The broad management powers of company directors come with great responsibility, personal liability and public scrutiny. The daily revelations emerging from the Post Office scandal is a comprehensive case study of the risks faced by directors, both executive and non-executive.
This article examines the many ways in which a company director may be held to account in 2024 – and not just the legal ones – and how to manage the key risks from both the company’s and the individual’s perspective.
Directors in the UK are subject to a robust statutory framework set out in the Companies Act 2006, which defines their principal duties and obligations. The seven statutory duties require the directors to:
Directors owe their general duties to the company itself and not to any other director or shareholder. The company itself may take legal action against a director if there has been a breach of duty, with the decision made by the board of directors or, in an insolvency scenario, its liquidator or administrator.
There is no distinction in law between executive directors, who manage the company’s business on a day-to-day basis, and non-executive directors (“NEDs”), whose role is principally advisory and less time intensive. However, that makes it all the more important that NEDs understand the business, are kept fully apprised of the activities of the business, and have access to all relevant information about the company’s position.
As a general principle of corporate law, companies have limited liability and their own separate legal personality, which means directors and senior executives are shielded from personal liability for the company’s debts and obligations. However, there is an ever-expanding range of reasons why the legal distinction between the company and the senior individuals acting on its behalf is not so clear cut.
Directors can be personally liable for the debts and obligations of the company in a wide range of circumstances, such as:
Anyone considering appointment as a director should fully understand these risks. For further information, see our previous article here.
An important way to mitigate these risks is to negotiate indemnities against these personal liabilities, to the extent the Companies Act permits this. These may be included in the company’s articles, the director’s service agreement and/or a standalone deed of indemnity. Directors’ and officers’ insurance policies also provide protection to company directors. These will typically reimburse costs (including legal costs) that may arise resulting from defending claims made by shareholders, third parties or regulators but will commonly exclude fraud, intentional criminal acts, illegal personal gains and fines and penalties imposed by regulators which are uninsurable by law. It is important that directors understand these limitations.
Directors should also ensure that they have a right – both the legal right under the articles or other contractual documents and the ability in practice – to receive all relevant information and documents regarding the company and its affairs.
Directors of smaller companies often provide personal guarantees in respect of the company’s debts and obligations by express agreement. Although personal guarantees facilitate access to credit, they also expose directors to significant personal risk. If the company defaults on its obligations, directors may find themselves personally liable for the debts guaranteed. If more than one director enters into a guarantee, they are usually jointly and severally liable and the lender may then choose to focus on those with the deepest pockets.
Legislation such as the Unfair Contract Terms Act 1977 provides some protection against unfair terms in personal guarantees. Most lenders will, however, require any prospective guarantor to obtain independent legal advice, as a means of maximising the prospect of enforcement. Directors can also protect themselves against the enforcement of guarantees through taking out personal guarantee insurance.
In addition to potential civil claims, directors can also face criminal liabilities for specific actions or omissions while running a company. Offences such as fraud, bribery, and money laundering can lead to criminal charges against individual directors.
The Criminal Finances Act 2017 introduced the corporate offence of failure to prevent the facilitation of tax evasion, making companies and their directors criminally liable if they fail to implement adequate procedures to prevent tax evasion within their organisation. Directors must ensure strict compliance with anti-corruption and anti-money laundering laws to mitigate the risk of criminal charges.
Other legislation, such as the Health and Safety at Work Etc. Act 1974, also contains provisions making directors criminally liable.
The Online Safety Act 2023 introduced a host of new legal duties on technology companies and their senior managers. As we explained in our recent article, the Act provides for criminal sanctions against individuals who play a significant role in management and compliance, including directors. If a nominated senior manager fails to comply with an information notice from OFCOM, they risk being fined, imprisoned or both.
In addition, if a company is found to have engaged in a false communications offence which has been proven to have been committed with the consent of (or due to the negligence of) a director or other officer of the company, both the director and the company will be criminally liable. The Act also grants OFCOM wide-ranging powers, which include requiring officers to attend interviews when it is investigating potential failures to comply with the new regulation.
Directors in specific sectors face an additional layer of scrutiny from their regulators, such as the Financial Conduct Authority (FCA), Solicitors Regulation Authority (SRA), and the Institute of Chartered Accountants in England and Wales (ICAEW). These bodies regulate conduct both inside and outside of the workplace.
An ever-increasing range of behaviours on the part of senior regulated individuals will now be subjected to regulator scrutiny, since the clear overall trend is towards a more interventionist approach. The FCA has, for example, made it clear that it considers non-financial misconduct as part of its remit and within the scope of its conduct rules. The ICAEW has, similarly, removed the public interest requirement for members to report acts of misconduct which could adversely affect the good name of the profession.
For FCA-regulated professionals, the Senior Managers Regime reinforces the accountability of those at the top, whilst the regulatory references regime limits the ability of a director who has been found to have committed misconduct to start afresh at a new organisation, meaning the risk of career-long losses is magnified.
Yet another area in which directors and senior executives face additional risks is employment law. In many statutory employment claims, such as discrimination, harassment and whistleblowing, it is possible for an employee to sue both the company that employs them and the individuals who they (rightly or wrongly) consider to have been responsible for the acts complained of.
The inclusion of one or more directors as individual respondents to an employment tribunal claim leaves them at risk of being personally liable to pay uncapped compensation to a successful claimant.
Perhaps the most overlooked risk areas for directors and senior executives are not legal at all.
In the 21st-century business environment, media scrutiny and online engagement mean the reputational consequences of a director’s actions will emerge much faster than any legal ramifications following the conclusion of due process.
This new reality can be observed with only a cursory glance at the recent news around the Post Office scandal, where the power of the media led to significant reputational issues for those involved with the business. The Financial Times went as far as listing the directors at the Post Office who were in office whilst the flawed prosecutions were brought against hundreds of sub-postmasters. Paula Vennells, the Post Office’s Chief Executive from 2012 to 2019, offered to hand back the CBE she received at the end of her tenure.
Equally, directors with a robust management style – in particular those who will have been brought in to shake up an organisation’s existing practices – should be conscious of the risk that the incumbents within the business consider their approach to amount to bullying. Such accusations, and even mere suspicions, can have a highly damaging reputational effect. As there is no specific legal claim for bullying, these sorts of allegations can often remain dormant until the accused has already entered the public eye for other reasons.
Non-executive appointments are an attractive proposition for experienced businesspeople, but they come with risks, particularly in sectors with a high degree of public scrutiny.
Although the legal position of a NED will largely be the same as an executive director, these appointments also come with the additional issue of needing to ensure that you are sufficiently apprised of the activities of the executives and able to access the necessary information regarding the company’s position. This not only includes its key financial metrics, but also its commercial arrangements with clients and suppliers and other important business risk areas, such as the details of litigation involving the company.
The key dos and don’ts for NEDs (and those considering becoming a NED) to consider include:
If you have any questions about these issues, please contact a member of the team or speak to your usual Fox Williams contact.