Are directors right to be concerned about personal liability?
The concept of directors’ liability is nothing new. But as more pressure is being put on management to protect its organisation against the risks presented by ever developing challenges including cybercrime and GDPR, in addition to regulators and legislators calling for greater board accountability, the personal exposure of directors has rightly become more of a concern in the boardroom.
Will a director ever be personally liable?
It is a fundamental principle of English law that a limited company is a distinct legal entity from its directors and shareholders. In theory, this means that despite being responsible for making the day-to-day decisions and running the company, directors would not usually be liable for any obligations, debts and legal action.
However, there are circumstances in which a director can be held personally liable. In fact, under the Companies Act 2006 alone there are over 200 offences for which a director in the UK may be held personally liable. In addition to other legislation, offences include those relating to bribery, GDPR and data protection, health and safety, discrimination, financial reporting requirements and general mismanagement.
By way of a recent example, amendments to the Privacy and Electronic Regulations which came in to force in December 2018 allow directors to be fined up to £500,000 for breach of the rules on the use of automated calling systems and unsolicited direct marketing.
Directors need to be alert to these risks and not simply assume that they are as protected as they may once have been.
Where there is blame…
These days, when something goes wrong, people quickly look for someone to blame and often it is not enough to blame a faceless organisation. As such, naturally, a claimant will look behind that organisation in order to find an individual or group of individuals to claim against instead.
Living in a world of consumer journalism and social media does not help in this situation either and we often see irate individuals jumping online to tell the world what has gone wrong before seeking legal advice or talking to the individuals concerned. In these situations, directors not only have to consider the implications of a potential claim but they need to manage both their reputation and that of their organisation, both of which can be irreparably damaged online within moments.
What can directors do?
- Understand what risks you face by playing out the potential situations which might involve personal liability. If you are aware of those risks, you can do what you can to mitigate them.
- Stay in control – do you know what decisions are being made by your fellow directors? If not, why not?
- Guard against the possible consequences of insolvency. Always be aware of your organisation’s financial position and be reactive to changes.
- If a previous business has failed, seek professional advice before starting a new one.
- Be careful about what comments or promises you make which the receiving party might rely on, especially if it involves assurances about the financial position of your organisation.
- Ensure your organisation does not fall foul of sanctions regimes – do you have a sanctions specialist? If not, should you?
- Take time to brush up on your duties as a director in order to avoid risking a breach.
- Consider taking out directors’ liability insurance.
With board members increasingly taking on more responsibility for decision making and policy implementation, the risk of personal liability will inevitably increase with it. Whilst the principle of separate legal personality still exists, there are numerous ways in which directors may still end up being personally liable, directly or indirectly, for actions that may in previous years have been brought against the company.
With claimants now more aware of their rights and apparently less concerned about the costs and difficulties involved in bringing claims, directors are right to be wary and should be doing what they can to understand the risks and mitigating them where possible.