Some Guidance For Workplace Investigations

The following are some comments as guidance for workplace investigations. We are seeing ongoing news about situations where investigations did not occur, and situations where investigations have been starting or are in progress, and also apparently where situations of alleged possible unlawful activity occurred or might have occurred but was not reported (although in some situations knowledge of possible unlawful activity might had been known). These issues don’t simply reflect on the accuser and the accused, but reflect on the business, nonprofit or governmental entity at issue, and, variously depending on the situation, elected representatives, executive officers, boards of directors and the board committees, general counsel, compliance and ethics professionals, HR, employees, perhaps internal audit and even the external auditor, etc., and throughout the entire organization or entity.

An employer has a duty to take reasonable steps to prevent harassment, discrimination, and unlawful employment practices, and to correct inappropriate workplace behavior. See, e.g., California Gov. Code §12940(k); and 29 CFR 1604.11(d). An employer can be liable for the failure to investigate, at least if there was underlying unlawful activity. And a failure to investigate can be considered ratification of unlawful activity.

In appropriate circumstances on a claim of wrongful termination, the question can become whether the employer acted appropriately and in good faith after conducting a reasonable investigation and based on a reasonable belief in that investigation – in other words, the reasonableness of the employer’s investigation can become the standard by which the employer is judged for alleged wrongful termination liability purposes.

The following are some of the issues and steps to consider or follow when determining whether an employer’s investigation of the conduct and situation was reasonable, and whether the employer had a reasonable belief in that investigation – did the employer or entity:

  • Take the complaint of wrongdoing seriously;
  • Maintain confidentiality of the situation to the extent reasonably possible;
  • Conduct a timely investigation, promptly after receiving the complaint of wrongdoing;
  • Decide and appoint an appropriate sufficiently independent and qualified person or committee to oversee the investigation, and for decision-making;
  • Consider whether the investigator will be someone in-house or from outside the entity;
  • Have the investigation performed by an investigator who is competent and knowledgeable about the relevant issues, and also how to conduct (and evaluate) investigations, investigation techniques, evidence (including, e.g., credibility, admissibility, and whether the evidence or possible evidence is “A” or “B” or “C” evidence), writing reports and opinions, and oral communications and testimony, and also note issues that might be present if the investigation is performed by an attorney for whom attorney client or work product privileges might be claimed – in short, work these issues out before the investigator is selected;
  • Consider legal counsel and possible other assistance needed;
  • Follow appropriate complaint investigation procedures;
  • Listen to and treat the difference sides fairly and equally;
  • Obtain, evaluate and understand the claims that are being made and possible defenses – including, e.g., claims based on a statute or section of law, a regulation, or a rule, and also claims based on some other standard such as any applicable policy, handbook, code of conduct, contract, collective bargaining agreement, etc. that had been enacted or adopted;
  • Provide the accuser with ample opportunity to offer evidence of his or her claims including what occurred or not, documents that might be relevant, and the names of and information about witnesses who he or she believes can provide relevant comments about the alleged occurrence(s);
  • Give the alleged wrongdoer fair notice of the claims being made;
  • Provide the alleged wrongdoer with ample opportunity to offer evidence in his or her defense, including what occurred or not, documents that might be relevant, and the names of and information about witnesses who he or she believes can provide relevant comments about the alleged occurrence(s);
  • When appropriate, provide and communicate an appropriate means whereby third parties can provide information that is relevant to the issues and the investigation;
  • Have the investigator conduct a thorough investigation, under the circumstances (note that in some circumstances courts have held that the investigation need not necessarily be perfect, but it should be sufficient, reasonable and thorough under the exigencies and circumstances at hand without the benefit of full discovery or a trial);
  • Have the investigator prepare a well-reasoned report and conclusions, supported by and based on objective evidence;
  • Have the investigator report to the decision-making person or committee;
  • Have the decision-maker or committee prudently and appropriately evaluate the claims, defenses and investigation; and
  • Implement progressive discipline if appropriate?

Of course, each situation is different, and for some of the above points the courts and regulatory agencies have provided additional guidance.

Best to you, David Tate, Esq.

Disclaimer. This post is not a solicitation for legal or other services inside or outside of California, and also does not provide legal or other professional advice to you or to anyone else, or about a specific situation – remember that laws are always changing – and also remember and be aware that you need to consult with an appropriate lawyer or other professional about your situation. This post also is not intended to and does not apply to any particular situation or person, nor does it provide and is not intended to provide any opinion or any other comments that in any manner state, suggest or imply that anyone or any entity has done anything unlawful, wrong or wrongful – instead, each situation must be fully evaluated with all of the evidence, whereas this post only includes summary comments about information that may or may not be accurate and that most likely will change over time.

Advertisements

Defining The Board’s Oversight Of Risk Management

WHEREAS the board’s oversight of risk management is an ongoing topic of discussion and definition, NOW THEREFORE from time to time I engage in these discussions.

More seriously, in addition to my own research and materials, I read a fair number of discussions by other people and groups about director, officer, and board committee (audit committee) member responsibilities, rights, compliance, and liability.

At the bottom of this post I have included links to two recent posts by Norman Marks in which he discusses risk management. While I find that pronouncements and discussions by major organizations on these topics can be insightful and advancing, typically they are much less insightful and advancing than they should and can be. Topics such as corporate governance; board and board committee oversight, responsibilities and rights; business culture and values; auditing, etc., tend to move forward like molasses on a plate. Norman provides leading, worthwhile discussions – some of which I agree and some of which I disagree, but Norman does provide independent forward-looking and leading thought. Norman and I have different backgrounds – I find that in most situations the different backgrounds and experiences of the people involved should be acknowledged and noted, and encouraged, along with their viewpoints.

The following is a short version today of the board’s oversight of risk management – I say “today” because these are and will continue to be topics and definitions in development:  The board, its committees, and its directors oversee executive management’s successful achievement of the organization’s strategies and objectives, of which risk management is an integral component of the business processes.

The following is a longer more detailed version today of the board’s oversight of risk management:  The board, its committees, and its directors oversee executive management’s and the organization’s strategies, plans, and decision making for the successful achievement of the organization’s business strategies and objectives, of which risk management or enterprise risk management or what might happen is an integral component of the ongoing and regular business processes. Note: I added “or what might happen” from one of Norman’s discussions.

Note also, often oversight of risk management is delegated to a committee of the board, such as the audit committee, and in some industries a separate risk committee is mandated by statute, rule or regulation. Even if not required by law, it is still my belief that the overall board should address risk management oversight although having a committee of the board provide initial and perhaps more detailed oversight might be prudent and also legally acceptable. And I believe that these best practices also hold true for nonprofits even if a nonprofit is allowed by law to entirely delegate risk management to a committee of the board – the overall board should nevertheless still be involved in the manner that the board determines is prudent and in keeping with the business judgment rule.

Changing topics and under the category of other questions for consideration by directors (and also by officers and others) – and because I deal with these issues on a daily basis – from the different view of legal responsibilities and rights, liability, and reputation – short version – does the director reasonably believe that she or he can describe and explain, and support and defend his or her actions and inactions?

Or, longer more detailed version from the different view of responsibilities and rights, liability, and reputation – long version – does the director reasonably believe that she or he can describe and explain, and support and defend his or her actions and inactions taken and not taken to satisfy the director’s oversight and governance responsibilities under the microscope of crisis management, shareholder and proxy questioning, inquiries or contests, lawsuits, regulatory inquiries, employee questioning or inquiries, customer questioning, social media, investigations, and reputation attacks?

The following are links to two of Norman Marks’ recent posts on risk management:

https://normanmarks.wordpress.com/2018/03/09/is-the-goal-of-risk-governance-taking-boards-in-the-wrong-direction/

https://normanmarks.wordpress.com/2018/05/12/are-you-managing-risk-or-are-you-managing-the-organization/

Please see also the additional materials in this post below. Wishing you the best and success. David Tate, Esq.

 

 

SF Chronicle article – says new investigation report states that UC interfered with state internal auditor’s audit

Click on the link below for the Chronicle’s story, stating that a new investigation report concludes that UC interfered with the state internal auditor’s audit of UC, including changing survey answers or results. I have previously blogged about the state auditor’s audit of UC, and, frankly, as an ex-auditor and after having been involved in litigation as an attorney for many, many years, I was and still am complimentary that the state auditor held her ground and called thing as she believed them to be – that can be a tough situation to be in, and I would be interested to hear whether the state auditor herself felt any pressure from any sources.

Let me also add that I have heard stories for years about internal auditors and compliance professionals, and also, sometimes, external auditors, who have felt pressure to conduct their activities, or to report findings, in a manner that was contrary to how they thought a particular matter should be handled or reported.

It is my understanding that the investigation report will be coming out, perhaps today. I haven’t seen the actual investigation report – I always like to see the actual source information or document – too much “news” today is skewed with intentional or unintentional bias, or is incorrectly reported, or is reported in a summary manner that causes the “news” to not be correct or to be misleading, or is reported with an objective in mind, or uses adjectives instead of facts and evidence, or is anonymous or from anonymous sources, or is really more opinion than facts and evidence (“opinion-jour”), etc. And there are always two sides to a story, and sometimes three, four, or more sides. There was a saying several years ago, trust but verify. I believe the options are: (1) trust and don’t verify, (2) trust but verify, (3) question but verify, or be skeptical but verify, and (4) don’t trust but verify, or distrust and verify. I’m at least at (3), and often at (4). Below is the link to the Chronicle article:

http://www.sfchronicle.com/bayarea/article/Report-says-UC-president-s-office-improperly-12358268.php

That’s all for now. Of course, each situation is different.

David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in northern and southern California. http://rroyselaw.com

Royse Law Firm – Practice Area Overview – San Francisco Bay Area and Los Angeles Basin

  • Corporate and Securities, Financing and Formation
  • Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
  • Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  • International
  • Immigration
  • Mergers & Acquisitions
  • Labor and Employment
  • Litigation (I broke out the litigation because this is my primary area of practice)
  •             Business
  •             Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  •             Trade Secrets, NDA, Accounting Issues, Fraud, Lost Income, Royalties, Etc.
  •             Privacy, Internet, Hacking, Speech, Etc.
  •             Labor and Employment
  •             Mergers & Acquisitions
  •             Real Estate
  •             Owner, Founder, Investor, Board & Committee, Shareholder, D&O, Etc.
  •             Insurance Coverage and Bad Faith
  •             Lender/Debtor
  •             Investigations
  •             Trust, Estate, Conservatorship, Elder Abuse, and Contentious Administrations
  • Real Estate
  • Tax (US and International) and Tax Litigation
  • Technology Companies and Transactions Including AgTech, HealthTech, Etc.
  • Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

Audit Committee 5 Lines of Defense 10222017 David W. Tate, Esq. jpg

 

 

Help with culture oversight and ERM – possibly where to start

Now that oversight of the entity’s “culture” has reached the boardroom, where do you start if culture hasn’t really been on the radar? As you might know, for example, whereas the new COSO ERM framework lists culture and governance at step one, it doesn’t go into too much detail or guidance about what these might include, but leaves it for every organization to decide for itself what enterprise risk management will involve and include in these and other areas and steps. If the organization’s culture really hasn’t been on the radar, I suggest that you consider or start with the employee handbook and policies, and the code(s) of conduct – evaluate whether those are currently sufficient or need updating, and then run through the ERM process for the conduct described or listed. Of further interest, below I have pasted snapshots of a current NACD website page discussing culture (and that you can obtain a NACD discussion paper online), a summary of a possibly ERM process (significantly based on the new COSO ERM framework), some additional governance, ERM and audit committee items, and a link to a new Norman Marks discussion “Do we understand what a Risk Event is?

Thanks for reading, and best to you. David Tate, Esq., Royse Law Firm (Menlo Park, California, office) – I have also posted this discussion to http://lawriskgov.com.

Overview of Possible Risk Management Process 10222017

Norman Marks “Do we understand what a Risk Event is: https://wordpress.com/read/feeds/254243/posts/1658495448

Audit Committee 5 Lines of Defense 10222017 David W. Tate, Esq. jpg

COSO Enterprise Risk Management Framework ERM Components and Principles

NIST Cybersecurity Framework Tiers Summary

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

That’s it for now. Thanks for reading. David Tate, Esq., Royse Law Firm, Menlo Park office, with offices in the San Francisco Bay Area and Los Angeles

 

 

More on Culture/NACD, and Risk Management

I did some weekend reading. The following are two items of interest.

New NACD Report on Culture

The following is a link to the page for the NACD Commission Report on Culture as a Corporate Asset – the complimentary material (28 pages) is worthwhile reading if you are not a NACD member: https://www.nacdonline.org/Resources/Article.cfm?ItemNumber=48256

Of course, the NACD culture report doesn’t carry with it any force of law or requirement, and, although the report is fairly specific while at the same time also vague in that it often refers to comments by commission members who are unnamed, the report is significant because it is provided and supported by a leading board director organization as an indicator that entity culture is an important area for board oversight.

New Post by Norman Marks About Risk Management

And from part of a blog post by Norman Marks about risk management, which you can see at the following link  https://normanmarks.wordpress.com/2017/10/14/is-it-about-managing-risk/

” . . . board should be asking these questions:

  • How likely are we to achieve our objectives?
  • If the likelihood is less than acceptable, why? What can we do about it?
  • If there is a possibility of exceeding our objective, what can and should we do?
  • What assurance do we have that management is taking the right risks, making intelligent and informed decisions?
  • Are there any risks that we should be concerned about, that merit our attention and possibly our action?”

Culture and Governance; The Weinstein Company, Uber, Fox, WFB and Others

Each of the four above listed businesses, and others, have been in the news for issues relating to culture and governance, and other related matters. The legal structures of these four businesses differ significantly, from privately held, to privately held but with high value and reputation venture capital, to publicly held. I have blogged about the new COSO enterprise risk management (ERM) framework, and that the first of the five major components pertains to culture and governance, and the fifth of the five major components pertains to communicating and reporting.

Would the news about these businesses have been different if COSO ERM had been implemented and followed? Perhaps, perhaps not. We might also ask about and evaluate the executive officers; board, board committees and director oversight; the responsibilities of in-house counsel; the actions of the chief compliance officer (if any); how internal audit (if any) might have been helpful; whether issues came or should have come to the attention of the external auditor (including, for example, during the audit planning phase, or even during a more limited review engagement); workplace practices and policies; and perhaps the actions or inactions of the regulatory agencies (if any).

Culture and governance carry with them the potential to affect value (both positive and negative, and for both financial and reputation value), liability, and damages, not only for the business, but, of course, also for victims (and erroneously accused as we have also seen those situations), and for the executive officers and other management, the board and the directors, HR, the chief compliance officer, in-house legal counsel, the chief of internal audit, the partner running the external audit, the employees for their jobs and possible investment and pension holdings, creditors who have loaned money to the business, founders, owners and investors, customers, consumers, and other stakeholders. And these issues apply not only to public and private businesses, but also to nonprofits and governmental entities, and to the people who are involved in and with them.

It isn’t surprising that actions and events occur that are different than reasonably and primarily anticipated (that is the nature of risk management), and that negative and detrimental events also occur, sometimes without legal fault or liability. However, it is somehow also more disappointing to hear that possible or actual problems were known or might have been known to exist for a length of time without being addressed and remedied.

That’s all. I don’t have any personal knowledge about these specific situations other than what I read in the news. And I’m not casting fault, culpability or liability – each situation needs to be internally and/or externally investigated and evaluated by qualified people with the requisite experience, knowledge, demeanor and approach (i.e., objectively and prudently, and where necessary and prudent by people who are independent and without conflict or bias). Often times (practically always) the situations and facts are different (sometimes better, and sometimes worse) than first thought. And then there is always the prospect for litigation to establish responsibilities and rights, liability, causation, damages and remedies including recovery of damages.

We do seem to be seeing an uptick in discussions about the culture and governance of businesses (private, public, and nonprofit) and government – we’ll see if it lasts, and if more specific expectations develop including greater design, implementation and oversight of culture and governance controls.

Please note that the comments in my blog posts are my own, and are not by no one else, and do not apply or related to any particular or specific person, business or other entity, or situation.

* * * * *

 

Discussions About The New COSO ERM Framework And Related Topics

By: David Tate, Esq., Royse Law Firm, Northern and Southern California (Silicon Valley/Menlo Park Office) http://rroyselaw.com/

I have pasted below four links in which the authors discuss enterprise risk management (ERM) and risk management, the new COSO ERM framework, and some aspects of internal audit.

I appreciate what the authors are discussing; however, my preference would have been to have more defined tasks or requirements in the new COSO ERM framework (I use the word “requirements” broadly because generally there is no mandated risk management framework that must be followed, although for some industries and businesses there are some risk management requirements that are mandated by law and which must be followed).

It is clear that whatever risk management framework or process a business uses will remain largely discretionary based on the business judgment of management and the board, and that in fact might be better for possible liability purposes; however, it is my belief that people and businesses usually will implement policies or processes or procedures (other than, for example, for how to design, develop and manufacturer a product or service that they provide) if they are required to follow or adopt certain specific requirements by law, statute, regulation, or rule, or perhaps as required by the expectations of the community or stakeholders. That having been said, we are where we are on this. And it is now also generally accepted (and in some instances mandated) that a business will adopt and implement risk management, the board will oversee risk management, sometimes audit committees and/or risk committees are required to be involved in or oversee risk management, and in some businesses the board will delegate risk management oversight to a committee of the board, to the extent that risk oversight can be delegated (I would maintain that the board still must oversee risk management with the help of the committee and that the board cannot delegate its overall responsibility to oversee risk management).

In my view, the components and principles outlined in the new COSO ERM framework are essentially only broad in nature, which allows for each business to decide how to design and implement, etc., enterprise risk management based on the business judgment of management and the board of that particular business, in light of the business’ mission, core values, business objectives, strategies, and views and evaluations of related risks.

Let me also say this, I do appreciate that the first of the five core components in the new COSO ERM framework is Governance and Culture, and that the fifth of the five components is Information, Communication, and Reporting which also includes principle 19 (Communicates Risk Information) and principle 20 (Reports on Risk, Culture, and Performance). I believe that including governance, culture, communication and reporting (if they are adopted – remember, no specific framework is mandated) will help to move ERM and risk management to a more visible position. And, it is my belief, based on recent business, nonprofit, and governmental entity shortcomings and failures, that governance, culture, communication and reporting need to be moved more front and center. In fact, COSO listed governance and culture as the first of the five core components because governance and culture can be central to the entirety of the entity’s ERM.

The following are the links to the four enterprise risk management, etc., discussions that I mentioned at the beginning of this post, and below those links I have copied and pasted from my September 7, 2017, post in which I discussed the new COSO ERM framework and which you can also read at http://wp.me/p75iWX-aQ 

The following are the links to the four additional discussions:

https://wordpress.com/read/feeds/254243/posts/1619082863

https://iaonline.theiia.org/2017/Pages/COSO-ERM-Getting-Risk-Management-Right.aspx

https://normanmarks.wordpress.com/2017/09/29/should-you-adopt-the-updated-coso-erm-framework-my-assessment/

https://www.protiviti.com/US-en/insights/bulletin-vol6-issue8?utm_medium=social&utm_source=ProSocial

COSO ERM Framework – Enterprise Risk Management – Integrating with Strategy and Performance (five components, and twenty principles)

I.  Governance and Culture Component:

Supporting Principles:

  1. Exercises Board Risk Oversight
  2. Establishes Operating Structures
  3. Defines Desired Culture
  4. Demonstrates Commitment to Core Values
  5. Attracts, Develops, and Retains Capable Individuals

II.  Strategy and Objective-Setting Component:

  1. Analyzes Business Context
  2. Defines Risk Appetite
  3. Evaluates Alternative Strategies
  4. Formulates Business Objectives

III.  Performance Component:

  1. Identifies Risk
  2. Assesses Severity of Risk
  3. Prioritizes Risks
  4. Implements Risk Responses
  5. Develops Portfolio View

IV.  Review and Revision Component:

  1. Assesses Substantial Change
  2. Reviews Risk and Performance
  3. Pursues Improvement in Enterprise Risk Management

V.  Information, Communication, and Reporting Component:

  1. Leverages Information and Technology
  2. Communicates Risk Information
  3. Reports on Risk, Culture, and Performance

Enterprise Risk Management (ERM) and internal controls work together and should complement each other. The following is the broad outline of the COSO 2013 Internal Control Framework.

Sarbanes-Oxley section 404 requires public company management and its external auditors to attest to the design and operating effectiveness of a company’s internal control over external financial reporting. Internal controls should also be designed and implemented for private company, nonprofit and governmental entities.

COSO 2013 Internal Control Framework – 5 Components, and 17 Principles

1.  Control Environment Component:

Mandatory Principles

  1. Demonstrate commitment to integrity and ethical values.
  2. Board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.
  3. Management establishes, with board oversight, structures and reporting lines and appropriate authorities and responsibilities in the pursuit of objectives.
  4. Demonstrate commitment to attract, develop and retain competent individuals in alignment with objectives.
  5. Hold individuals accountable for their internal control responsibilities in the pursuit of objectives.

2.  Risk Assessment Component:

Mandatory Principles

  1. Specify objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives.
  2. Identify risks to the achievement of its objectives across the entity and analyze risks as a basis for determining how the risks should be managed.
  3. Consider the potential for fraud in assessing risks to the achievement of objectives.
  4. Identify and assess changes that could significantly impact the system of internal control.

3.  Control Activities Component:

Mandatory Principles

  1. Select and develop control activities that contribute to the mitigation of risks to the achievement of objectives and acceptable levels.
  2. Select and develop general control activities over technology to support the achievement of objectives.
  3. Deploy control activities through policies that establish what is expected and procedures that put policies into action.

4.  Information & Communication Component:

Mandatory Principles

  1. Obtain or generate and use relevant, quality information to support the functioning of internal control.
  2. Internally communicate information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.
  3. Communicate with external parties regarding matters affecting the functioning of internal control.

5.  Monitoring Activities Component:

Mandatory Principles

  1. Select, develop and perform ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning.
  2. Evaluate and communicate internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.

The Business Judgment Rule

The business judgment rule also is relevant on these topics (from Tate’s Excellent Audit Committee Guide). The business judgment rule provides a director with a defense to personal liability, holding that as a general principle of law, a director, including a director who serves as a member of a board committee, who satisfies the business judgment rule has satisfied his or her duties. Thus, the business judgment rule provides one standard of care, although other standards may very well also apply to specific tasks and responsibilities. The business judgment rule provides a very good overall approach for directors and audit committee members to follow, although the rule itself is lacking in specific detail. In some states the business judgment rule is codified by statute while in other states the rule is established by case law (see, i.e., Cal. Corp. Code §309 for California corporations, Del. Gen. Corp. Law §141 for Delaware corporations, in addition to relevant case law). The rule also applies to directors as board committee members.

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

David Tate, Esq., Royse Law Firm, California (Silicon Valley/Menlo Park office), with additional offices in San Francisco, Los Angeles and Orange County, http://rroyselaw.com/

* * * * *