For many asset managers and investment companies, the topic of compliance tends to focus on federal securities, particularly Rule 206(4)-7 under the Investment Advisers Act of 1940 (the "Advisers Act) and Rule 38a-1 under the Investment Company Act of 1940 (the "Company Act"). While these rules and the SEC's guidance related to them are important, state law also plays a vital role in compliance. Delaware case law and other legal principles support the conclusion that chief compliance officers of SEC-registrants also have a fiduciary duty under state law to develop, enact, and maintain a robust compliance program.
Many asset managers (especially publicly traded ones) and investment companies are organized under Delaware law because Delaware has developed effective rules and regulations for businesses; this is especially true for investment companies, which tend to view the Delaware statutory trust structure as the most efficient means of organization. Additionally, many other states have drafted their corporate and statutory trust laws to mimic Delaware, and even if they haven't Delaware has a wealth of statutes and cases from which courts in other states draw on for novel legal issues. Therefore, it's essential for firms in our industry to stay informed of developments in Delaware corporate law.
Directors and Officers: The Duty to Oversee Compliance
Recently, The Business Lawyer, a publication of the American Bar Associations' Business Law Section, published its annual Corporate Compliance Survey, 73 Bus. Law 3, 817 (Sum. 2018) (the "ABA Article"). In the section discussing case law developments, the survey reviewed the duty of corporate directors and offices regarding compliance oversight. In particular, the article discussed "duty of corporate officers and directors, [under] In re Caremark International Inc. Derivative Litigation [citation omitted], to oversee a corporation's legal compliance efforts." Id. at 832 (citing 698 A.2d 959 (Del. Ch. 1996)). The article is a worthy read for any corporate officer.
Under Caremark, Delaware law establishes a duty on directors to oversee a firm's compliance program. Delaware law also imposes a duty on many corporate officers that may be more stringent than the duty imposed on directors for one primary reason: corporate officers are involved in the daily administration of the compliance program.
"In Gantler v. Stephens, the Delaware Supreme Court held that "the fiduciary duties of officers are the same as those of directors[, which includes] the "fiduciary duties of care and loyalty," [meaning] corporate officers owe the Caremark duty of oversight."
Corporate Compliance Survey, 73 Bus. Law 3, at 835 (Sum. 2018) (citing Gantler v. Stephens, 965 A.2d 695, 709 (Del. 2009)).
Although Delaware law applies its fiduciary duty to some corporate officers and not employees and contractors it's not clear which corporate officers owe the fiduciary duty is not clearly defined. Id. at 836. But generally, the fiduciary duty will apply to senior executives which include c-suite officers and anyone serving the capacity of president, treasurer (and presumably controller, if separate), secretary, and vice-president. The duty may also apply to anyone who "performs a major policy-making function for the corporation." Id. (citing Am. Law Inst., Principles of Corporate Governance: Analysis and Recommendations s.1.27 at 31 (1994) ("ALI Principles")).
Interestingly, while the American Law Institute's Principles of Corporate Governance list vice presidents as an officer, it's not clear whether Delaware courts could include other assistant officers such as assistant treasurers or assistant secretaries in the definition, which may exclude these officers as a fiduciary. One factor that may determine whether these officers have a fiduciary duty is if they are listed in the registrant's federal securities filings. An officer listed in these filings is presented to the public as having a relatively high degree of authority and responsibility. Therefore, investment adviser and investment companies should take care as to who they list in such filings. Giving an employee a junior officer title and then listing them in federal securities filings could make that person a fiduciary to the corporate entity.
The Fiduciary Duties of the Chief Compliance Officer
While not an explicit legal statement, the chief compliance officer ("CCO"), even if not a c-suite executive at a firm, would be included in the definition of a senior executive. Although the person serving as a CCO at some smaller firms may not be an "executive" for that firm, the expectations of the CCO under federal and state securities laws contemplate that he or she serves in a significant policy-making role. Firms that have delegated the CCO responsibility to a junior or mid-level employee should reconsider such an appointment as Delaware law, and presumably, SEC regulations will expect that person to serve in a senior capacity with the appropriate authority.
As noted in the ABA Article, although the comments to the ALI Principles hold that "a staff member who gives advice on policy but does not have authority ... to make policy, does not perform a major policymaking function ", the
First, the Sentencing Guidelines require that '[s]pecific individual(s) within high-level personnel shall be assigned 'overall responsibility' for the organization's compliance and ethics program will necessarily have the broad, entity-wide scope of authority contemplated by ALI Principles. Second, the Sentencing Guidelines provide that compliance and ethics offers 'shall be given adequate resources, appropriate authority, and direct access to the governing authority or an appropriate sub-authority of the governing authority.'
ABA Article at 838 (citing U.S. Sentencing Guidelines Manual s.8B2.1(b)(2)).
Another reason that supports the application of the fiduciary duty on CCOs for an SEC-registration is the requirement of a CCO to oversee the strengths and weaknesses of the registrant's compliance program. A CCO should, at least annually, perform a comprehensive risk assessment of the registrant's compliance program, which is often document in the CCOs annual report or annual risk assessment.
In summary, both federal securities laws and Delaware law have a reasonable expectation that senior officers, including the CCO, have a fiduciary duty to an SEC-registrant. This duty imposes a complicated list of expectations on the officer and a robust corporate governance program will ensure that a company reasonably trains all its covered officers on these expectations. Further, an SEC-registrant should ensure that its officers have the necessary resources to perform their responsibilities and exercise their scope of authority.
As noted in the ABA article:
the [CCO's] enhanced Caremark duty poses a potential trap for such officers who are overworked or understaffed
...If this officer is understaffed, she cannot possibly perform all of her assigned duties, and oversight of the compliance and ethics program will likely suffer.
ABA Article at 839.
An understaffed or overstretched compliance team can lead to situations where a firm fails to prevent or