On April 27, 2020, the Delaware Court of Chancery for the third time in a year denied a motion to dismiss a Caremark claim. The case, Hughes v. Hu, involves a derivative claim against the audit committee and officers of a Delaware corporation, Kandi Technologies Group, Inc., a Nasdaq-traded company based in China that manufactures electric car parts. In denying the motion, Vice Chancellor Laster found that there was a substantial likelihood that the defendants breached their fiduciary duty of loyalty by failing to act in good faith to maintain an adequate board-level oversight.

Two recent Delaware court decisions raised concern that Caremark duties may have expanded: Marchand v. Barnhill (declining to dismiss a Caremark claim against the board of Blue Bell Creamery for failing to make a good-faith effort to implement a system of board-level compliance monitoring and reporting to oversee the food safety of its ice cream production) and In re Clovis Oncology, Inc. Derivative Litigation  (where the board “did nothing” when the company released unsubstantiated reports about cancer treatments in clinical trials).  However, it appears that the Caremark duties remain unchanged, with Delaware courts underscoring the requirement that directors implement board-level oversight of mission-critical areas in good faith to ensure that the systems are working effectively and heed warnings or “red flags” that are discovered. This view of the line of recent Caremark decisions is further reinforced by Hughes, where serious alleged failures in internal processes regarding related-party transactions resulted in the plaintiff’s claim surviving a motion to dismiss.

The Hughes decision chronicles a long history of problematic internal control and monitoring within Kandi. Between 2010 and 2015, Kandi was audited by AWC (CPA) Limited (“AWC”), which purported to be an independent, outside auditor, but had no clients other than Kandi. During these years, AWC repeatedly identified key risks and weaknesses in Kandi’s audit and control mechanisms, and repeatedly failed to investigate them.

In its 2014 Form 10-K, Kandi disclosed that “disclosure controls and procedures were not effective as of December 31, 2013, due to a material weakness,” including that (i) the head of Kandi’s internal audit department reported to CEO Hu rather than the audit committee, (ii) the company did not have adequate internal controls for related-party transactions, and (iii) Kandi failed to evaluate the audit committee’s effectiveness on an annual basis as required by the audit committee charter.

Following the Form 10-K filing, the audit committee held two short meetings where it supposedly reviewed a related-party transaction, the company procedures for the approval of such transactions, a new internal audit charter describing the committee’s responsibilities, and a management policy on related-party transactions. The first meeting lasted only 45 minutes, and the second only 40 minutes. (When the stated documents were sought in response to the plaintiff’s inspection demand, however, Kandi did not produce them, leading the court to infer that the documents did not exist.) The audit committee then met only once in 2015, for 50 minutes, and waited almost a year until meeting again in March, 2016, for 30 minutes. Following each meeting, the audit committee acted by unanimous consent to approve matters that should have been considered and approved during the meeting. The audit committee met twice more in 2016, and acted again by unanimous consent to remove and replace AWC as company auditor.

In November 2016, Kandi disclosed for the first time a series of material related-party transactions in 2012 – 2014 with a company owned by the son of Kandi’s CEO and the service company to which the joint venture sold cars. Then, in March, 2017, Kandi announced that its financial statements from 2014 through the third quarter of 2016 could not be relied upon and needed to be restated. In its next Form 10-K, Kandi disclosed that it lacked sufficient expertise in key areas of financial reporting, US GAAP requirements and SEC disclosure regulations.

After several securities class action suits were dismissed for failure to plead a strong inference of scienter, as required by federal securities law, the plaintiff in Hughes brought a Caremark claim against audit committee members and officers in Delaware, stating that they had “consciously failed to establish a board-level system of oversight for [Kandi’s] financial statements and related-party transactions, choosing instead to rely blindly on management while devoting patently inadequate time to the necessary tasks.” The plaintiff asserted that these failures led to the 2017 financial restatements. The plaintiff also bought an unjust enrichment claim against the CEO and three CFOs alleging that they received unjust compensation due to the inaccurate financial statements that overstated company performance, holding all defendants jointly and severally liable for the damages.

The Hughes court reiterated the Delaware standard for director liability in Caremark claims. Directors have “a fiduciary obligation to adopt internal information and reporting systems that are reasonably designed to provide to senior management and to the board itself timely, accurate information sufficient to allow management and the board, each within its scope, to reach informed judgments concerning both the corporation’s compliance with law and its business performance.”  Directors can fail in their duty of oversight by either “utterly fail[ing] to implement any reporting or information system or controls; or (b) having implemented such a system or controls, consciously fail[ing] to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.” Only a “sustained or systematic failure” of a board to exercise oversight will result in the showing of a lack of good faith necessary for a Caremark claim.

In regards to the first avenue of liability, the Hughes court noted that “a director may be held liable if she acts in bad faith [if] she made no good faith effort to ensure that the company had in place any ‘system of controls.’” While directors have a wide latitude in designing this system tailored to their business and industry, there is a “bottom-line requirement. . . the board must make a good faith effort—i.e., try—to put in place a reasonable board-level system of monitoring and reporting.” If the directors fail “to attempt in good faith to assure that a corporate information and reporting system, that the board concludes is adequate, exists, then the board can be held liable [for a Caremark claim].” The court noted that a plaintiff can adequately state a Caremark claim by alleging that “the company had an audit committee that met only sporadically and devoted patently inadequate time to its work, or that the audit committee had clear notice of serious accounting irregularities and simply chose to ignore them or, even worse, to encourage their continuation,” and that the “mere existence of an audit committee and the hiring on an auditor does not provide universal protection against a Caremark claim.”

The defendants argued that they had implemented a board-level oversight system in that they had an audit committee, an internal audit department, and an independent auditor, pointing to a previous Delaware Court of Chancery case, In re Gen. Motors Co. Deriv. Litig, where directors had escaped liability in a Caremark claim for minimal oversight. Vice Chancellor Laster disagreed, comparing the director defendants to those in Marchand who had failed to make a good faith effort to put a reasonable oversight system in place. The court distinguished the actions by the Kandi defendants from General Motors, where the board had implemented at least “some oversight.” The General Motors board had “regularly reviewed the company’s risk management structure, identified the top risks facing the company’s business, and received presentations on product safety and quality.” The court pointed in part to the infrequent, short meetings of the audit committee, from which it would have been impossible for the committee to fulfill its responsibilities under its charter. The “chronic deficiencies” of the audit committee supported a reasonable inference that the directors, acting through the audit committee, “failed to provide meaningful oversight over [Kandi’s] financial statements and system of financial controls.”

The court held that the defendant directors faced a “substantial likelihood of liability under Caremark for breaching their duty of loyalty by failing to act in good faith to maintain a board-level system for monitoring the Company’s financial reporting.”

Although the ruling in Hughes should be regarded not as an expansion of the Caremark doctrine, it should serve as a reminder that boards should take their oversight responsibilities seriously. As long as the board of a Delaware corporation makes a good faith effort to actually implement board-level monitoring and control, and takes the necessary steps to monitor the system, it should be able to avoid a successful pleading of a Caremark claim. The Hughes case may result in plaintiffs finding Caremark claims to be a more attractive option than securities claims, however, because of the high hurdle created by the scienter requirement of federal securities law. Time will tell, but it seems likely that there may be more Caremark-based suits in the future, making it even more important that corporate boards take their oversight duties seriously.