Caremark Liability Following the SEC’s New ESG Reporting Requirements

Recent developments in the Court of Chancery concerning a corporate board’s duty to monitor and provide oversight over a corporation’s operations, so-called Caremark claims, are likely to intersect with the SEC’s proposed new ESG disclosure obligations to create a new category of corporate risk.  Over the next several years, corporations are likely to face litigation focused on their climate-related actions and reporting surrounding them.  In this article, we discuss recent trends in Delaware law that have led to a revitalization of Caremark claims (Part I), the SEC’s current proposals for enhanced ESG disclosure (Part II), the likely intersection of these two trends, which can be expected to result in litigation and other corporate risk (Part III), and some commonsense steps corporations can take to mitigate this potential new category of risk (Part IV).

1. The Re-emergence of Caremark Claims

One of the more notable developments in Delaware case law in recent years has been the revitalization of “Caremark duty” claims.  The Court of Chancery first annunciated that corporate directors have an affirmative duty of oversight to monitor so called “mission-critical” aspects of their business in In re Caremark Int’l Inc. Deriv. Litig., 698 A.2d 959, 970 (Del. Ch. 1996).  Caremark actions were once notoriously difficult to plead—in explaining the doctrine, the Chancery Court famously called it “the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment.”  Id. at 967.  As a result, Caremark claims frequently resulted in early dismissals.  In recent years, however, the Delaware courts have breathed new life into the Caremark doctrine by allowing these types of claims to proceed to discovery.  See, e.g., In re Boeing Co. Deriv. Litig., 2021 Del. Ch. LEXIS 197, at *1-*3 (Del. Ch. Sept. 7, 2021).

Caremark itself concerned the board of a health care company accused of violating certain federal and state laws and regulations that bar healthcare providers from paying referral fees for Medicare and Medicaid patients.  Id. at 961-62.  As a result of this alleged misconduct, Caremark and various Caremark officers faced multiple criminal indictments and five separate derivative actions for breaches of the duty of care.  Id. at 964.  After resolving the criminal indictments via a negotiated guilty plea, the company agreed to settle the derivative actions, and the court approved the parties’ proposed settlement as “fair and reasonable.”  Id. at 970. 

In its opinion approving the settlement, the Court of Chancery articulated the oversight and monitoring responsibilities of a corporation’s board of directors under Delaware law.  The duty of oversight, a subsidiary of the duty of loyalty, requires that a board “exercise a good faith judgment that the corporation’s information and reporting system is in concept and design adequate to assure the board that appropriate information will come to its attention in a timely manner as a matter of ordinary operations.”  Id. at 970.  According to Chancellor Allen, most corporate decisions do not need director supervision.  Id. at 968 (“Legally, the board itself will be required only to authorize the most significant corporate acts or transactions:  mergers, changes in capital structure, fundamental changes in business, appointment and compensation of the CEO, etc.”).  There are instances, however, where a board may be liable for “a sustained or systematic failure . . . to exercise oversight—such as an utter failure to attempt to assure a reasonable information and reporting system exists.”  Id. at 971. 

Since Caremark, “duty to monitor” claims have typically involved allegations of some form of illegal activity on the part of employees concerning a “mission critical” aspect of a company’s business, and a claim by plaintiff that the alleged unlawful conduct would not have occurred had directors properly exercised oversight.  While no court has explicitly defined “mission critical,” case law suggests that the term refers to core aspects of a corporation’s operations that are essential to the success of the company.[1]  Furthermore, the Delaware courts have distinguished between two distinct types of Caremark claims.  The first type of claims concern a board’s failure to implement a system of controls to prevent some unlawful misconduct that occurred.  A plaintiff must plead the “directors utterly failed to implement any reporting or information system or controls.”  Stone v. Ritter, 911 A.2d 362, 370 (Del. 2006).  The second type of claims concern a failure to monitor by the directors.  A plaintiff must plead the board “consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.”  Id.

Caremark claims are notoriously difficult to plead in large part due to Caremark’s stringent pleading standard with regard to demand futility requiring that a plaintiff “plead with particularity that the board cannot be entrusted with the claim because a majority of the directors may be liable for oversight failures,” which is “extremely difficult to do.”  In re Boeing Co. Deriv. Litig., 2021 Del. Ch. LEXIS 197, at *2.  In turn, Caremark claims historically were seldom brought.  When plaintiffs did file, they rarely succeeded.  In fact, for nearly two decades after Chancellor Allen’s opinion in Caremark, there appear to be only six claims that ever survived a motion to dismiss.[2]

Nevertheless, the Caremark doctrine was returned to potency in 2019 following the Delaware Supreme Court’s decision in Marchand v. Barnhill, 212 A.3d 805 (Del. 2019).  That case arose from a listeria outbreak at a Blue Bell ice-cream manufacturing plant that killed three consumers and sickened many others.  The outbreak forced the company to recall its products, shutter its plants, and accept a dilutive private equity deal.  In response, a plaintiff-stockholder brought a derivative Caremark suit against Blue Bell’s directors for failing to oversee and monitor the company’s food safety operations. 

The Delaware Supreme Court ultimately overturned the Court of Chancery’s dismissal of the action and held that “[u]nder Caremark, a director may be held liable if she acts in bad faith in the sense that she made no good faith effort to ensure that the company had in place any ‘system of controls.’”  Id. at 822.  To be sure, the company did have safety practices in place, commissioned audits from time to time, and government inspectors reviewed Blue Bell’s facilities.  Id. at 823.  But the Delaware Supreme Court held these efforts did “not imply that the board implemented a system to monitor food safety at the board level.”  Id.  The board failed to demonstrate it had made “a good faith effort” to monitor the company’s “central compliance risks” or its “essential and mission critical” operations—i.e., the health and safety of Blue Bell’s ice cream manufacturing operations.  Id. at 824.

Marchand is notable not because it changed the Caremark standard, but because it demonstrated the Delaware courts’ willingness to permit Caremark claims to pass the motion to dismiss phase if they could be plausibly pled.  It ultimately laid the groundwork for a slew of subsequent rulings demonstrating the renewed vitality of Caremark claims.  For example, in In re Clovis Oncology Deriv. Litig., the Court of Chancery cited the Delaware Supreme Court’s ruling in Marchand to hold that plaintiff adequately pled that the board of a pharmaceutical company failed to follow health and safety regulations imposed by the Food and Drug Administration.  2019 Del. Ch. LEXIS 1293, at *30 (Del. Ch. Oct. 1, 2019).  In analyzing plaintiff’s type two Caremark claim, the Court of Chancery found plaintiffs adequately pled facts suggesting the company’s board of directors, who operated in a highly regulated industry and whose main operational concern centered on issues of drug safety and efficacy, disregarded “multiple warning signs that management was inaccurately reporting [the drug’s] efficacy.”  Id. *3. 

Since Marchand, Delaware courts have been more comfortable permitting pleadings to proceed based on Caremark claims across a variety of different companies and industries.  For example, in Inter-Marketing Group USA, Inc. v. Armstrong, the Court of Chancery permitted plaintiffs’ Caremark claim against an oil pipeline operator resulting from an oil spill.  2020 Del. Ch. LEXIS 391, at *35 (Del. Ch. Jan. 31, 2020).  The Court held that, while the board received reports regarding general pipeline activity, those reports were devoid of substance, and the board “never reviewed pipeline integrity policy [or] procedure.”  Id. at *34.  In Teamsters Local 443 Health Services & Insurance Plan v. Chou, the Court of Chancery held that plaintiffs adequately pled the board of a pharmaceutical company was aware of its healthcare product’s “contravention of mission critical drug health and safety regulations, and that the Board failed to act in response.”  2020 Del. Ch. LEXIS 274, at *69 (Del. Ch. Aug. 24, 2020).  In In re Boeing Co. Derivative Litig., a derivative action following the crash of two of Boeing’s 737 MAX airplanes, the Court held plaintiffs sufficiently pled that the board of directors failed to establish a reporting system for airplane safety and “turn[ed] a blind eye to a red flag representing airplane safety problems.”  2021 Del. Ch. LEXIS 197, at *3 (Del. Ch. Sept. 7, 2021).  And in Hughes v. Xiaoming Hu, the Court of Chancery found plaintiffs adequately alleged the board failed to establish a board-level system for overseeing the Company’s financial statements and related-party transactions and, instead, “followed management blindly, even after management had demonstrated an inability to report accurately about related-party transactions.” 2020 Del. Ch. LEXIS 162, at *47-*48 (Del Ch. Apr. 27, 2020).  In sum, at least four Caremark suits have survived a motion to dismiss since Marchand.  In addition, there are also several ongoing Caremark suits in Delaware.

Not all Caremark suits will survive a motion to dismiss, as the pleading standard for a breach of duty to monitor claim is still difficult to satisfy.[3]  Nevertheless, the aforementioned decisions signal that the Delaware courts are more willing to entertain such suits than ever before.  It is imperative, therefore, that boards focus on:  (1) establishing adequate information and reporting systems to monitor “mission critical” aspects of their company’s business; (2) monitoring those systems once in place. 

2. The SEC’s Proposed New Climate-Related Disclosure Requirements

On March 21, 2022, the Securities and Exchange Commission (“SEC”) proposed new rules requiring companies to report extensive line-item disclosures on climate-related ESG issues.[4]  The SEC has dubbed the new rule: “The Enhancement and Standardization of Climate-Related Disclosures for Investors.”[5]  Prior to the proposed new rules, companies relied on the SEC’s 2010 reporting guidance concerning climate change.  If implemented as written, the proposed rules would require registrants to make significant additional disclosures regarding the impact of climate-related risks on a registrant’s business.  (The SEC is expected to adopt final rules within the next few months.)  Certain specific requirements imposed by the proposed rules are detailed below.        

First, proposed Item 1504 of Reg. S-K would require registrants to report their greenhouse gas (“GHG”) emissions, regardless as to whether those emissions are deemed material by the company.  Emissions will now be reported by “scope” or type.  Scope 1 emissions are GHG emissions generated directly by the registrant.  Scope 2 emissions are GHG emissions that a registrant is indirectly responsible for, such as emissions generated from a company’s consumption of energy.  Scope 3 emissions reflect other indirect GHG emissions that a registrant generates from its supply chain and products.  Recognizing the difficulty inherent in reporting on Scope 3 emissions, the SEC will only require companies to report on Scope 3 emissions if they are “material.”  Finally, a safe harbor provision exists for companies that report Scope 3 emissions, unless these disclosures were “made or reaffirmed without a reasonable basis or [were] disclosed other than in good faith.”  See proposed Item 1504(f).

Second, proposed Item 1502 of Reg. S-K would require registrants to describe “climate-related risks reasonably likely to have a material impact on the registrant, including on its business or consolidated financial statements, which may manifest over the short, medium, and long term.”  “Climate-related risks” are defined as potential or actual impacts from climate-related conditions and events that impact a registrant’s financial statements, business operations, or value chains.  Moreover, the amount of information registrants would be required to provide is quite detailed.  For example, the proposed rules would require registrants to delineate how climate-related risks have impacted or are likely to impact a registrant’s strategy, business model, and outlook, including a time horizon for each impact. 

Registrants would also be required to specify how climate-related risks have affected their business operations, products or services, suppliers and other parties in the registrant’s value chain, activities to mitigate or address climate-related risks, expenditures on research and development, and any other significant changes or impacts.  Finally, for those registrants that employ a carbon price as part of their own internal accounting process, the proposed rules would require registrants to disclose:  (1) the current price per metric ton of CO2 used by the registrant; (2) the registrant’s total carbon price; (3) whether and how the total price is expected to change over time; (4) how the price is determined and the rationale for such determination; and (5) how the price is used to assess and manage climate-related risks.  Similarly, registrants would need to disclose any “scenario analysis” they have undertaken.

Third, proposed Item 1501 of Reg. S-K requires governance disclosures related to climate-risk.  Registrants would be required to disclose information concerning: (1) their board’s oversight of climate-related risks and management’s role in assessing and managing those risks; (2) any member of the board of directors who has climate-related expertise; (3) the processes and frequency by which the board discusses climate-related factors; (4) what management positions are responsible for assessing and managing climate-related risk; and (5) the processes in existence to inform managers about climate-related factors so they can manage that risk.

Relatedly, proposed Item 1503 of Reg. S-K would require registrants to detail any processes they have “for identifying, assessing, and managing climate-related risks.”  The rule is intended to provide investors more granular information on a registrant’s climate-related risk management practices. 

Finally, proposed Item 1506 would require registrants to provide disclosures if they have set any targets or goals related to the reduction of GHG emissions. 

If implemented as proposed, the new rules would impose significant reporting requirements on registrants.  The SEC has touted these new rules as an attempt to “advance consistent, clear, intelligible, comparable, and accurate disclosure of climate-related financial risk” in order to “allow investors to compare products and accurately price risks and opportunities associated with ESG practices.”[6]  However, the rules are also expected to have an impact on company practices, including on how boards and managers oversee, assess, and mitigate climate risk and the impacts of climate change on their businesses.  The sheer breadth, specificity, and complexity of the proposed rules would result in one of the most profound changes to public companies’ disclosure obligations in the history of the SEC.

3. The SEC’s New Reporting Requirements Will Likely Generate Additional Caremark Exposure

In addition to spurring companies to reevaluate their internal compliance and reporting regimes, the SEC’s climate-related disclosure rules will likely fuel ESG-related Caremark claims.  In particular, heightened disclosure requirements will provide ammunition for derivative or class action lawsuits and may expose companies to specific indirect risks, including heightened exposure to pre-suit discovery and proxy contests.  These direct risks and indirect risks are described below.

Direct Litigation Risks:

The SEC’s new reporting requirements are expected to create new grounds for investors to assert liability claims against corporations and their boards of directors and management, and thus to increase the risk of liability. Shareholders can be expected to leverage the new disclosures to seek to hold companies accountable for failing to properly oversee, mitigate, or eliminate climate-related risk.  The revitalized Caremark doctrine is likely to be employed by shareholder-plaintiffs’ law firms as the basis for complaints that boards and managers failed to oversee so-called “mission-critical” aspects of their business that generate climate-related risk. 

In this vein, plaintiffs may choose to use disclosures required by the SEC’s proposed rules as the basis for a breach of duty to monitor or Caremark claim through either a derivative suit, brought on behalf of the company against its directors and officers, or a class action suit, brought on behalf of a class of injured shareholders or investors.  In the past, Caremark claims were almost exclusively applied to address legal, regulatory and accounting compliance issues regarding a company’s “business performance.”[7]  But the promulgation of new environmental disclosure requirements will likely spur new Caremark claims if and when a board fails to exercise proper oversight with respect to climate-related risks or to consider proper mitigating steps.[8]

For example, under a Caremark type one claim, plaintiffs may leverage new climate-related disclosures to plead that directors have failed to implement an appropriate system of controls to monitor “mission-critical” components of their business with exposure to climate risk.  Shareholders, leveraging disclosures generated by proposed Item 1501 of Reg. S-K, might cite the fact that a board lacks climate-related expertise as evidence of an oil and gas company’s failure to competently monitor a “mission-critical” aspect of its business.  Likewise, one can readily imagine how shareholders could use ESG disclosures to bring Caremark type two claims alleging a board consciously failed to monitor or oversee its operations.  Disclosures concerning the processes a company employs to inform its managers about mission-critical climate-related risks—and likewise to inform and enable the board’s monitoring function—so  that the risks can be effectively managed might inform such a lawsuit.

This new threat will be amplified for companies that have yet to fully examine how ESG issues factor into their mission-critical operations.  Given the breadth of environmental, social and governance related issues that exist, most companies will likely have some elements of ESG deemed to be mission-critical.  Yet companies that have yet to devote resources and personnel to measuring (using consistent, comparable and reliable data) and analyzing their own ESG-related risks may be particularly susceptible to Caremark-based suits.  Companies need to be able to ascertain and address their most pressing ESG-related risks to avoid future Caremark liability. 

Indirect Risks:

Indirect risks manifest in a variety of ways and can result in a mix of financial and reputational harm that can arise from lax ESG-risk management.  They can result in the disclosure of embarrassing or harmful information about a company, its board, or managers, and lead to the replacement of key company executives or directors by aggrieved shareholders.  Moreover, they give rise to issues (pre-suit discovery and proxy battles) that are expensive and resource-intensive to address.  While these risks are indirect to companies, they pose a direct threat to board members and managers.

Pre-Suit Discovery. Boards can expect new disclosure requirements to enable shareholders to gain greater access to pre-suit discovery.  D.G.C.L. Section 220 provides shareholders with a qualified right to inspect a company’s books and records in order to investigate a “proper purpose,” which is commonly some suspected corporate wrongdoing or mismanagement.  A shareholder is only required to demonstrate a “credible basis” to support a suspicion of mismanagement or wrongdoing, an easy hurdle to overcome.[9]  Courts historically took a more narrow view of Section 220, construing the rule to entitle a successful shareholder only to a narrow universe of documents such as board meeting minutes and presentations.[10]  In more recent years, some courts have taken a more expansive view of reasonable Section 220 demands, allowing shareholders access to a greater array of materials including director and officer emails.[11]

The new ESG reporting requirements will likely provide shareholders with even more information as ammunition to fuel Section 220 demands.  These investigations are both time and resource intensive as well as precarious for both boards and managers.  Opening a company’s books to pre-suit discovery could expose boards, management, or companies to serious reputational harm, as well as provide fodder for future lawsuits against the current board.

Proxy Contests.  New ESG-related disclosures are also likely to generate greater turmoil in the form of proxy battles at the board level.  Historically, shareholder activists have been focused on addressing short-term profit, stock price and total shareholder return.[12]  Yet activist campaigns containing an environmental or social objective have doubled as a proportion of campaigns overall during the five years between 2016 and 2021.[13]  In fact, data on shareholder engagements from the 2022 proxy season indicates that investors are increasingly focused on pressuring public companies to make greater efforts to address their performance and disclosure regarding ESG issues.[14]

Again, the SEC’s new requirements can be expected to accelerate this trend towards more shareholder activism, including in the form of proxy battles.  One prominent recent example has been the proxy fight waged between ESG activist Engine No. 1 and Exxon.[15]  Although furiously resisted by Exxon, Engine No. 1, a small investment start-up, was able to elect three dissident directors to Exxon’s twelve-member board following the company’s alleged failure to adequately address investor concerns about its reluctance to adapt to a low-carbon future. 

As demonstrated in the case of Exxon, proxy contests can generate steep costs in terms of legal fees and the diversion of resources, not to mention the reputational harm these actions can cause a company.  Exxon’s bitter environmental proxy battle lasted for six months, costing the company a significant amount of time and expense.  The proliferation of new ESG reporting requirements is expected to further fuel these contests, particularly with respect to companies that are perceived to be lagging on ESG commitments or expectations.

4. Conclusion:  Avoiding Environmental-Caremark Claims

Companies should take several steps in preparation for the increased pressure expected to arise from the need to address ESG issues.

First, companies should be aware of the obligations and risks they face with regard to ESG issues.  That means determining what ESG-related risks could detrimentally impact a “mission-critical” aspect of a company’s business.  What is determined to be “mission-critical” will necessarily vary by company.  Safety concerns are mission-critical to many product manufacturers, but it is less clear whether a company that emits negligible amounts of CO2 should consider climate change a mission-critical risk.  Identifying these threats is not necessarily straightforward, but will be critical to prepare for and defend against future Caremark-related suits.

Second, once companies are cognizant of the ESG-related risks they face, they will need to start implementing appropriate governance structures so that they are aware of, and can take steps to address, ESG risks.  Directors should establish responsible committees and internal information and reporting procedures to ensure board members have proper oversight of these efforts.  This will allow boards to demonstrate their engagement in response to potential Caremark claims, as well as to respond to any ESG risks arising in the company’s operations. 

Third, with these governance structures in place, companies must focus on generating, collecting, and analyzing consistent and comparable data on the ESG-related risks they face.  These data should be actively monitored by managers and board members.  Such systems will help corporate leaders more quickly identify and address ESG risks before they result in catastrophic situations and resulting litigation.  And, if Caremark claims ensue, boards will be able to use these governance structures and reporting regimes to demonstrate that they have satisfied their oversight obligations.

Finally, once these systems are in place, companies should take steps to prepare for the adoption of the SEC’s new climate-related disclosure requirements.  The development of governance and reporting structures will undoubtedly aid in the collection of information for these purposes.  While taking these steps, it is advisable that corporate executives and boards seek input from subject matter experts and experienced legal counsel to help design and implement robust compliance and monitoring regimes that can help to discourage or forestall future litigation in the form of Caremark or other claims related to ESG issues.

Subscribe To Viewpoints