As the Millennium draws nearer, more and more financial institutions are recognizing that in addition to a technical problem, a staffing problem, a resources problem and a funding problem, the Year 2000 problem poses a host of legal challenges. Financial institutions are beginning to recognize that a discrete Year 2000 legal strategy is necessary to manage both incoming potential liabilities, to manage Year 2000 contractual relationships, and to explore avenues of recovery for the Year 2000 problem. Recent SEC guidance on disclosure brings into sharp focus some challenges for financial institutions.
SEC Announces New Disclosure Guidance
Disclosure by Publicly Traded Companies
Over the course of the last year, the SEC's view of disclosure of Year 2000 related costs and problem has matured considerably. From an initial position that the Year 2000 problem posed no special issues and should be measured by traditional FASB 5 standards, the SEC has recently announced that it considers disclosure to be an important issue.
This past November, in hearings before the Senate Banking committee, several Year 2000 specialists testified that the issue of disclosure was important and being honored in the breach. The need for uniform disclosure prompted Senator Bennett (R Utah) to introduce Senate Bill 1518. The Computer Remediation and Shareholder Protection Act of 1997 (the CRASH Protection Act) would require disclosure of: (1) the amount a company is spending on Year 2000 remediation; (2) what phase the company's Year 2000 plan has achieved; (3) whether the company anticipates litigation arising out of its Year 2000 problem; and (4) whether the company has insurance to protect it against liability arising out of the Year 2000 problem.
In part in response to S. 1518, and uncertainty expressed by members of the accounting and legal professions, the SEC released revised Staff Legal Bulletin No 5 (CF/IM) on January 12, 1998, augmenting its October bulletin. (A staff legal bulletin is not a rule, regulation, or official statement of the SEC; rather it is the SEC division's staff's view of disclosure requirements.)
In its bulletin the SEC staff states that companies should include disclosure in their "Management's Discussion of Analysis of Financial Condition and Results of Operations" if:
- the cost of addressing the Year 2000 issue is a material event or uncertainty that would cause reported financial information not to be necessarily indicative of future operating results or financial condition, or
- the costs or the consequences of an incomplete or untimely resolution of their Year 2000 issue represent a known material event or uncertainty that is reasonably expected to affect their future financial results or cause their reported financial information not to be necessarily indicative of future operating results or future financial condition.
In amplifying this requirement, the SEC staff indicates that if a company has not assessed its Year 2000 issue or has not determined whether it has a material Year 2000 issue, then disclosure of this "known uncertainty" is required. Further, in determining whether the Year 2000 problem will have a material impact on financial results, the determination should be made "without regard to countervailing circumstances" (such as Year 2000 remediation programs or contingency plans). As part of the disclosure, SEC staff expects, at a minimum, that the following topics be addressed:
- the company's general plans to address the Year 2000 issues relating to its business, its operations (including operating systems) and, if material, its relationships with customers, suppliers, and other constituents; and its timetable for carrying out those plans; and
- the total dollar amount that the company estimates will be spent to remediate its Year 2000 issues, if such amount is expected to be material to the company's business, operations or financial condition, and any material impact these expenditures are expected to have on the company's results of operations, liquidity and capital resources.
Several points of the SEC staff's guidance bear emphasis. First, a publicly traded company must is required to assess the consequences of "incomplete or untimely" resolution of its Year 2000 problem. Second, in determining its obligation to disclose the company must undertake the somewhat metaphysical exercise of ignoring its ongoing remediation plan and assess what impact a Year 2000 problem would have "without regard to related countervailing circumstances." Based on this standard, it seems as if the SEC is forcing most publicly traded companies to make a disclosure.
For most companies, and certainly for most financial institutions, it is likely that if they ignored the Year 2000 problem completely, operations would be disrupted. For many institutions, the Year 2000 problem implicates nearly all aspects of the operation -- from customer accounts, to amortization calculations, to investment tracking, to customer relations, to interest calculations, to statement generation. If the institution assumes that these and other basic functions would be impacted by the Year 2000 bug, it will be required to disclose under the SEC's guidance.
The SEC's guidance also suggests that disclosure include a discussion of how the institution is managing its relationships with customers, suppliers and "other constituents." Outreach to vendors and customers is often an area where many Year 2000 programs are lacking. An integrated plan will now need to include a vendor outreach component as well as an analysis of impact on the institution's customer base. For financial institutions, this aspect of an integrated Year 2000 plan already should be underway as it is part of the Federal Reserve's auditing protocol for financial institutions.
Disclosure by Investment Companies and Investment Advisers
The SEC has also indicated that disclosure may be required under the Investment Advisers Act of 1940 and the Investment Company Act of 1940. Significant for open-end investment companies -- mutual funds -- these requirements tend to very roughly parallel the requirements for publicly traded companies. If operational or financial obstacles are presented by the Year 2000 problem, investment advisers and investment companies may be required to make appropriate disclosure. Disclosure will be required if failure to disclose would be "materially misleading" to shareholders.
Investment companies also may need to disclose the effect that the Year 2000 problem would have on their adviser's ability to provide the services described in registration statements. Investment advisers may need to disclose their Year 2000 problem if failure to address the Year 2000 problem could materially affect the advisory services provided to their clients. As with publicly traded companies, investment advisers will be required to disclose if the adviser is unable or uncertain about its ability to address the Year 2000 problem.
Need for a Comprehensive Legal Audit
Considered a step back from the actual intricacies of the SEC legal bulletin guidance, the SEC seems to be attempting to force companies to determine where their Year 2000 exposure lies, to assure that companies are addressing their problem and to reach out to trading partners to assure that relationships are managed in light of the Year 2000 problem.
We have continued to recommend to clients that they undertake a comprehensive legal audit to help manage the risk that is associated with the Year 2000 problem. The audit is designed to accomplish several objectives:
1. To help avoid liability by discovering those areas of legal vulnerability that a financial institution might suffer.
2. To assure that opportunities for cost recovery are identified and, where appropriate, pursued. For many institutions, a recovery of even 10% to 20% of its Year 2000 costs can represent a significant amount of money.
3. To assist a company in developing a disclosure that will pass SEC muster. This entails a rigorous and detailed analysis of the company's Year 2000 program.
4. To begin to manage potential litigation by assuring that appropriate privileges attach to key documents and other communications bearing on the legal aspects of the Year 2000 problem.
5. To protect the board and the company's assets. With continued discussion in director's and officer's liability insurance circles of a blanket Year 2000 exclusion for Year 2000 related liabilities, the risk exposure to the board and the corporation is heightened and requires particularly diligent management.
As the Millennium approaches, more and more financial institutions will need to undertake rigorous management of the legal risk. The SEC's most recent guidance prods publicly traded companies closer to that realization. Proactive management of legal exposure remains an essential ingredient for every Year 2000 plan.
This article will also be featured in the March issue of the Bank Securities Journal.
Update on Y2K Remediation Problems
On January 22-23, 1998, we co-chaired a two-day conference entitled "Year 2000 Computer Crisis: The Litigation Summit," which was presented by Fulcrum Information Services. (The January conference was held in Dallas; the next conference is in New York on March 9-10.) The speakers included two individuals heavily involved in addressing the federal government's Year 2000 problem: Joel Willemsen, Director, Information Resources Management for the General Accounting Office and Cynthia Warner, Year 2000 Program Manager for the General Services Administration. The comments by these speakers highlighted five broad problems they have observed with remediation programs: (1) the system assessment process may not be as far along as believed because that process often reveals systems organizations never knew they had; therefore, the reported percentage of systems assessed may actually decrease over time as unknown programs are discovered; (2) contingency plans have not been developed to prepare for the likelihood that some failures will occur; (3) not enough time has been devoted to prioritizing remediation work; organizations should realize that not everything can be fixed on-time and that priorities must be established to ensure critical systems are fixed first; (4) many organizations do not have a good grasp on the critical problem of exchanging data with third parties; and (5) more emphasis must be placed on validating the remediation work. The comments by these and other speakers stressed that senior managers must recognize that many Year 2000 remediation programs have important problems that must be addressed if the work is to be completed on time and potential legal liability avoided.
Checklist for Year 2000 Business Judgment Rule Protection
The action by the SEC and its staff discussed in our lead article highlights the SEC's concern about disclosing of Year 2000 related costs and problems. The SEC activity also underscores the danger of lawsuits against directors arising from their failure to address Year 2000 problems properly.
As we have noted before (See August 1997 Legal Update), the best defense to these types of lawsuits is the business judgment rule. The business judgment rule will protect directors against liability claims based on what turns out to be a reasonable, but bad decision. In other words, under the business judgment rule courts are reluctant to "second guess" the decisions of directors made with reasonable diligence in ascertaining the facts and believed to be in the corporation's best interest. The key, though, to raising this shield to liability is for directors to develop a proactive plan to ascertain and reduce the corporation's potential legal liabilities. Listed below is a checklist of actions that directors should consider in developing their Year 2000 legal liability reduction plan. If questions from shareholder's or others arise, directors may be called upon to demonstrate the corporation's reasonable efforts to address its Year 2000 problem. The following actions may serve as evidence of those reasonable efforts:
(1) Create a Year 2000 committee to investigate and oversee Year 2000 activity within the corporation. Because it is essential that senior management be involved in overseeing Year 2000 activity, the committee may include the CEO, the head of IT, and the general counsel.
(2) Create a board mandated Year 2000 plan.
(3) Create a formalized line item budget for Year 2000 expenditures.
(4) Conduct a Year 2000 legal and technical audit to assure:
(a) internal systems operations (including software, hardware, and embedded chips) will transition without problems;
(b) computerized environmental and facility management systems (e.g., power, heating, cooling, telephones, elevators, security/access systems) will transition without problems;
(c) external data and operational interfaces with customers, vendors, financial institutions and other third parties will transition without problems;
(d) financial data is sound and reliable;
(e) time tables are established and provide sufficient time to ensure thorough testing before the Year 2000 arrives; and
(f) opportunities for cost recovery are considered.
(5) Generate regular Year 2000 reports for senior management.
(6) Evaluate recently acquired companies and potential future acquisitions for Year 2000 issues and potential liabilities.
(7) Determine whether outside technical consultants or legal counsel should be retained. (Directors usually rely on advice and opinions given by counsel, independent accountants or other experts as to matters that the director believes are within such person's expertise.);
(a) If consultants or vendors are retained, ensure that these third parties will not compromise confidential information by requiring confidentiality provisions in their contracts and monitoring their activity.
(b) If technical consultants are retained, consider whether to seek contractual assurance that the selected firm will indemnify the corporation for any losses arising from problems it contracted to fix. Also review the type and limits of insurance carried by the consultant.
(8) Develop contingency plans to prepare for the possibility that, despite best efforts, some things may not work. These plans should anticipate Year 2000 failures by your corporation's own internal systems or operations, as well as its vendors, customers, and financial institutions.
(9) Evaluate the corporation's insurance coverage.
(10) Ensure that the entities responsible for overseeing the corporation's pension and other funds are themselves Year 2000 compliant. Also ensure that they have considered the potential Year 2000 impact on the companies in which they invest your corporation's funds.
Legislations and Executive Order
Firestone Bill
In an effort to protect the computer industry from Year 2000 lawsuits, Brooks Firestone of the California Assembly introduced bill A. B. 1710.
The bill would outlaw punitive damage and emotional distress awards in connection with Year 2000 lawsuits. Damages would be limited to bodily injury, if any, and costs to repair or replace failed computer systems or programs.
The bill is sponsored by the Association of California Tort Reform.
Examination Parity and Year 2000 Readiness for Financial Institutions Act
House Banking Committee Chairman James Leach introduced legislation that would direct bank regulators to help financial institutions prepare for the Year 2000 problem.
The bill would require federal financial regulators to offer seminars to financial institutions on the implication of the Year 2000 problem. Regulators also would be required to provide model approaches for solving the Year 2000 problem.
In addition, the bill would give the Office of Thrift Supervision and the National Credit Union Administration the authority to examine the operations of service corporations or other entities that perform services under contract for thrift and credit unions.
The bill is co-sponsored by subcommittee chairmen Reps. Marge Roukema (New Jersey-R), Michael Castle (Delaware-R), Spencer Bachus (Alabama-R), and Richard Baker (Louisiana-R).
President Clinton's Executive Order
President Clinton issued an Executive Order on February 4, 1998 creating a presidential counsel on the Year 2000 problem. John Koskinen will head up the effort beginning March 9, 1998. Koskinen left the Office of Management and Budget (OMB) in July of 1997 after serving as deputy director from 1994 to 1997.
The Executive Order requires agencies to assure that no critical federal programs experience Year 2000 disruptions. Agencies must coordinate with state and local governments in this effort and cooperate with the private sector in critical infrastructure areas. In addition, agencies will communicate with foreign counterparts to raise awareness and generate cooperation in dealing with the Year 2000 issue.
To obtain copies of legislation or orders referenced in our newsletter visit our website at Click Contact Link
Hancock Announces Launch of 2000law.com
Hancock Rothert & Bunshoft LLP announces the launch of www.2000law.com, the legal resource for the Year 2000 problem. The site is designed to be a stopping point for anyone interested in following Year 2000 legal developments as they arise. One of the key features is the Year 2000 Lawsuit Counter which will track all Year 2000 lawsuit filings. (If you're aware of any action, please help us help each other by contributing to the site). We also will maintain our ongoing listing of published Year 2000 budgets, now more easily organized by topic. The site also boasts a detailed analysis of exposure by industry group and we hope to populate each of those grouping sites with useful, particularized information. You can also download copies of the Year 2000 Millennium Bug Liability newsletter and other articles of interest. If you are interested in submitting material, browsing the site or giving us some feedback, please get in touch.
Year 2000 Conferences
Performing an Audit of the Year 2000 Project Two Day Technical Audit Seminar for Auditors & Control Professionals
February 23-24, 1998 - Cancun, Mexico
March 23-24, 1998 - Marina Del Rey, CA
April 27-28, 1998 - Washington, D.C.
June 8-9, 1998 - St. Louis, MO
July 20-21, 1998 - Minneapolis, MN
August 17-18, 1998 - Denver, CO
Presented by Audit Serve, Inc. For more information, refer to Click Contact Link
SPG Conferences
March 18-20, 1998 - New York, NY
April 20-22, 1998 - Orlando, FL
June 29-July 1, 1998 - Chicago, IL
September 23-25, 1998 - San Francisco, CA
October 1998 (TBA) - Dallas, TX
November 9-11, 1998 - Boston, MA
Presented by Software Productivity Group (SPG). For more information, refer to Click Contact Link
Year 2000 TIC (Testing, Implementation, Certification) & Beyond Two Day Technical Seminar for Y2K Date Conversion & Project Office Professionals
March 26-27, 1998 - Marina Del Rey, CA
April 30-May 1, 1998 - Washington, D.C.
July 23-24, 1998 - Minneapolis, MN
Presented by Audit Serve, Inc. For more information, refer to Click Contact Link
DCI Conferences
June 23-25, 1998 - Boston, MA
October 13-15, 1998 - Orlando, FL
November 3-5, 1998 - Chicago, IL
Presented by DCI. For more information, refer to Click Contact Link
Year 2000 Computer Crisis:
The Litigation Summit
March 9-10, 1998 - New York, NY
June 18-19, 1998 - Atlanta, Georgia
July 30-31, 1998 - San Francisco, CA
Presented by Fulcrum Information Systems. To receive more information, call 800-869-4302. Co-chaired by Hancock Rothert & Bunshoft LLP.
Year 2000 Technical Conference
March 9-11, 1998 - Brussels
Presented by IBM. For more information, call +32 2 655 5528 or search the internet at Click Contact Link
Professional Notes
Speaking Engagements
Vito C. Peraino is scheduled to speak at the following speaking engagements:
Statewide Intergovernmental Summit on the Year 2000
February 18-19, 1998 - Sacramento, CA
Government Technology Conference - Southwest 1998
February 13, 1998 - Austin, TX
Hospital Council of Northern & Central California
February 20, 1998 - San Francisco, CA
Fulcrum's Year2000 Computer Crisis: The Litigation Summit
March 9-10, 1998 - New York, NY
June 18-19, 1998 - Atlanta, GA
July 30-31, 1998 - San Francisco, CA
Year 2000 National Symposium Series: The Definitive Event
April 6-9, 1998 - Atlanta, GA
Environmental Claims Managers Association
April 22-24, 1998 - Sanibell Island, FL
IPBA Conference
May 1-5, 1998 - Auckland, New Zealand
Hawaii Bankers Association
May 30, 1998 - Honolulu, HI
Deborah A. Pitts will be speaking at the following:
Fulcrum's Year2000 Computer Crisis: The Litigation Summit
March 9-10, 1998 - New York, NY
Peter J. Whalen will be speaking at the following:
Alameda County Bar Association
March 17, 1998 - Oakland, CA
Motor and Equipment Manufacturers Association
April 30, 1998 - St. Petersburg, FL
Projected Year 2000 Problem Costs
The charts below provide an updated tally of several published Year 2000 budgets. If you are aware of a published budget, please e-mail Cathy Williams at Click Contact Link and include the published reference. For a complete listing of Year 2000 projected costs, please refer to the Hancock Year 2000 page at Click Contact Link
Allina Health Systems $5M Health Data Management 1/98
Allstate $40M Rough Notes 12/97
Canadian Telephone Companies $500M The Toronto Star 1/1/98
Chubb Insurance Group $25M NBC News Transcripts 1/12/98
CSX Corp. $40M The Tennessean 1/4/98
Denver, CO $25M Denver Business J'l 12/19/97
Department of Higher Education, CO
$2.6M Denver Business J'l 12/19/97
Durham County, NC $1.1M The Herald-Sun 1/9/98
Federal Reserve $100M The American Banker 1/27/98
Fort Collins, CO $3.5M Denver Business J'l 12/19/97
Fort Lauderdale, FL $1M Sun-Sentinel 1/4/98
Johnson County Water District, $2M The Kansas City Star 1/14/98
Kaiser Permanente $23.1M Managed Healthcare 12/97
Nations Bank $150M The Tennessean 1/14/98
Ottawa-Carleton $30M The Ottawa Citizen 1/27/98
Providence, MA $800K The Providence Journal-
Bulletin 1/23/98
Public Works Government $4.4M The Financial Post Services,
Canada 1/17/98
San Joaquin County, CA $1.9M Xinhua News Agency 1/19/98
St. Thomas Hospital, TN $500K The Tennessean 1/4/98
Hot Internet Links
Click Contact Link
Hancock Rothert & Bunshoft LLP's Year 2000 Liability Website. This site provides a resource to year 2000 legal information.
Click Contact Link
This is the top technical/vendor site. This site contains information on current events and Year 2000 topics.
Click Contact Link - Federal Reserve Year 2000 website.
Click Contact Link - Westergaard Year 2000 website.
Click Contact Link - Comlinks Year 2000 website.
Click Contact Link - Yahoo! Full Year 2000 Coverage.
Click Contact Link - Year 2000 website for IT managers, business executives and y2k project managers.
Click Contact Link . The site focuses on investment opportunities. You can also find stock information on the Year 2000 Information Center Stock Index at Click Contact Link
Click Contact Link - This site focuses on compliance standards for the Year 2000 problem.
Click Contact Link - California State Government Year 2000 site.
Click Contact Link - This site provides information on other Year 2000 links.
Please refer to our website at Click Contact Link for more links
Hancock Rothert & Bunshoft has formed a Year 2000 Team to assist companies with related legal problems. If you would like more information on Hancock's Year 2000 Team, or on the firm in general, please contact: Vito C. Peraino on Tel: 213-623-7777 or E-mail: Click Contact Link or visit the Hancock Rothert & Bunshoft website at Click Contact Link
Visit the Year 2000 website at Click Contact Link
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.