Boeing Case Highlights Risk For Health, Life Sciences Boards

On Sept. 7, the Delaware Chancery Court allowed In re: The Boeing Co. Derivative Litigation to proceed, surviving a motion to dismiss.[1]

The action alleges that directors breached their fiduciary duties with respect to their oversight of safety issues and arises out of two crashes of the company’s 737 MAX aircraft.

This decision is the latest in a recent set of cases in which the Delaware courts have allowed so-called Caremark claims to proceed past the motion-to-dismiss stage.[2] In these cases, the courts have made clear that directors must be particularly attentive to oversight of mission-critical regulatory or safety-related risks.

An important factor in several of these cases, including Boeing, was the board’s failure to assign such responsibility to a specific board committee.

Though the Boeing case involves the airline industry, several other cases in this line have arisen out of the healthcare or life sciences industry, where the regulatory requirements are complex and patient safety a paramount concern. The Boeing case should thus resonate strongly with boards of companies in those industries, and in other regulated industries.

Such boards should assess whether they have the right structure, processes and people to oversee mission-critical risks.

The In re: Boeing Decision

In Boeing, the plaintiffs alleged that the board had failed to establish a reporting system for airplane safety and turned a blind eye to safety red flags.[3]

According to the complaint, none of the company’s board committees was specifically tasked with overseeing airplane safety, and every committee charter was silent with respect to airplane safety.[4]

The company’s audit committee, though tasked with overseeing legal and regulatory compliance, allegedly focused principally on financial and production risks.[5]

The board minutes and other materials before the court on the motion to dismiss indicated that the board’s yearly updates on compliance did not address airplane safety,[6] that the company’s enterprise risk visibility, or ERV, process did not specifically emphasize airplane safety,[7] and that airplane safety was not a regular agenda item at board meetings,[8] and audit committee and ERV materials revealed that airplane safety risks were not discussed.[9]

Management allegedly did not report to the board on safety issues, and the board did not have a means of receiving internal reports and complaints about safety, including whistleblower complaints.[10]

In allowing the case to proceed, the court relied heavily on the Delaware Supreme Court’s 2019 decision in Marchand v. Barnhill,[11] in which that court held that board oversight of mission-critical risks must be more rigorously exercised.

Treating the well-pled allegations as true, as required on a motion to dismiss, the court found that the plaintiffs had pled that the board had “complete[ly] fail[ed] to establish a reporting system for airplane safety” and had also effectively ignored red flags about airline safety issues.

Grounding the Boeing Decision

The Boeing case is the latest in a series of cases stemming from the Delaware Chancery Court’s decision In re: Caremark International Inc. Derivative Litigation in 1996. Many of the cases, starting with Caremark itself, have involved healthcare or life sciences companies or other companies providing goods or services that can affect consumer safety.[12]

While the seminal Caremark case did not relate to health or safety issues directly, it involved review of a settlement of shareholder derivative claims that were premised on the company’s guilty plea and payment of criminal and civil penalties for violations of federal and state healthcare fraud laws, including the Anti-Kickback Statute, which also resulted in the imposition of a corporate integrity agreement.[13]

The Chancery Court set a high bar for failure-of-oversight claims:

Generally where a claim for directorial liability for corporate loss is predicated upon ignorance of liability creating activities within the corporation … only a sustained or systematic failure of the board to exercise oversight — such as an utter failure to attempt to assure a reasonable information and reporting system exists — will establish the lack of good faith that is a necessary condition to liability.[14]

In approving the settlement, the court acknowledged that the record established that the board had acted appropriately, such that the standard for such liability had not been met in that case.[15]

In 2006, in Stone v. Ritter,[16] the Delaware Supreme Court held that:

Caremark articulates the necessary conditions predicate for director oversight liability: (a) the directors utterly failed to implement any reporting or information system or controls; or (b) having implemented such a system or controls, consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.[17]

Importantly, the Supreme Court reiterated that Caremark liability implicates the duty of good faith, which is a subsidiary element of the duty of loyalty,[18] breaches of which are neither subject to exculpation in corporate charters nor indemnifiable under Delaware law.[19] Finding that reasonable reporting systems existed and were monitored by the board, the court affirmed the Chancery Court’s dismissal of the claim.[20]

In line with the Caremark opinion’s statement that a claim against directors for employee failures, or failed oversight claim, is “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment,”[21] it has been rare for such claims to survive a motion to dismiss.

In the past two years, however, the Delaware courts have allowed six Caremark cases to proceed. Three of those cases — like Caremark itself — involved companies in the life sciences or food industries where consumer health and safety issues are of paramount importance.[22]

Marchand v. Barnhill,[23] decided in 2019, involved a listeria outbreak in ice cream manufactured by Blue Bell Creameries USA Inc., which resulted in three customer deaths and an array of adverse economic consequences for the company and its shareholders. The Chancery Court granted the defendant’s motion to dismiss, but the Delaware Supreme Court reversed. The court focused principally on the plaintiff’s allegations that Blue Bell lacked:

  • A board committee to oversee food safety;
  • A full board-level process to address food safety issues;
  • A protocol for advising the board of food safety reports and developments; and
  • Evidence in board minutes of discussion by the board of food safety issues.[24]

Notably, the court acknowledged the directors’ argument that the company had nominally complied with certain standard U.S. Food and Drug Administration requirements and state rules relating to food safety, but held that the company’s nominal compliance “does not rationally suggest that the board implemented a system to monitor food safety.”[25]

In re: Clovis Oncology Inc. Derivative Litigation,[26] decided in 2019, involved allegations that a biotechnology company failed to comply with FDA rules for reporting clinical results and reported results in a manner that overstated the drug’s efficacy and safety.[27]

When the disparity in the company’s test reporting was exposed, the company’s stock price declined dramatically, its application for approval of the drug had to be withdrawn, and a series of securities class actions followed, which the company resolved at a high price.[28] Shareholders filed a failure-of-oversight claim.[29]

The Chancery Court held that the plaintiffs had stated a claim for the board’s failure to monitor oversight systems by alleging with particularity that the board consciously ignored multiple red flag warnings that management was inaccurately reporting the drug trial results.[30]

Importantly, the court emphasized that the board’s responsibilities must be exercised and assessed in relation to the level of risk presented, stating that Marchand “underscores the importance of the board’s oversight function when the company is operating in the midst of ‘mission critical’ regulatory compliance risk.”[31] In a mission-critical environment, “the board’s oversight function must be more rigorously exercised.”[32]

In 2020, the Chancery Court allowed yet another Caremark claim against a life sciences company to proceed based on alleged failure to oversee mission-critical regulatory risk.

Teamsters Local 443 Health Services & Insurance Plan v. Chou[33] involved allegations that directors had failed properly to implement and monitor compliance policies and systems in connection with a subsidiary specialty pharmacy’s failure properly to package and ship prefilled syringes of oncology products, resulting in criminal and civil penalties under the Federal Food, Drug and Cosmetic Act and the False Claims Act, respectively.[34]

The court concluded that for a manufacturer of drugs, “[l]aws and regulations governing the health and safety of drugs are thus the ‘most central … safety and legal compliance issue facing the company'” and that “when regulations governing drug health and safety are at issue, [a company’s] Board must actively exercise its oversight duties in order to properly discharge its duties in good faith.”[35]

The Take-Home Message

The message from these cases is clear: Boards have responsibility to ensure that systems are in place to identify and monitor compliance and safety risks on an ongoing basis, and they must do so rigorously with respect to mission-critical risks. In light of the success of plaintiffs in the In re: Boeing case and others, it is likely that plaintiffs will be emboldened to pursue claims against boards for failure to oversee such risks in a wide range of circumstances.

In such cases, as in the Boeing case,[36] plaintiffs will rely on Section 220 of the Delaware General Corporation Law, which authorizes stockholders to demand inspection of the books and records of Delaware corporations.[37]

The factual records established by such requests will be the basis on which motions to dismiss succeed or fail. When, on a motion dismiss, the record does not adequately demonstrate that boards have overseen mission-critical risks, the Delaware courts will allow cases against them to proceed.

This message is particularly important for the boards of healthcare and life sciences companies. Such companies are among the most heavily regulated in the world and are engaged in operations that affect patient safety. They are thus among the companies most heavily scrutinized by regulators and law enforcement officials and as a consequence, they are disproportionately represented in government enforcement actions.

Penalties paid by such companies, for example, represent the lion’s share of all False Claims Act settlements; since 2015, False Claims Act recoveries for healthcare companies totaled $14 billion out of the $19.7 billion recovered by the government.[38] An upshot of that phenomenon is that, as set out above, such companies are the most popular targets of failure-of-oversight claims.

Ironically, in itemizing the deficiencies that can expose boards to liability, the recent spate of Delaware cases has created a road map for boards to avoid liability for failure of oversight.

Based on these cases, as well as broader principles of corporate governance, to mitigate risks, boards of all companies, but especially those in the healthcare and life science spaces and other highly regulated industries, should ensure that mechanisms are in place to support rigorous board oversight of compliance and safety efforts. This should include the following:

  • Periodically conduct a review of the business to identify mission-critical operations and risks.
  • Ensure that the board has the right structure to engage in oversight in this area.
    • Consider whether the board has clearly and adequately delegated to a current board committee responsibility for assisting the board in its oversight of compliance and safety risk;
    • Consider whether the board should establish a specialized committee for this task; and
    • Be sure committee charters clearly reflect the responsibilities delegated for compliance and safety.
  • Ensure that the board has the right processes to ensure appropriate oversight.
    • Review the reporting processes in place to ensure that information about mission-critical risks is brought to the board’s attention in a manner that is not unduly dependent on management discretion;
    • Establish a regular cadence for discussion of compliance and safety at board meetings; and
    • Document board and committee efforts in this area carefully in meeting minutes.
  • Ensure that the members of any committee responsible for oversight of mission-critical risk have the appropriate background and experience effectively to carry out their responsibilities.

Paul Kalb is a partner, leader of the healthcare and FDA group, and leader of the COVID-19 task force at Sidley Austin LLP.

Holly Gregory is a partner and co-chair of the global corporate governance and executive compensation practice at Sidley.

The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.

[1] In re Boeing Co. Derivative Litigation , 2019-0907 (Dec. Ch. Sept. 7, 2021).

[2] See, e.g., Marchand v. Barnhill , 212 A.3d 805 (Del. 2019); Teamsters Local 443 Health Servs. v. Chou , C.A. No. 2019-0816-SG (Del. Ch. Aug. 24, 2020); In re Clovis Oncology, Inc. Derivative Litigation , No. CV 2017-0222-JRS, 2019 WL 4850188 (Del. Ch. Oct. 1, 2019).

[3] In re: Boeing, slip op at 2.

[4] Id. at 6.

[5] Id. at 7.

[6] Id. at 6.

[7] Id. at 7.

[8] Id.

[9] Id.

[10] Id. at 8.

[11] Marchand v. Barnhill, 212 A.3d 805 (Del. 2019).

[12] In re Caremark Int’l Inc. Derivative Litig. , 698 A.2d 959 (Del. Ch. 1996).

[13] Id. at 965.

[14] Id.

[15] Id. at 961.

[16] Stone v. Ritter , 911 A.2d 362 (Del. 2006).

[17] Id. at 30.

[18] Id. at 370.

[19] Delaware General Corporation Law, §102(b)(7).

[20] Stone v. Ritter, 911 A.2d 362 (Del. 2006).

[21] Caremark, 698 A.2d at 967.

[22] The others were In re: Boeing, involving alleged failure to oversee safety in the airplane industry; Hughes v. Hu , No. CV 2019-0112-JTL, 2020 WL 1987029, at *17 (Del. Ch. Apr. 27, 2020), involving alleged failure to provide adequate oversight over financial controls of an electric vehicle parts seller; and Inter-Marketing Group USA, Inc., v. Armstrong , 2020 WL 756965 (Del. Ch. Jan 31, 2020) (unpublished), involving alleged failure properly to oversee gas pipeline integrity.

[23] Marchand v. Barnhill, 212 A.3d 805 (Del. 2019).

[24] Id. at 809.

[25] Id. at 823.

[26] In re Clovis Oncology, Inc. Derivative Litigation, No. CV 2017-0222-JRS, 2019 WL 4850188, at *13 (Del. Ch. Oct. 1, 2019).

[27] Id. at *7.

[28] Id. at *9.

[29] Id. at *1.

[30] Id. at *15.

[31] Id.

[32] Id. at *13.

[33] Teamsters Local 443 Health Servs. v. Chou, C.A. No. 2019-0816-SG (Del. Ch. Aug. 24, 2020).

[34] Id. at 23-35.

[35] Id.

[36] In re: Boeing, slip op at 45.

[37] 8 Del. C.§ 220.

[38] Department of Justice, Fraud Statistics – Overview, accessed September 9, 2021, https://bit.ly/3hkVtXk; Department of Justice, “Justice Department Recovers Over $4.7 Billion From False Claims Act Cases in Fiscal Year 2016,” news release, December 14, 2016, https://bit.ly/3jXael3.

This article originally appeared on Law360.

This post is as of the posting date stated above. Sidley Austin LLP assumes no duty to update this post or post about any subsequent developments having a bearing on this post.