NEW NINTH CIRCUIT CASE – PLAINTIFF CANNOT BRING A SECURITIES CASE FOR BREACH OF THE CORPORATE CODE OF ETHICS . . . WELL, NOT SO FAST . . . .

On January 19, 2017, the Ninth Circuit dismissed a securities fraud case holding that the claim could not legally be brought where shareholders of Hewlett-Packard Company (“HP”) alleged that the Company CEO and Chairman violated Hewlett-Packard’s Corporate Code of Ethics after publicly touting the Company’s high standards for ethics and compliance while at the same time himself violating the provisions in the Code of Ethics. The case is Retail Wholesale & Department Store Union Local 338 Retirement Fund v. Hewlett-Packard Co. and Mark A. Hurd, Ninth Circuit Case No. 14-16433 and District Court Case No. 3:12-cv-04115-JST (Northern District of California) and you can view the case at http://cdn.ca9.uscourts.gov/datastore/opinions/2017/01/19/14-16433.pdf.

Plaintiffs’ claim was brought under §10 and Rule 10–b of the Securities Exchange Act of 1934. The Court’s decision is helpful from a defense viewpoint, but the decision shouldn’t be viewed too broadly. In summary, the Court held as follows (note: the below quotes from the case are not necessarily in the exact order in which they appeared in the Court’s decision):

“Retail Wholesale argues that the SBC [HP’s Standards of Business Conduct], bolstered by Defendants’ express promotion of corporate ethics, gives rise to a finding of material misrepresentation. Its claim is based in three factual allegations: (1) HP and Hurd actively promoted the SBC and stated that HP had zero tolerance for SBC violations; (2) Hurd’s SBC violations led to his resignation; and (3) Hurd’s resignation caused HP’s stock price to drop. The Court cannot agree that, under the facts alleged in the complaint, Defendants’ representations about ethics were materially misleading.”

“Defendants made no objectively verifiable statements during the Class Period. As one court has aptly written, a code of conduct is “inherently aspirational.” Andropolis, 505 F. Supp. 2d at 686. Such a code expresses opinions as to what actions are preferable, as opposed to implying that all staff, directors, and officers always adhere to its aspirations. See id.”

“Similarly, Hurd’s comments prefacing the SBC are not objectively verifiable. In the 2008 preface to the SBC, Hurd stated, in part,

We want to be a company known for its ethical leadership . . . .

We know actions speak louder than words. We must make decisions and behave in ways that we can be proud of, that reflect our commitment to doing the right thing . . . .

. . . . Let us commit together, as individuals and as a company, to build trust in everything we do by living our values and conducting business consistent with the high ethical standards within our SBC.”

“The aspirational nature of these statements is evident. They emphasize a desire to commit to certain “shared values” outlined in the SBC and provide a “vague statement[] of optimism,” not capable of objective verification. See Or. Pub. Emps., 774 F.3d at 606. A contrary interpretation—that statements such as, for example, the SBC’s “we make ethical decisions,” or Hurd’s prefatory statements, can be measured for compliance—is simply untenable, as it could turn all corporate wrongdoing into securities fraud.”

However, and equally important, the Court also stated:

“We note that the case may have been closer had Hurd’s sexual harassment and false expenses scandal involved facts remotely similar to those presented by the 2006 scandal [i.e., an earlier unrelated ethics problem at HP in which “A few years earlier, in 2006, a major scandal erupted when a whistleblower informed several government agencies that HP had hired detectives to monitor the phone records and email accounts of HP directors, HP employees, and journalists to find the sources of leaks of company information to the press”], as the ethical code could then have been understood as at least promising specifically not to do what had been done in 2006. Here, however, the context does not make HP’s promotion of business ethics any less subjective or vague. Further, Retail Wholesale cites to no case law suggesting that context may operate to allow a plaintiff to import an out-of-Class-Period statement into the Class Period. The strongest statement alleged in the complaint—the suggestion of a zero tolerance policy for SBC violations—was made outside of the Class Period.”

“In sum, we conclude that as there was no statement during the Class Period that was capable of being objectively false, there was no affirmative misrepresentation.”

It could be easy to read the case too broadly, and to conclude that a securities fraud claim cannot be brought for violation of the company’s code of ethics. Whether such a claim can be brought really depends on the facts and circumstances of the case. Further, and depending on the facts of each case, it might be possible that such a claim could be brought under a different legal theory such as, for example, the Foreign Corrupt Practices Act.

Thus, companies, and their officers, managing agents and directors still must be advised to know the company’s Code of Ethics, to follow the Code, and to be careful about making specific representations about following, satisfying or complying with the Code.

* * * * *

Who Evaluates the Chief Audit Executive (CAE)?

At the bottom of this post is a screen shot from the new publication Ethics and Pressure, Balancing the Internal Audit Profession, published primarily from the 2015 global practitioner survey of internal auditors worldwide. This is a really big survey. What do you think of the screen shot? Is it appropriate for management to evaluate the chief audit executive (“CAE”)? I say “yes,” of course.

I note however, that the writer also says “Exhibit 9 indicates that this responsibility [i.e., the responsibility for evaluating the performance of the CAE] is generally split evenly between management and the board. The big exception is in North America, where 61% of CAE’s are formally evaluated by management. Often however, these evaluations are reviewed by an audit committee.”

Let me just say, and I read a fair amount of materials from or relating to the internal audit profession, these sentences from the writer probably speak volumes. Do you mean to say that the audit committee isn’t always also doing its own evaluation of internal audit? I really hope that’s not what the writer is saying.

If you are on an audit committee, do you evaluate the performance of the CAE and of the internal audit function (if you have an internal audit function)? I certainly hope so. I mean, regardless of how internal audit operates with management, as an audit committee member aren’t you interacting with internal audit also, and isn’t internal audit helping you to satisfy your due diligence responsibilities? If not, you really need to sit down and think about how the audit committee is using internal audit.

And, if you are an internal audit CAE or member, if the audit committee isn’t sufficiently interested in you to evaluate your performance and how you help or don’t help the audit committee, then you are really missing the boat with a significant entity (i.e., the audit committee) that you should be helping.

In fact, most of the materials that I read from internal audit miss the boat, in my opinion. Yes, management’s use and interaction with internal audit is very important, but the audit committee really should value and make use of the availability of internal audit to help the audit committee satisfy it’s duties. If this isn’t happening, both the audit committee and internal audit are missing out on a tremendous opportunity. It might also be argued that both are failing to satisfy their responsibilities.

Here’s the screen shot from the survey and discussion:

who-evaluates-the-cae

New Governance Guidance Stretches Thinking on Ethics, Risk, and More

​The King IV draft code has much to say about governance, risk management, compliance, and assurance. Click on the following link for the discussion by Norman Marks and see my comments below: iaonline.theiia.org

This article by Norman Marks discusses parts of the new King IV code that concentrate on culture, ethics and risk. It’s interesting for thought with respect to your own organization. It is and has been long well-known that all three corporate areas, culture, ethics and risk management, are instrumental to business performance and legal compliance.

And although these areas are discussed, and significant strides have been made in or discussed about risk management during the past couple of years, there still are no universally recognized standards or criteria to evaluate or audit how the business is doing in these areas.

I have long been surprised that the auditing professions, external and internal, have not jumped on these areas and also governance.

See also Tate’s Excellent Audit Committee Guide at CLICK HERE

Best, Dave Tate, Esq. (San Francisco and California), http://auditcommitteeupdate.com, http://californiaestatetrust.com, http://tateattorney.com

DTatePicture_Square