United States: Corporate Law & Governance Update - October 2017

Governance Implications of Equifax

Numerous elements of the Equifax controversy implicate corporate governance across a broad range of oversight, insurance, executive transition and accountability topics. These are sufficiently relevant to merit a board briefing from general counsel (GC), perhaps teaming with the chief information security officer (CISO).

There has been of late—even before Equifax—substantial discourse in the governance sector regarding the extent of time devoted by boards to matters of cybersecurity. A new consulting firm survey indicates a meaningful increase in board involvement in cybersecurity matters year-over-year, for the last four years. In addition, cybersecurity-related budgets have increased by 19 percent. In this respect it may be valuable to have the CISO brief the board on the circumstances surrounding the Equifax (and, perhaps, the just disclosed SEC) breaches, and the preparedness of the organization to respond to similar hacking efforts. The GC can brief the board on the Caremark-based standard the courts have applied to date in the leading cases to evaluate director culpability in cyber-breaches. The National Association of Corporate Directors (NACD) has been proactive in developing recommendations on board oversight conduct. In addition, the board is well advised to review, with both the GC and its insurance advisor, the extent of directors and officers liability (D&O) insurance available to address breach of cybersecurity oversight duties. This, as some insurance industry observers express concern that some insurers may seek to carve out exceptions to such coverage.

Finally, the Equifax circumstances serve as a reminder of the value of a board-developed emergency chief executive officer (CEO) executive succession plan. While most such plans are perceived as options to address health-related concerns, it is also valuable in situations where the board believes that the immediate separation of the CEO is necessary in order to respond to public/congressional/stakeholder outrage with certain major crises that have broad consumer impact—even if they are "black swan" in nature. Finally, Equifax may prove to be another situation in which the board applied accountability through the application of "clawbacks" and other forms of compensation disgorgement. 

The Temptations of Deregulation

The board, as well as the audit and compliance committees, should be wary of the actual impact of what is perceived as broad-based deregulation efforts emerging from the administration and Congress—especially to the extent that such efforts are promoted as justification for reducing the vigor currently applied to legal risk and compliance efforts.

A recent article in The New York Times DealBook addressed what it described as a decrease in enforcement of "accountability-related" regulations under the administration, and raised a concern whether that decrease would ultimately lead to an increase in corporate misconduct. It is certainly conceivable that some managers and executives could misconstrue reduced enforcement activity with reduced legal risk arising from certain controversial business transactions. Efforts to revise the Stark law, and the pending changes to the structure of the Yates Memorandum, may contribute to such misconstruction.

The GC is well aware of the critical distinctions between risk of enforcement, and risk of violation of law. To that end, the GC may wish to provide executives and key committees with a realistic summary of the extent of deregulation and enforcement of the primary health care laws. Indeed, recent related commentary from NACD in its Weekend Reader prompts boards to confirm the organizational commitment to legal compliance and ethics, and to encourage management to continue to share with the board information regarding identified legal risks. Among NACD's most significant recommendations is making sure that management understands that, media reports to the contrary, the current political environment is not one in which regulatory enforcement is on the "back burner" and that organizational compliance efforts can thus be relaxed.

CEOs, Social Media and Political Profiles

CEOs are increasingly willing to adopt public positions on matters of social policy, and to participate in social media forums such as LinkedIn, Twitter and Facebook. The GC is a logical resource with which the CEO should consult as to the advantages and disadvantages of such activity. 

As recent events have indicated, CEOs are under increasing pressure from customers, employees, shareholders and board members to take positions on social or political matters that may implicate their own corporate values. In addition, some CEOs perceive social media activity as offering significant corporate benefits in terms of cultivating brand perception; enhancing customer relationships; increasing rapport with the corporate workforce; recruiting and retaining "millennial" talent; and demonstrating currency with cultural trends. Yet such public positioning is not without significant reputational, performance and perhaps legal risk to the CEO and to the company. Such comments can disturb relationships with the board, create controversy with employees and consumers, undermine corporate relationships with legislators and affect consumer preferences. They can also raise distinct legal issues (e.g., SEC disclosure, antitrust).

To advise them on how best to balance the risks and rewards of public commentary, CEOs are turning to their GC, given her increasingly recognized role both as "wise counselor" and "guardian of the corporate reputation," in addition to technical legal expert. In this role, the GC is by training capable of advising the CEO in the broadest possible context. She will supplement her technical legal analysis with consideration of applicable moral, ethical, political, economic and environmental factors.

The GC/Chief Diversity Officer Coordination

A new Modern Healthcare report describes the increasing application by health systems of the chief diversity officer (CDO) position to promote a more inclusive workforce. The nature of that position is such that the successful pursuit of its important agenda will be enhanced by close cooperation and coordination with the GC

According to the Modern Healthcare report, health systems perceive diversity and inclusion officers as important to assuring that those topics are a strategic priority throughout the organizational hierarchy. The perspective is that a diverse workforce will help health systems be responsive to a more diverse patient population.

Yet many of the duties and responsibilities of the CDO by their nature implicate legal and ethical considerations that are the primary jurisdiction of the company's GC—both with respect to the oversight of the legal risk profile of the company, and to the support of the board in the exercise of its governance responsibilities. These include matters of labor and employment law; reasonableness of compensation; employee benefits; litigation and government controversy; and corporate governance.

The ability of both the CDO and the GC to perform the full scope of their duties will be supported by a willingness to recognize the areas of overlap in their responsibilities, and to implement (with senior management's help) a workable system of coordination and cooperation. The ultimate goal is to take advantage of opportunities to consolidate advice and reporting on particular matters, in order to reduce legal and reputational risk to the company. It is most certainly not to marginalize the hierarchical prominence or responsibilities of either officer.

Fiduciary Expectations Regarding Digital Technology

The rapid pace of technological change, and the related risk of technology-based business disruption, present significant risk oversight challenges for health system boards. This is especially the case with respect to the importance of digital technology, and the opportunities that it presents. The GC, teaming with the chief information technology officer (CITO), can support the board in its effort to become more literate in this area.

A NACD survey, summarized in a recent issue of its Weekend Reader, highlights the need for directors to become more familiar with the transformative power of emerging technologies on the corporate business model. From a fiduciary perspective, there is an expectation that directors will develop a working familiarity with these technologies; and an awareness of both how they may be applied within their own enterprise, and how technology interacts with matters of strategic direction. For health system boards, digital technology is a matter of particular focus given the many emerging areas in which it is being applied through the health care sector. These include, e.g., incredibly powerful back office efficiency tools; a strong IT infrastructure; utilization of consumer IT by providers; the expanded access (both in terms of geography and specialty) afforded by technology; strategic relationships that are being created to implement precision medicine; the expanding notion of health care created by the digital environment; and the impact of artificial intelligence on actual clinical care delivery.

The board can be positioned to address these technology challenges through a combination of more fulsome educational programs; support from a dedicated team of qualified IT professionals; access to outside technology advisors; the recruitment of director candidates with recognized technology competencies; identifying IT-related questions that directors may ask with respect to organizational IT matters; and the delegation of certain technology-related matters to one or more properly composed committees with board-delegated powers.

Click here to access Michael's October 2 presentation to the National Association of Attorneys General/National Association of State Charity Officials on "The Impact of Technology on Nonprofit Corporate Governance."

The Increasing Use of the "Executive Chair" Position

Complex organizational and governance structures, and the increasing need to recruit and retain qualified directors, can require creativity in the identification of board level positions, titles and responsibilities. Such appears to be the case with the emerging use of the board position, "executive chairman."

While there is no generally accepted use of the title, it assumes the trappings of both an executive and of a board member. The concept of "executive chair" is one of three primary accepted means of structuring the role on board chair (the others being the true independent chair, and the combined chair/CEO position). The typical "executive chairman" serves in a board leadership position while simultaneously remaining active with in the company as an executive (not the CEO). The intent is usually to ascribe substantial authority to the position, beyond that which is traditionally assigned to the "chairman." In that regard, the position is attractive to companies as a way to transition to retirement a highly regarded CEO while continuing to receive his services as an executive for a defined period of time. Note in this regard that most state corporation statutes provide certain flexibility in the identification and authority of board officer titles.

The use of such creative titles implicates several legal considerations on which the GC should be consulted. First and foremost is an understanding of the authority afforded to the position, especially in relationship to other, more traditional officer positions such as the chair, vice chair and CEO. (This is particularly the case with respect to interaction with the CEO and the establishment of the board agenda).

Other issues relate to the independence (or absence thereof) of the executive chair and the possible need for a lead independent director. A related issue is the extent to which a conflict of interest would arise, when the executive director is a former CEO, and is called upon to vote on a matter which she may have sponsored, or in which she had a pecuniary interest, while as CEO. One particular benefit of these kinds of nontraditional board officer positions is the extent to which they prompt a review of the powers and duties of each officer position and how those powers and duties relate to the roles of management.

The Ethics of Intra-Family Corporate Representation

The health system GC will be particularly interested in a recent state bar professional conduct advisory opinion that addresses the ability of an in-house counsel to provide legal services to multiple subsidiaries of the same parent organization.

The opinion request was grounded in a familiar fact pattern—an in-house lawyer of a large company in a regulated industry, who is called upon to advise not only the parent entity but also multiple subsidiaries—including some unrelated to the company's core business. Of course, it is a fundamental expectation of large in-house general counsel departments that they will represent not only the parent corporation, but also its various affiliates. Yet, as the bar committee noted, the ethical aspects of "intra-family corporate representation" are rarely addressed in professional responsibility rules and opinions, and even when addressed are often done so in a general manner.

The committee's opinion restates the basic rule, that in-house corporate lawyers may represent a corporate parent, as well as multiple corporate subsidiaries or affiliates of that same parent. This is often referred to the "enterprise theory of representation," and is framed by various sections of the professional rules of ethics. As the bar opinion noted, the principle concerns to be addressed by in-house counsel in those situations relate to client identity, conflicts of interest and client confidentiality. The opinion recommends memorializing more formally key aspects of the in-house counsel's engagement, including a clarification of the lawyer's corporate clients; addressing the potential for intra-family conflicts; and the manner in which confidential information will be protected.

This opinion may provide a useful opportunity for GC to (1) review whether this issue has been addressed by the bar in her own jurisdiction; (2) explain to senior management the professional responsibility nature of their client relationship with corporate affiliates (and the conflicts of interest issues that may periodically arise in such relationships); and (3) establish written policies (e.g., advance waivers) to facilitate resolution of conflicts and confidentiality concerns.

Board Oversight of "Innovation Ventures"

The increasing interest of health systems in pursuing innovative technology-based ventures to fulfill their research and education functions prompts a need for increased board engagement and oversight of these initiatives.

Innovation ventures are often focused on investing in, and accelerating the development and commercialization of, biomedical, digital health and health care technology discoveries. As such, they are particularly attractive to academic medical centers and their affiliated universities; integrated delivery systems; leading pediatric and specialty hospitals; medical research foundations and charitable foundations committed to funding the acceleration of improved treatments for disease states. However, the intended charitable and scientific benefits of emerging innovation ventures neither relieve, nor insulate, board members from their fiduciary obligations to exercise appropriate levels of diligence in their decision-making and oversight with respect to such ventures. Indeed, innovation ventures often involve an unusual degree of complexity in terms of corporate structure, range of investment (and of investors) and potential risk (e.g., regulatory, financial, conflict of interest), and thus require enhanced engagement from the disinterested members of the governing board.

In that regard, board oversight is often focused on a variety of issues, throughout the venture's life cycle on a variety of core issues, including venture compatibility with the organizational mission; whether the organization's board possesses the competencies necessary to support effective venture oversight; familiarity with the venture structure and its component parts; the financial feasibility of the venture and its implications for organizational stewardship; the often unique legal and regulatory risks; and the potential for conflicts at multiple levels of venture formation and operation. Accordingly, the organization's GC can be of exceptional value in advising the board on the fiduciary issues arising from investment in innovation ventures.

The Continued Risks of Overboarding

A recent The Wall Street Journal story underscores new stakeholder concerns with the governance risks of "overboarding" by corporate directors. Addressing overboarding concerns is an increasingly important responsibility of the board's governance and nominating committee.

The specific concern is that individual directors may be limited or distracted in the exercise of their fiduciary responsibilities by similar responsibilities arising from other board memberships. It is an issue that has its roots in the corporate responsibility environment in the wake of Sarbanes Oxley, and reflects concerns that such key duties such as oversight of management, monitoring of operations and financial performance and evaluation of legal compliance matters will suffer when individuals serve on multiple boards. In this regard, it is consistent with regulatory and constituent interest in broader demonstration of director engagement. Most recently, pressure against overboarding practices has come in the form of public opposition by institutional investors and proxy advisory firms, and newly published governance surveys.

While there is no "best practice" on this subject, survey results suggest that an increasing percentage of public companies are imposing their own limitations on board members' outside directorships. In some instances, where concerns regarding the distraction of key directors arise, it may be fair to ask those directors to resign from other boards in order to concentrate their fiduciary efforts on a particular corporation.

The issue of overboarding is particularly acute with respect to nonprofit health systems, which have historically drawn the core of their board membership from prominent civic leaders who take great pride in supporting through board service on many community- or regional-based charitable boards. The GC can be helpful in advising the governance and nominating committee on discussing overboarding issues and, where appropriate, on recommending a related policy to the full board for approval.

Over the Horizon

The board's executive committee may benefit from a GC-led briefing on a series of recent developments that could possibly affect the governance of large hospitals and health systems in the not-too-distant future.

First is the continuing emergence of "sustainability" as a board agenda item, for corporations across industry (and nationality) sectors. The concept of "sustainability" in the governance context refers to an expectation that boards will give consideration to environmental and social issues, and their potential to threaten both business models and financial performance. A recently released report, "Lead from the Top: Building Sustainability Competence on Corporate Boards," addresses the concept in greater detail.

Second is an increased interest in corporate governance from governmental entities and regulators that have not historically involved themselves with boardroom matters. A leading example of this is the activity of the New York City pension funds and the New York City comptroller to improve the diversity of corporate boards. This activity includes meetings with companies to discuss their policies regarding board composition and refreshment, and to encourage those companies to consult with the NYC funds and other stakeholders with respect to possible board nominations. This initiative is part of a broader "Boardroom Accountability Project 2.0" campaign in which the NYC funds seek to be a credible agent for governance change, especially with respect to director nomination, and refreshment tools.

Third is the potential long-term impact on US corporate governance of recently proposed governance changes for UK corporations. Notable among these are mandatory reporting of the ratio of CEO compensation to the average compensation of the corporation's workforce; and a proposed change to the national Governance Code requirement that companies adopt (or explain why they have not adopted) one of three mechanisms for enhancing the voice of the workforce in corporate governance. These reforms continue a UK emphasis on direct board engagement with its primary stakeholders. While the relevance to US companies in general (and health care systems in particular) may seem far-fetched, it is not difficult to imagine how certain interest groups (e.g., labor unions) could reference these UK reforms when advocating for change in US governance practices.

Fourth is the potential for broad cross industry implications from rulemaking proposed by the Federal Reserve that, if adopted, would change the expectations for corporate governance at bank and savings and loan holding companies. The principal focus of the change would be to enhance clarity on the supervisory expectations for boards of directors from those of senior management by detailing five specific attributes of effective boards. In addition, the proposal would also shift oversight responsibility for certain day-to-day business issues to senior management, in order to allow boards to better focus on their key oversight responsibilities. Should these proposals be ultimately enacted, the challenge will be to make sure they are understood in context (i.e., as technical responses to the governance challenges of a specific industry, as opposed to broadly applicable guidelines for corporate governance).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Similar Articles
Relevancy Powered by MondaqAI
McDermott Will & Emery
McDermott Will & Emery
McDermott Will & Emery
McDermott Will & Emery
McDermott Will & Emery
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
McDermott Will & Emery
McDermott Will & Emery
McDermott Will & Emery
McDermott Will & Emery
McDermott Will & Emery
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions