Directors in the Shadow of SOX: Managing Responsibilities, Understanding Liabilities

by Seth I. Rubin, Esq.

“The Sarbanes-Oxley Act of 2002.”  These are words that send shivers down the spines of directors and officers everywhere.  While some might argue that the passage of Sarbanes-Oxley simply reinforced a statutory structure that was already in place, there is no denying the impact on the psyche of directors and the tense feelings that arise when one enters a corporate boardroom today.  As a result of the scandals that led to Sarbanes-Oxley, and the growth of the corporate governance and law enforcement infrastructure at attorneys general offices throughout theUnited States, directors must clearly understand their obligations of service, and the potential liabilities that accompany such service.

Directors of private companies and not-for-profit entities should not be fooled into thinking that Sarbanes-Oxley is only for public companies.  While the law may have been initially designed to quell upset investors in the public markets, the notions contained in Sarbanes-Oxley have been regularly applied to directors of private companies and not-for-profits.

The basic responsibility of directors is to oversee the affairs of the companies they serve.  Directors are not responsible for day-to-day operations; instead, directors are required to take a broader view of corporate matters.  Directors owe a duty of loyalty to companies and shareholders that requires them to act in good faith and in the best interest of their companies; directors also owe a duty of care that calls for the exercise of an objective, reasonable and prudent standard of skill and care.

In 1996, the landmark Delawarematter, In re Caremark Int’l Inc. Derivative Litigation, clarified that directors’ obligations include a good faith attempt to develop an adequate information gathering and reporting system.  Caremark, coupled with the requirements of Sarbanes-Oxley, clearly demonstrate that directors can longer sit on the sidelines, assuming all is well, whileRome burns. Directors must be active participants in the health, direction and operation of companies, and take meaningful and measurable steps to prevent and/or deal with wrongdoing.

Directors who are unaware of their legal obligations to companies and shareholders may not claim ignorance as an excuse.  Under the Sarbanes-Oxley scheme, directors are required to evaluate a company’s management team in terms of experience, depth, expertise and commitment to compliance with corporate governance standards.  Directors also need to develop and regularly assess best practices that will allow directors to stay attuned to problems before they develop into scandal.

Best practices for companies can include a wide variety of controls and procedures, starting at the lowest levels and working all the way up to the chief executive.  From a Board of Directors’ perspective, best practices can, and should, include:  regular and extensive meetings of the Board and its committees; meetings with key employees (not just the CEO and CFO); whistleblower protections and an anonymous system for reporting of potential problems; careful review of executive compensation; development of a record retention system to highlight red-flag situations; appointment of a chief compliance officer; and periodic discussions with inside and outside counsel, as well as auditors.  Development and adherence to these and other recommended best practices will help to keep directors informed and allow them to make decisions based on a wealth of information, instead of in a vacuum.  As importantly, a commitment to best practices will help companies and directors avoid potential liability.

In the Sarbanes era, high profile instances of directors and officers being held responsible for corporate malfeasance have skyrocketed.  While there are important methods of liability protections that every company and director should take advantage of – e.g., directors’ and officers’ insurance, indemnification and exculpation language contained in company charter documents, etc. — these are not foolproof methods of liability avoidance.  In fact, in 2005, outside directors of Enron and WorldCom were exposed to significant personal liability for failing to detect management wrongdoing, and none of the traditional protections could prevent the exposure.  That said, adopting best practices and being proactive about negative issues that arise can go a long way toward providing a significant level of liability protection.

Given the current environment, increased scrutiny of boards of directors of public and private companies will likely continue for years to come.  In order to minimize exposure, directors are encouraged to actively support the implementation of best practices, to be seekers and consumers of information, and to take seriously their fiduciary obligations to their companies and their shareholders.  If directors can demonstrate that they acted in good faith and exercised sound business judgment, protection from liability will likely follow.


Partner Seth I. Rubin, Esq. is a member of the Corporate & Securities Department at Ruskin Moscou Faltischek, P.C. in Uniondale, New York. He can be reached at 516-663-6691 or

Back to Press Releases Print