D&O

In this chapter of our Annual Insurance Review 2024, we look at the main developments in 2023 and expected issues in 2024 for D&O.

Key developments in 2023 

2023 continued to see ESG claims, which is not surprising when the World Business Council for Sustainable Development reported these types of claims have grown 25% in the last 30 years.  Shareholders have continued to make claims against companies for failures around sustainability commitments, for financing fossil fuel projects and for exaggerating the extent of investments into ESG related projects.  The perhaps more surprising target for claims has been companies/directors who have been proactive with ESG causing some shareholders to complain that the companies have ignored profit at the expense of ESG.  This has led to a rise in "green-hushing" - where companies don't broadcast their ESG efforts, in an attempt to avoid scrutiny and allegations of "greenwashing"*.

The FCA has shown an increased focus on non-financial misconduct (such as harassment, bullying and sexual assault).  The FCA continues to investigate individuals to see whether non-financial misconduct means that someone is no longer a "fit and proper" person to work in financial services.  This focus looks to continue because in September 2023, the FCA and PRA published consultation papers setting out a number of changes to incorporate non-financial misconduct within "Fit and Proper" assessments, the Conduct Rules and the Suitability threshold. 

What to look out for in 2024

There is a new law in town - the Economic Crime and Corporate Transparency Act 2023.  All new and existing directors will need to verify their identities and there is a new failure to prevent fraud offence.  It only applies to large companies who meet at least two of the following criteria (i) more than 250 employees, (ii) more than £36 million turnover and/or (iii) more than £18 million in total assets.  There will be a defence if the company had "reasonable procedures" in place to prevent fraud or that is was reasonable not to have any procedures.  The Act came into force on 26 October 2023 but the failure to prevent fraud offence will only come into force once the Government has published guidance on "reasonable procedures" (expected in the first half of 2024).  Whilst there is no individual liability for this offence, directors should watch out for the guidance. And of course, failures by directors that lead to the company being exposed to a prosecution, still less a conviction for the offence, may rebound in terms of claims against them by the company for compensation, if they have left the board or by disgruntled shareholders derivatively, not to mention against the company itself, in the form of potential securities claims of the sort that have arisen in the context of companies being convicted for the failure to prevent offence under s. 7 of the Bribery Act 2010

In light of the SEC's new rules (in July 2023) requiring companies to disclose material cybersecurity incidents as they happen and annual disclosures on cybersecurity risk management, strategy and governance, UK directors must keep their cybersecurity procedures/risk management at the top of their priority lists.  The SEC has already filed a civil enforcement action against software company SolarWinds and its Chief Information Security Officer for allegedly misleading investors by understating the company's cyber vulnerabilities.  Whilst it is not new, rising interest rates coupled with economic inflation mean we are likely to see further claims against insolvent directors as we see an increase in company insolvencies.  AI is a hot topic and directors should take care to ensure AI is used in a responsible manner and that they understand and manage potential risks (for example how algorithms are used and data bias).

Written by Lara Furse.