an insurance perspective, as discussed below. Increased Focus on Individual Liability Professor Orbach’s observations about antitrust liability arise within the larger context in which regulatory and enforcement authorities increasingly are focused on holding corporate directors and officers accountable for their involvement in corporate wrongdoing – as reflected, for example, in the U.S. Department of Justice’s Yates Memo. These accountability efforts focus not only on the individuals’ direct involvement in the wrongdoing but also on their alleged failures to detect, prevent, corporate wrongdoing. Oversight responsibilities are, Professor Orbach notes, an increasing important part of the DOJ’s antitrust enforcement guidelines. Sources of Individual Liability for Corporate Antitrust Violations Potential director and officer liability for corporate antitrust violations can be found in three sources: the antitrust laws themselves; general corporate law; and the federal securities laws. Under the antitrust laws, the individuals who formulated, negotiated, authorized, directed or executed policies or agreements that constituted steps in an antitrust violation may be criminally and civilly liable for the violation. Under the general corporate laws, individuals who were aware of the violations or who failed to make good faith efforts to oversee material risks and compliance with applicable laws may be held liable for losses caused by the unlawful acts. Under the securities laws, individuals may be held liable for material misrepresentations or omissions concerning antitrust risk. In his paper, Professor Orbach details the specific provisions of the federal antitrust laws that are the basis of individual antitrust liability. He also reviews the important areas of corporate law contributing to individual liability for a corporation’s antitrust violations, including under the Caremark duty of oversight, as recently embellished by the Delaware Supreme Court’s 2019 decision in Marchand v. Barnhill (about which refer here and here). Professor Orbach also reviews in detail the bases on which underlying antitrust enforcement actions have led to follow-on securities class action litigation. As he notes, “where an antitrust action claims that a company engaged in wrongful anticompetitive conduct, the question is whether past representations about competition and legal risk were adequate.” In recent years, he notes, “the initiation of antitrust actions has triggered securities class action lawsuits against companies and their senior executives.” Individual Directors’ and Officers’ Defenses and Protections As Professor Orbach discusses, while individual directors and officers can be subject to claims based on their companies’ alleged antitrust violations, the individuals do have a variety of defenses and protections. These defenses and protections include the business judgment rule; exculpatory clauses; indemnification; advancement; and insurance. The business judgment rule and exculpatory clauses provide defenses to liability. Indemnification, advancement, and insurance provide the individuals with protection against the costs of defense and liabilities in the form of settlements and judgments. D&O insurance can be an important part of the protections available to corporate officials who are targeted for their company’s antitrust violations. However, as Professor Orbach notes, these policies frequently contain exclusions for criminal misconduct. Increased Emphasis on Oversight Duties In his conclusion, Professor Orbach notes that changing attitudes toward corporate wrongdoing and an increasing emphasis on holding individuals accountable have “affected the expectations for D&O oversight of antitrust risks.” Until recently, the focus has been on individuals who participated in the alleged violations. However, more recently, enforcement authorities are focused on the corporate officials’ general oversight responsibilities and the extent to which their companies have adopted, maintained and overseen corporate compliance programs. Parallel developments in corporate and securities laws “have further reinforced the growing expectations for oversight of antitrust compliance and require D&O to meet heighted oversight responsibilities.” Discussion The value of Professor Orbach’s overview of potential director and officer antitrust liability is his insight that the liability can arise not just under the antitrust laws themselves, but under the general corporate laws and the securities laws as well. His discussion about the potential liabilities arising under the duty of oversight principles, as recently elaborated under the Delaware Supreme Court’s Marchand decision, is particularly helpful in showing the ways that individuals can be held liable under for their company’s antitrust violations. As he notes, “D&O already face an increased risk of such liability and that this risk is likely to continue growing.” One particular aspect of Professor Orbach’s analysis that is worth emphasis is his discussion of the ways in which underlying allegations of antitrust wrongdoing can lead to securities class action litigation. In numerous prior posts, I have discussed specific situations in which companies caught up in antitrust enforcement actions can become the target of follow-on securities litigation. For example, as discussed here, numerous companies in the poultry production industry were hit with follow-on securities lawsuits, after a number of companies in the industry were targeted with private antitrust litigation alleging that companies in the industry had engaged in price-fixing. Similarly, as discussed here, a number of generic drug companies were hit with securities suits after news that the federal antitrust authorities were pursuing criminal antitrust charges against certain companies in the industry on price-fixing charges. Similarly, plaintiffs’ lawyers initiated a number of securities suits against auto parts companies (refer, for example, here) following news that the DOJ and the EU were investigating companies in the auto parts industry for possible collusion and price-fixing. Other examples of cases where securities class action lawsuit followed in the wake of antitrust enforcement activity include the securities suit filed against Reddy Ice Holding and certain of its directors and officers (about which refer here), as well as the securities suit filed against Horizon Lines and certain of its directors and officers (refer here). The translation of antitrust enforcement actions into potential liabilities under the securities laws has significant implications from a D&O insurance perspective. Under most public company D&O insurance policies, the policies’ entity coverage extends only to securities claims. Many antitrust enforcement actions target the entity; but antitrust enforcement actions against the corporate entity would not trigger the D&O insurance policies’ entity coverage. A securities claim against a publicly traded company typically would trigger the company’s D&O insurance policy’s entity coverage. To be sure, Professor Orbach’s paper was focused on individual liability for antitrust violations, as opposed to entity liability. All else equal, an antitrust enforcement action against an individual presumptively would trigger the D&O insurance policy. There are of course a number of policy provisions that potentially could be applicable. For example, as Professor Orbach notes, the policy’s criminal conduct exclusion at least potentially could be in play. However, in the current era, most criminal misconduct exclusions are not triggered by mere allegations; the exclusion only operates to preclude coverage upon a final adjudication that the precluded conduct actually happened. Thus, in most instances, the D&O insurance would be available to defend individuals from the underlying allegations, as well as any follow-on civil claims. There is an additional D&O insurance coverage issue that needs to be discussed when it comes to potential antitrust liabilities, and that has to do with the antitrust exclusion that can be found in the base forms of many private company D&O insurance policies. In that regard, it is worth noting that there is nothing about the antitrust laws that limits their reach just to publicly traded companies. A private company very much could be the subject of antitrust allegations from enforcement authorities as well as in private enforcement actions. Were a private company and its director and officers to be hit with either a regulatory or private antitrust action, the presence of an antitrust exclusion could very much affect the availability of coverage. The important thing to note about these kinds of exclusions when it comes to policy placement is that even though many insurers have an antitrust exclusion in their base forms, many of the insurers will upon request remove these exclusions by endorsement, or at least offer some amount of sublimited antitrust coverage. Other insurers will at least limit the exclusion to the entity only or specify that the exclusion does not apply to defense expense. The important thing is to be aware if the policy has an antitrust exclusion, in order to address the exclusion at the time of policy placement. One last thing to keep in mind about the antitrust exclusion is that though we refer to it as “the antitrust exclusion” for shorthand purposes, the exclusion itself often is about much more than just claims arising under the antitrust laws as such. Frequently, these exclusions are broadly written and potentially sweep all sorts of other claims, including, for example, claims deceptive trade practices, unfair trade practices, or restraint of trade. Not only do these exclusion sweep more broadly than just antitrust issues, but the exclusions are often written on a broad “based upon, arising out of” basis, extending the exclusion’s coverage preclusive reach even further. These considerations even further underscore the importance for private company insurance buyers to try to address the antitrust exclusion at the time of policy placement. The bottom line is that, as Professor Orbach emphasizes in his paper, antitrust liability represents a growing area of personal risk for corporate directors and officer, and this risk is likely to continue rising for the forseeable future. Accordingly, it is increasingly important that these considerations are taken into account when D&O insurance coverage is put in place. Directors’ and Officers’ Antitrust Liability Risks and D&O Insurance Concerns published first on via Tumblr Directors’ and Officers’ Antitrust Liability Risks and D&O Insurance Concerns As was the case for the last two reporting years, there were relatively few larger securities class action lawsuit settlements during 2019 compared to prior years. As reported in latest large securities class action lawsuit settlement report from ISS Securities Class Action Services (ISS), there were only two settlements finalized in 2019 large enough to make the list of all time large settlements. However, there are a number of pending tentative securities class action lawsuit settlements that are likely to be finalized in 2020, and thus are likely to lead to an increase in the number of Top 100 settlements during the year. The February 20, 2020 report, entitled “The Top 100 U.S. Class Action Settlements of All Time (as of December 31, 2019)” can be found here. The two cases that made the Top 100 list during 2019 are Cobalt International Energy, at $389.6 million, the 43rd largest of all time; and Alibaba Group Holding, at $250 million, tied for 69th largest. While there were only two securities suit settlements making the top 100 list in 2019, four in 2018, and two in 2017, there were as many 12 making the list in 2016. The total value of the 101 securities class action lawsuit settlements finally approved in in 2019 was $3.17 billion, a decrease from the total valued of the 126 approved settlements in 20918 of $5.84 billion. Much of the difference between the two totals is attributable to the massive $3 billion Petrobras settlement, which was approved in 2018. While there were relatively few of the largest securities suit settlements in 2019, there likely will be more of the larger settlements finalized in 2020. According to Jeff Lubitz, Executive Director of ISS Securities Class Action Services, among pending settlements that are likely to be finalized in 2020 include Valeant Pharmaceuticals ($1.2 billion); American Realty Capital Partners ($1 billion); First Solar ($350 million); SCANA Corporation ($192.5 million); and Snap, Inc. ($187.5 million). Just for the sake of level-setting, in order to make the Top 100 list as it currently stands, a future settlement would have to exceed $168 million. Of the Top 100 settlements, 92 percent have involved an institutional lead plaintiff, whereas only 8 percent have involved a non-institutional lead plaintiff. Of the top 100 settlements, 36 have been led in whole or in part by the Bernstein Litowitz law firm, and 16 have been lead in whole or in part by the Robbins Geller law firm (and its predecessor firm), including the largest of all time, the Enron settlement ($7.2 billion). 14 have been led by Milberg (and its predecessor firm). In terms of aggregate recoveries from the Top 100 settlements, the Bernstein Litowitz law firm is top, with $25.9 billion in total settlements in the Top 100; the Robbins Geller law firm, with $15.1 billion in total settlements from among the Top 100; and the Barrack, Rodos and Bacine law firm, with $13.1 billion to total recoveries from among the top 100. (Please note that these law firm aggregate figures reflect cases that the law firm led in whole or in part.) Of the top 100 settlements, 41 have involved restatements, while 59 have not involved restatements. However, the restatement cases are among the very largest. Of the top 15 settlements on the list, 12 involved restatements, as well as 15 of the 20 largest. My thanks to Jeff Lubitz of ISS Securities Class Action Services for sending me a link to the latest report. ISS Releases 2019 Top 100 Securities Class Action Lawsuit Settlements List published first on via Tumblr ISS Releases 2019 Top 100 Securities Class Action Lawsuit Settlements List While some of you may be looking forward to brackets, watch parties, and cheering on your favorite college basketball team, employers should also be thinking about a different type of March Madness – preparing for the H-1B Visa New Registration Process! The USCIS recently announced the implementation of a new electronic registration process for H-1B visas. The registration period will run from March 1-March 20. Therefore, employers seeking to file H-1B cap-subject petitions for the fiscal year 2021 cap should start planning and gathering documentation on eligible employees. In an effort to make sure employers don’t “drop the ball,” I recently recorded a presentation answering questions and sharing important information to keep in mind regarding this process. You can listen to the recording here. 20 Days of Immigration March Madness published first on via Tumblr 20 Days of Immigration March Madness Over the last several years, plaintiffs’ lawyers have filed a number of D&O lawsuits against companies that had been hit with a cybersecurity incident. These suits have largely been unsuccessful, with the exception of the lawsuits filed against Yahoo in the wake of that company’s data breach. While the plaintiffs’ track record in data breach-related D&O lawsuits so far has not been good, a recent development could suggest that that has changed. On February 13, 2020, the parties to the Equifax data breach-related lawsuit filed a stipulation of settlement stating that the case has been settled based on the defendants’ agreement to pay $149 million. The settlement is subject to court approval. This settlement has a number of interesting implications, as discussed below. A copy of the parties’ stipulation of settlement can be found here. Background On September 7, 2017, Equifax announced a “cybersecurity incident” potentially impacting 143 million U.S. customers. The company’s press release stated that during the period from at least mid-May through July 2017 criminals had exploited a U.S. website vulnerability to gain access to customer information. The company discovered the breach on July 29, 2017. The information accessed included names, Social Security numbers, birth dates, addresses, and in some instances driver’s license numbers. The credit card numbers of about 209,000 U.S. consumers were also breached. Upon discovering the breach, the company launched a forensic review to determine the scope of the breach. The company also notified law enforcement officials. (On February 10, 2020, four Chinese nationals working for the People’s Liberation Army were indicted in connection with the 2017 breach.) On September 8, 2017, the first trading day after the release of the data breach news, Equifax’s stock price had dropped nearly fifteen percent. Over the next few days, further news and information about the breach became public. By September 15, 2017, Equifax’s share price had dropped a total of nearly 36 percent since the initial data breach disclosure. The Plaintiffs’ Complaint As discussed here, on September 8, 2017, plaintiffs’ lawyers filed a securities class action lawsuit against the company and certain of its directors and officers. The data breach-related securities lawsuits against Equifax ultimately were consolidated and in April 2018 the plaintiffs’ counsel filed a consolidated amended complaint (here). In the amended complaint, the plaintiff alleged that the defendants made multiple misleading statements and omissions about the sensitive information in Equifax’s custody; about the vulnerability of the company’s systems to cyberattack; and about the company’s compliance with data protection laws. The complaint alleges that despite these assurances, the company “failed to take the most basic precautions” to protect its systems from hackers. The complaint alleges that these statements artificially inflated the company’s share price and caused a loss in the value of the company’s shares when “the truth was revealed.” Among other allegations in the amended complaint, the plaintiff alleged that the company’s cybersecurity was “dangerously deficient” as a result of the company failure to implement appropriate protocols; failure to remediate known deficiencies; failure to encrypt sensitive data; failure to implement appropriate authentication measures; and failure to adequately monitor its networks and systems. The Motion to Dismiss and Subsequent Proceedings The defendants filed a motion to dismiss the plaintiffs’ amended complaint. As discussed here, on January 28, 2019, Northern District of Georgia Judge Thomas W. Thrash, Jr. entered an order granting in part and denying in part the defendants’ motion to dismiss. Following Judge Thrash’s ruling on the motion to dismiss, the parts of the case that had not been dismissed went forward. In addition, the parties also commenced mediation efforts. In late 2019, as a result of the parties’ mediation efforts, the parties entered an agreement in principle to settle the lawsuit, subject to several conditions, including in particular the completion of a full stipulation of settlement. On February 13, 2020, the parties’ jointly filed a motion with the court seeking preliminary approval of the settlement. The parties’ stipulation of settlement accompanied the motion. Discussion As I noted at the outset, while there have been a number of D&O lawsuits filed against companies that have experienced cyber-security incidents in recent years, these lawsuits largely have been unsuccessful. The one notable exception was the Yahoo data breach securities lawsuit, which as discussed here, settled for $80 million. The related Yahoo shareholder derivative lawsuits settled for $29 million, as discussed here. Yahoo’s successor-in-interest, Altaba, also settled a related SEC enforcement action for $35 million. But, with the notable exception of the Yahoo litigation, D&O lawsuits based on cybersecurity incidents had not been particularly successful for plaintiffs. That is, until now. The $149 million settlement in the Equifax data breach obviously is a significant settlement that arguably represents a milestone of sorts for D&O litigation in the cybersecurity context. If nothing else, the Equifax settlement, along with the prior Yahoo data breach litigation settlements, make a statement that cybersecurity-related D&O lawsuits potentially represent a significant exposure. The clear implication is that follow-on D&O litigation is among the significant consequences that can follow for companies experiencing cybersecurity incidents. The $149 million settlement is massive. However, it is interesting to note that the settlement, as big as it is, does not crack the list of the Top 100 U.S. Securities Class Action Lawsuit settlements. (To break into the list, a settlement would have to exceed at least $164 million.) However, it is, of course, the largest ever cybersecurity-related securities class action settlement. It clearly represents a bellwether in these kinds of cases, and potentially has significant implications for other serious pending cybersecurity-related securities lawsuits, including, for example, the data breach-relates securities suits pending against Marriott (here) and Capital One (here). There are a number of details about the settlement that are not yet clear. One detail that undoubtedly would be of interest to readers of this blog is the amount of the total settlement that is being funded by D&O insurance. The settlement documents themselves are silent on this point. At least as now, the company itself has said little about the settlement. (I encourage any readers out there who may know the details about the D&O insurance contribution to the settlement to please let me know; I will of course protect the anonymity of anyone who can provide me with the information.) The company’s total settlements so far arising out of the 2017 data breach are really kind of astonishing. Along with the recent $149 million securities suit settlement, the company also previously agreed to pay $380.5 million to settle the class action lawsuits filed on behalf of the consumers whose information was exposed as result of the breach. Separately, the company reached an agreement with the FTC to pay up to $425 million to help people affected by the breach. As detailed here, the company also agreed to pay $175 million to 48 states in the U.S and and $100 million in civil penalties to the Consumer Financial Protection Bureau (CFPB). These amounts do not include the cost the company paid to upgrade its systems or defend itself against all of these various proceedings. (Indeed, last week the company said that so far the various expenses associated with the 2017 data breach had, to date and net of insurance recoveries, cost the company $1.7 billion.) Clearly, the potential costs associated with a serious data breach can be massive. One final question about the recent Equifax data breach-related securities suit settlements is what impact it might have on prospective future claimants. At a minimum, the Equifax settlement and the earlier Yahoo settlements show that the plaintiffs’ lawyers might actually be able to make money on these kinds of lawsuits. Clearly, a settlement of the magnitude of the Equifax settlement is enough to attract the attention of prospective future claimants and arguably encourage them to file similar claims. As I have noted frequently in the past, the likelihood is that we will see more of these cybersecurity incident-related securities suits and other D&O claims in the future. Just the same, none of this should be interpreted to suggest that we are about to see a flood of these kinds of cases. There were only a very small number of data breach-related securities lawsuits filed in 2019. In many instances, companies experiencing data breaches may not necessarily be attractive securities suit targets because company share prices often do not drop significantly on news of a data breach. In the absence of a significant stock drop, the data breach company will not be an attractive securities suit target. In addition, there are a number of factors that make the Equifax situation distinctive and arguably unique. The Equifax data breach was massive, and it involved the disclosure of particularly sensitive information. The impact on the company and its share price was also massive. There have been relatively few other data breaches that were quite as serious in scope, seriousness, and magnitude. Because of these distinctive features of the Equifax situation, there clearly is a limit to any conclusions that might be drawn from the settlement of the case. Equifax Data Breach-Related Securities Suit Settled for $149 Million published first on via Tumblr Equifax Data Breach-Related Securities Suit Settled for $149 Million Several years ago when my wife (also a lawyer) and I were in London on holiday, we took the opportunity to visit Old Bailey, London’s famous criminal courthouse. We were fortunate on the day we visited to see a portion of rather sensational murder trial. The facts surrounding the underlying crime, while lurid, were also fascinating, but the most striking thing for us about the trial day we observed was the quality of the advocacy, which was absolutely brilliant. Witnessing the spectacle was a completely enthralling experience. On a more recent visit to London, I was browsing the new books counter at Hatchard’s book store on Piccadilly when I happened to spot Thomas Grant’s book “Court Number One: The Old Bailey Trials That Defined Modern Britain.” I took a photo of the book and sent the picture to my kids with a strong hint that I wouldn’t mind finding the book under the Christmas tree. Fortunately, the kids got the hint, and the book was among the presents I unwrapped this past Christmas. When I saw the book at Hatchard’s, I suspected based on my prior visit to Old Bailey that I would be interested in the book. As it turns out, I found the book to be totally absorbing. Grant, the book’s author, is himself a barrister (and a QC – that is, Queen’s Counsel, an honorific indicating that the person so designated is “learned in the law”), and he has put together a masterful and compelling volume. The book consists of a series of accounts of eleven criminal trials, all of which took place in Old Bailey’s Courtroom No. 1, historically reserved for the highest-profile and most important trials. The trial accounts are arranged chronologically. The first trial described, involving “The Camden Town Murder,” took place in 1907, and the last trial described, involving the tragic murders of two pre-teen girls, took place in 2003. Along the way, he describes the trials of the obscure and of the famous, including, among others, the post-war trial of Lord Haw-Haw, and the “Trial of the Century” – the 1979 trial of the Liberal Party leader, Jeremy Thorpe. The chronological approach works well, as it highlights how much the court practices and procedures have changed over time. The role of the judge, the limits of advocacy, and the rights accorded the accused all changed dramatically during the time period covered in the book. The rise of mass media press coverage also has had a significant impact. But perhaps the most interesting effects of the chronological approach is that it illustrates how perceived injustices or shortcomings of earlier trials led to later changes in both the procedures and the law. Grant has chosen his examples well. The first case described, that of the Camden Town Murderer, Robert Hall, shows how the brilliant advocacy of one of the age’s most acclaimed barristers, Sir Edward Marshall Hall, led to the defendant’s acquittal, against all odds. As is the case throughout the book, Grant’s eye as an experienced barrister himself allows him to highlight the ways that Marshall Hall’s skillful cross-examination cast doubt on the Crown’s evidence. Grant also celebrates the brilliant oratory that a truly skilled advocate can bring to his or her task. Many of the Grant’s trial descriptions have a cinematic quality. Indeed, it is no accident that over time there have been a number of films based on Old Bailey trials. The most famous of these movies is Witness for the Prosecution, based on the Agatha Christie short story and play of the same name (which, coincidentally, my wife and I saw performed here in Cleveland last fall – it was excellent). Another movie based on an Old Bailey trial is 10 Rillington Place. The movie is based on the Old Bailey murder trial of Timothy Evans, who was accused of murdering his wife and daughter. The Evans murder trial is one of the eleven trials described in Grant’s book. The story is so lurid and fascinating that you would never believe it if it hadn’t actually happened. Grant skillfully tells the tale of Evans’s wife’s disappearance, of the police investigation, and of Evans’s arrest, as well as the hysterical media coverage that surrounded these events. Throughout his description of the subsequent trial, Grant details the flaws in the Crown’s case, as well as the shortcomings of Evans’s defense – his counsel clearly found the entire situation distasteful in the extreme. A large part of the Crown’s evidence was provided by Evans’s neighbor, a World War I veteran named John Christie. Evans ultimately was convicted and later executed. Sadly, after Evans’s death, the police uncovered evidence that Christie had been involved in a series of grisly murders. The investigation of the other murders ultimately led the police to conclusive proof that it was Christie, not Evans, who had murdered Evans’s wife and daughter. Evans’s conviction and execution were in fact the result of a tragic miscarriage of justice. As Grant details, the 10 Rillington Place Trial was instrumental in the ultimate elimination of the death penalty in Britain. The 10 Rillington Place Trial is truly remarkable, but the trial described in Grant’s book that I found most interesting was 1991 trial of Michael Randall and Pat Pottle, who were accused of aiding the prison escape of George Blake, a former MI6 agent who had been convicted of providing highly classified and sensitive information to the Russians. Randall and Pottle were peace activists and non-conformists who had met Blake while they themselves were in prison for prior convictions based on protest activities. The factual background of Blake’s conviction and escape itself makes the Randall and Pottle case interesting, but what makes the trial account compelling is the fact that Randall and Pottle conducted their own defenses. Not only did they manage to procure their own acquittals, but they did so despite having admitted in a book they wrote that they had in fact assisted Blake’s escape. Grant’s account of how Randall and Pottle cleverly managed to insinuate themselves with the jurors and convince them not to convict despite the evidence really makes for a great story. Grant’s somewhat philosophical reflection on the jury’s verdict – an example of what we in the U.S. would call “jury nullification” – is a fascinating essay on the importance of jury independence in an adversarial system. I think just about any reader would find this book to be a terrific read, but this book will be particularly rewarding for anyone who is interested in the role of advocacy in an adversarial system of justice. Grant is a keen observer and sharp commentator. His eye for the telling detail and his narrative skill bring these trials to life. His own experience as a practicing barrister gives his observations a satisfying aura of authority. You come away not only entertained, but also with a sense that you truly understood what happened. I feel compelled to add a note of caution. Some American readers may find some features of this book a little off-putting. This book was written for a British audience. It assumes acquaintance with a host of crimes and trials that, from the way they are mentioned in the book, must be just common knowledge in Britain, but that were completely unknown to me. Grant also mentions a multitude of celebrities, politicians, authors, journalists, and other public figures with an unstated assumption that of course everyone knows these people. I recognized very few of these individuals’ names, and so whatever reference Grant sought to evoke was completely lost on me. However this last point is at most a minor quibble. I enjoyed this book. I liked it so much that as soon as I finished it, I immediately started reading it again. I liked it so much that I wish Grant would find eleven more trials to write about and publish another book just like this one. Book Review: “Court Number One: The Old Bailey Trials That Defined Modern Britain” published first on via Tumblr Book Review: “Court Number One: The Old Bailey Trials That Defined Modern Britain” As a follow-up to my year-end activities, including publishing a list of my own top ten 2019 travel pictures, I have also been publishing pictures that readers have submitted of their 2019 travels. My first installment of readers’ 2019 travel pictures can be found here, the second installment can be found here, and the third installment can be found here. In this post, I am publishing the latest round of readers’ travel pictures, including some very distinctive pictures from Central Asia. But first, before the Asian pictures, I have this picture from California. This picture was sent in by Kelly Castriotta of Allianz.
Loyal reader Neha Yardi of Howden in Mumbai send in a series of pictures from Uzbekistan, including the three extraordinary pictures described below.
I think everyone will agree that these pictures are extraordinary, and I am very grateful to these contributors for sending their pictures in. It has been a lot of fun publishing readers’ pictures, and I appreciate everyone that took the time to submit pictures. Unfortuately, all good things must come to an end, so I think this post will be my last edition of readers’ pictures. The flow of new picture submissions has basically stopped and so I think this is probably a good time to draw an end to this series. My thanks to everyone who participated, this has been a lot of fun.
A Final Round of Readers’ Travel Pictures published first on via Tumblr A Final Round of Readers’ Travel Pictures In the following guest post, Paul A. Ferrillo takes a look at the recent findings that the SEC Office of Compliance, Inspections and Examinations issue with respect to its cybersecurity examinations of registered investment advisers and broker dealers. The findings, Paul suggests, provides good guidance from a number of perspectives with regard to cybersecurity governance issues. Paul is a partner with McDermott, Will & Emery. I would like to thank Paul for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul’s article. ********************** The D&O Diary has done an exemplary job noting that there have generally been two fast ways that cause “event-driven” litigation for a company and its directors (through a derivative action) to be filed: 1) to either ignore published regulatory warnings, disclosure guidance or direction, and have those warnings come back and bite you following a disastrous event (like a big cyberattack), or 2) to ignore warnings and “red-flags” evidencing potentially ‘poor conduct’ or “red flags” not in conformance with such regulatory advice, and have those warnings eventually come back and be the cause of the event. Both 1 and 2 can be equally painful for a company. Associated stock drops coupled with regulatory actions, orders or proceedings will likely cause both securities and derivative litigation (and potentially other forms of breach or privacy-related litigation). While some regulatory bodies have not been prolific with their guidance to companies, firms, directors and officers as to “what to do to avoid” or “how to handle” the big cybersecurity “ugly mess,” the Securities and Exchange Commission (SEC), for example has been a lot more helpful and direct to registered entities. On January 27, 2020 the US SEC Office of Compliance, Inspections and Examinations (OCIE) issued a helpful summary of the findings it has made in targeted cybersecurity examinations of registered investment advisers and broker dealers (hereinafter referred to as the “cyber observation memo”). The cyber observation memo follows yearly examination memorandums and advisories on the points of emphasis that it wants its registered firms to both identify, remediate and otherwise control for. It’s no secret that the practices the SEC identified as “important” in prior years – 2016-2019 – are approximately the same practices that it highlights in the cyber observation memo where firms have done a “good job.” The cyber observation memo is helpful for another reason – to clarify the ground rules for the registered entities and their directors and officers. If you do not follow what the SEC has “suggested,” and you subsequently have a major data breach or other cyber incident that affects customer data, do not be surprised if the SEC assesses a fine or penalty. Regulated firms and their directors and officers would do well to avoid enforcement actions and fines, especially since there may be related public disclosure obligations as well. So “RIA emptor” or “Registered Investment Adviser Beware!” What Registered Investment Advisors (RAI) should be thinking about when it comes to cyber Here are the key factors the SEC has identified that each RIA or broker-dealer should be considering:
The cyber observation memo offers a list of good practices and procedures to help guard against data loss:
This is older piece of advice, but one that is often over looked in the heat of business or the economy: make sure that you have a practiced and tested cyber incident response, business continuity and crisis communications plan. These are the first documents that a regulator will ask for during an examination. And these are probably the first documents that the firm’s directors and officers will ask for when reviewing the cybersecurity posture of the firm. If you are not practicing what to do when you get attacked, then you are not being realistic of your chances of effectively responding to a devastating cybersecurity attack.
The Internet has created so many efficiencies for business. Nearly everything can be outsourced – from manufacturing to HR to payroll to cybersecurity itself – by using a managed service provider. But what really do you know about your vendor? What program do you have in place to both identify and monitor the cybersecurity of your critical vendors? And maybe your less critical vendors too? The SEC OCIE recommends a fulsome vendor management program. We do too. Finally, none of the above is any good (most of the time) unless your board and senior executives buy into both your regulatory cybersecurity compliance strategy and your data loss prevention strategies. Update to date network servers and operating systems are critical in today’s environment; so are machine-learning solutions for network security and things like good IAM programs. And both cost money. “Buy in” by the board and senior management is important. Some boards are very focused on cybersecurity. Many are not. To avoid event-driven disasters, they really need to focus upon the fact that ANY company or firm is a target in today’s threat filled environment. Many states and regulatory schemes require board signoff of cybersecurity initiatives and compliance. The SEC has always considered good cybersecurity and good cyber governance to be essential. Good cybersecurity is not just an IT responsibility; it’s everyone’s responsibility at the firm. Chief Information Security Officers and IT executives should make it standard to meet with boards and senior executives once a quarter to talk about cybersecurity. Having your outside forensic advisor available to board members helps too, and adds a sense of comfort to discussions. Having directors who actually understand digital transformation and cybersecurity issues would be bonus additions to any board of directors. The SEC OCIE cyber observation memo is good guidance from many perspectives. Clients, customers and investors like stability and appreciate good cybersecurity, but they do not like data breaches or ransomware attacks. Regulated entities and their directors – beware! The world — and the SEC — are watching. __________________________ About the author Paul Ferrillo is a partner with McDermott, Will & Emery. He focuses his practice on corporate governance issues, complex securities class action, major data breaches and other cybersecurity matters, and corporate investigations. He can be reached at [email protected]. Guest Post: Avoiding Event Driven Litigation through Good Cybersecurity Governance published first on via Tumblr Guest Post: Avoiding Event Driven Litigation through Good Cybersecurity Governance |
|