No longer simply legal advisers for their respective governors, state attorneys general are increasingly taking an offensive position, bringing lawsuits against companies and executives they accuse of bad conduct. A team of attorneys from Troutman Pepper, led by Clayton Friedman and Trey Smith, explore recent cases and how executives can strengthen the corporate veil.
A few big headlines aside, executives at large companies have rarely been prosecuted criminally for corporate conduct. Even civilly, executives have historically avoided suit unless there was a clear case of alter-ego liability (i.e., the individual and the company were not truly separate), and those claims were generally reserved for closely held entities rather than executives of high-profile companies.
State attorneys general have recently been more willing to bring suits individually against officers and directors of well-known corporate brands. The goal in these suits is often not to collect on a judgment but to send a message that state attorneys general will use their enforcement authority to hold executives accountable for perceived wrongdoing.
State attorneys general are starting to pursue corporate executives
A look at some of the recent cases state attorneys general have brought demonstrates the trend. Last year, then-D.C. Attorney General Karl Racine sued Meta founder Mark Zuckerberg, alleging he was directly involved in a data breach. He also sued Washington Commanders owner Dan Snyder, the NFL and league commissioner Roger Goodell, claiming the team and the NFL colluded to deceive residents about an investigation into the team. In both cases, Racine alleged violations of the Consumer Procedure Protection Act, which prohibits unfair and deceptive trade practices in connection with the offer, sale and supply of consumer goods.
Like Racine, New York Attorney General Letitia James also brought a series of high-profile lawsuits against company directors, including actions against the former CEO of a now-bankrupt cryptocurrency company, a former president and his adult children and the chief executive officer and chairman of the board of a large international media company.
The uptick in suits against executives is best explained by the expanding presence state attorneys general have grown over the past few decades. Historically, attorneys general primarily provided legal advice to governors and state agencies. However, over the past few decades, attorneys general have emerged as the state’s primary consumer protection enforcers, taking an expansive view of both their common law and statutory authority.
This transformation has led to states bringing an ever-increasing number of lawsuits, resulting in multimillion-dollar settlements that have increased resources to attorney general offices.
AGs may struggle to overcome procedural hurdles but have other tools at their disposal
There are some challenges, though, when state attorneys general attempt to secure judgments against corporate executives, including a lack of personal jurisdiction. For example, the Colorado Supreme Court recently ruled that the state courts did not acquire personal jurisdiction over the executives of ecigarette company JUUL because (1) the district court failed to consider an individualized assessment of each defendant’s action (and instead based its determinations on allegations against the corporation as a whole); and (2) the attorney general failed to allege facts sufficient to show that the executives were primary participants in conduct that they personally directed at Colorado.
North Carolina Attorney General Josh Stein brought a similar suit against these executives. The suit also failed for lack of personal jurisdiction. The North Carolina court held that the complaint failed to allege how the defendants’ individual conduct connected to North Carolina, finding the corporation’s contacts with the state could not be attributed to the defendants personally. However, executives should note that defeating state attorneys’ general suits is typically the exception, not the rule.
How to avoid being sued personally
Implement and follow a comprehensive compliance program
It may seem obvious, but the best way an executive can avoid scrutiny is by scrupulously following all laws. While corporate separateness will typically protect executives from personal liability, courts may pierce the corporate veil if an executive uses the corporate entity as a device or sham to perpetrate wrongs, fraud or injustice.
Directors can also face criminal liability for misstatements, misrepresentations, fraudulent conveyances, undercapitalization and other crimes. The best way to avoid these situations is to develop, implement and follow a comprehensive compliance program with checks on executive power.
Indeed, having an “effective compliance and ethics program” in effect at the time an offense occurs can result in decreased fines under the federal sentencing guidelines for organizations. Moreover, if regulators decide to open an investigation into a corporation, one of the most significant factors they will consider in deciding whether to bring claims against the company is whether it has a compliance program in place. A program consistent with the sentencing guidelines would help shield or contain exposure.
Further, as discussed below, directors and officers have corporate duties of care and loyalty to their companies. Given that Delaware courts have ruled that corporate management has a duty to implement a compliance system (on account of the sentencing guidelines), executives should ensure an effective compliance program is in place.
Keep a separate identity from the corporate entity
Directors, officers and shareholders should separate themselves from the corporation and comply with all incorporation documents and bylaws. There are a few key considerations in this regard. First, individuals should keep business finances separate from their personal finances, making sure to keep a separate bank account and accounting records for the business. Second, the company must follow all rules to maintain its legal identity, including having owner meetings, maintaining meeting minutes and keeping active board members. Third, directors and officers should have clearly defined roles — and should exercise their control of the business exclusively within those roles, towards proper business objectives.
Make full disclosures to third parties
In dealing with third parties, executives should ensure everyone they are dealing with knows they are dealing with a separate legal entity rather than an individual. This particularly applies to business partners, lenders, clients and service providers, who in any potential dispute may claim that the individual’s use of a limited liability entity perpetrated a fraud on them. If this were to happen, a court would likely pierce the corporate veil and hold the director or executive liable.
Be aware of your corporate duties
Business leaders should carefully observe the legal duties owed to their enterprises. The duty of care requires executives to make informed business decisions. While the business judgment rule typically protects “bad” decisions, it does not protect uninformed ones. Accordingly, business leaders should ensure they are adequately informed before making a decision that could affect the company.
The duty of loyalty requires directors to act in good faith to advance the corporation’s best interests and avoid injury to the corporation. It also requires directors to disregard their self-interests to advance the corporation’s interests. Accordingly, unless complete disclosures are made, business executives should avoid transacting with the corporation or usurping business opportunities that properly belong to the corporation.
Clayton Friedman 
Trey Smith 
