SF Chronicle article – says new investigation report states that UC interfered with state internal auditor’s audit

Note: I have also posted this discussion to http://auditcommitteeupdate.com

Click on the link below for the Chronicle’s story, stating that a new investigation report concludes that UC interfered with the state internal auditor’s audit of UC, including changing survey answers or results. I have previously blogged about the state auditor’s audit of UC, and, frankly, as an ex-auditor and after having been involved in litigation as an attorney for many, many years, I was and still am complimentary that the state auditor held her ground and called thing as she believed them to be – that can be a tough situation to be in, and I would be interested to hear whether the state auditor herself felt any pressure from any sources.

Let me also add that I have heard stories for years about internal auditors and compliance professionals, and also, sometimes, external auditors, who have felt pressure to conduct their activities, or to report findings, in a manner that was contrary to how they thought a particular matter should be handled or reported.

It is my understanding that the investigation report will be coming out, perhaps today. I haven’t seen the actual investigation report – I always like to see the actual source information or document – too much “news” today is skewed with intentional or unintentional bias, or is incorrectly reported, or is reported in a summary manner that causes the “news” to not be correct or to be misleading, or is reported with an objective in mind, or uses adjectives instead of facts and evidence, or is anonymous or from anonymous sources, or is really more opinion than facts and evidence (“opinion-jour”), etc. And there are always two sides to a story, and sometimes three, four, or more sides. There was a saying several years ago, trust but verify. I believe the options are: (1) trust and don’t verify, (2) trust but verify, (3) question but verify, or be skeptical but verify, and (4) don’t trust but verify, or distrust and verify. I’m at least at (3), and often at (4). Below is the link to the Chronicle article:

http://www.sfchronicle.com/bayarea/article/Report-says-UC-president-s-office-improperly-12358268.php

That’s all for now. Of course, each situation is different.

David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in northern and southern California. http://rroyselaw.com

Royse Law Firm – Practice Area Overview – San Francisco Bay Area and Los Angeles Basin

  • Corporate and Securities, Financing and Formation
  • Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
  • Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  • International
  • Immigration
  • Mergers & Acquisitions
  • Labor and Employment
  • Litigation (I broke out the litigation because this is my primary area of practice)
  •             Business
  •             Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  •             Trade Secrets, NDA, Accounting Issues, Fraud, Lost Income, Royalties, Etc.
  •             Privacy, Internet, Hacking, Speech, Etc.
  •             Labor and Employment
  •             Mergers & Acquisitions
  •             Real Estate
  •             Owner, Founder, Investor, Board & Committee, Shareholder, D&O, Etc.
  •             Insurance Coverage and Bad Faith
  •             Lender/Debtor
  •             Investigations
  •             Trust, Estate, Conservatorship, Elder Abuse, and Contentious Administrations
  • Real Estate
  • Tax (US and International) and Tax Litigation
  • Technology Companies and Transactions Including AgTech, HealthTech, Etc.
  • Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

Audit Committee 5 Lines of Defense 10222017 David W. Tate, Esq. jpg

 

Claim for violation of nondisclosure agreement must establish that the information disclosed was true

Nondisclosure agreements are in the news. Here’s an interesting aspect of making a claim that a nondisclosure agreement was violated – plaintiff’s claim for violation of a nondisclosure agreement must establish that the alleged wrongful disclosure was of confidential but true information, which was covered by the nondisclosure agreement. Of course, there are also other important issues relating to whether or not a nondisclosure agreement was breached – such as, for example, whether the holder of the privilege (e.g., the plaintiff employer) can actually prevent the disclosure, or reporting of the information to all sources or just some sources (such as, for example, to the police or to a regulatory entity or to the board of directors, compared to the press or the public), or whether, regardless of the existence of the nondisclosure agreement, the person disclosing the information has standing and a right to bring a legal action relative to the event or occurrence from which the information arose (such as, for example, in a situation of alleged unlawful discrimination or harassment).

See, e.g., Glassdoor, Inc. v. Superior Court (2017) 9 cal. App. 5th 623, which held:

“An employer cannot establish a claim for breach of a nondisclosure agreement unless it is prepared to prove, and does prove, that the defendant disclosed actual confidential information, i.e., that his or her statements were, in some relevant degree, true. Nothing in this record would sustain a finding that the CEO’s statements—reported by Doe inaccurately, according to MZ—had this effect.

MZ’s hesitation on this point may be understandable, because Doe’s supposed disclosures do not cast MZ in a favorable light. But MZ cannot be excused from the requisite showing merely because proving a prima facie case might be embarrassing to it. If Doe accurately disclosed company policy, or the CEO’s statements regarding that policy, it was incumbent upon MZ to present evidence to that effect. Instead it denied the accuracy of Doe’s report without identifying any real confidential information it might be understood to have disclosed. MZ therefore failed to establish a prima facie case predicated on Doe’s account of the CEO’s statements.”

As an additional requirement, in trade secret cases the holder of the secret (e.g., the plaintiff employer) is required to describe the trade secret so that the court and the defendant are sufficiently apprised of the confidential information that is alleged to have been wrongfully disclosed – thus, since the disclosure of that confidential information by the holder of the secret would mean that the trade secret information is no longer secret and would therefore invalidate the holder’s entire case of trade secret secrecy, keeping that information confidential, while also sufficiently disclosing that information to the court and to the defendant is a requirement that must be carefully accomplished. Thus, for example, for California state court nondisclosure and trade secret cases, see also Cal. Civ. Code §3426.5, which states in part that the Uniform Trade Secrets Act, requires the trial court to “preserve the secrecy of an alleged trade secret by reasonable means, which may include granting protective orders in connection with discovery proceedings, holding in-camera hearings, sealing the records of the action, and ordering any person involved in the litigation not to disclose an alleged trade secret without prior court approval.”

That’s all for now. Of course, each situation is different.

David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in northern and southern California. http://rroyselaw.com

Royse Law Firm – Practice Area Overview – San Francisco Bay Area and Los Angeles Basin

  • Corporate and Securities, Financing and Formation
  • Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
  • Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  • International
  • Immigration
  • Mergers & Acquisitions
  • Labor and Employment
  • Litigation (I broke out the litigation because this is my primary area of practice)
  •             Business
  •             Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  •             Trade Secrets, NDA, Accounting Issues, Fraud, Lost Income, Royalties, Etc.
  •             Privacy, Internet, Hacking, Speech, Etc.
  •             Labor and Employment
  •             Mergers & Acquisitions
  •             Real Estate
  •             Owner, Founder, Investor, Board & Committee, Shareholder, D&O, Etc.
  •             Insurance Coverage and Bad Faith
  •             Lender/Debtor
  •             Investigations
  •             Trust, Estate, Conservatorship, Elder Abuse, and Contentious Administrations
  • Real Estate
  • Tax (US and International) and Tax Litigation
  • Technology Companies and Transactions Including AgTech, HealthTech, Etc.
  • Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

 

Help with workplace investigations

The following are some comments in guidance about workplace investigations. We are currently seeing a lot in the news about situations where investigations did not occur, and also apparently where possible situations of unlawful activity occurred but were not reported (although in some situations knowledge of possible unlawful activity might had been widely known). And these issues don’t simply reflect on the victim and the accused, but clearly also reflect on the business, nonprofit or governmental entity at issue, and, variously depending on the situation, elected representatives, executive officers, boards of directors and the board committees, general counsel, compliance and ethics professionals, HR, perhaps internal audit and even the external auditor, etc., and throughout the entire organization. In recent prior posts you can also see discussions about the new COSO ERM framework which lists culture and governance as the first category of enterprise risk management.

An employer has a duty to take reasonable steps to prevent harassment, discrimination, and unlawful employment practices, and to correct inappropriate workplace behavior. See, i.e., Cal. Gov. Code §12940(k); and 29 CFR 1604.11(d). An employer can be liable for the failure to investigate, at least if there was underlying unlawful activity. And failure to investigate can be considered ratification of the unlawful activity.

In appropriate circumstances on a claim of wrongful termination by the alleged wrongdoer, when the terminated, wrongdoer employee did engage in unlawful behavior, the question can become whether the employer acted appropriately and in good faith after conducting a reasonable investigation, and based on a reasonable belief in that investigation – in other words, the reasonableness of the employer’s investigation can become the standard by which the employer is judged for alleged wrongful termination liability purposes.

So . . . the following are some of the issues and steps to consider or follow when determining whether the employer’s investigation of the conduct and situation was reasonable, and whether the employer had a reasonable belief in that investigation – did the employer:

  • Take the complaint of wrongdoing seriously;
  • Maintain confidentiality of the situation to the extent reasonably possible;
  • Conduct a timely investigation, promptly after receiving the complaint of wrongdoing;
  • Have the investigation performed by an investigator who is competent and knowledgeable about the relevant issues, and also how to conduct investigations, investigation techniques, evidence, writing reports and opinions, and oral communications and testimony (also, note issues that might be present if the investigation is performed by an attorney for whom attorney client or work product privileges might be claimed – in short, don’t use an investigator in which these issues might be present);
  • Follow appropriate complaint investigation procedures;
  • Listen to and treat both sides fairly and equally;
  • Obtain and understand the claims that are being made;
  • Give the alleged wrongdoer fair notice of the claims being made;
  • Provide the alleged wrongdoer with ample opportunity to offer evidence in his or her defense, including what occurred or not, documents that might be relevant, and the names of and information about witnesses who he or she believes can provide relevant comments about the alleged occurrence(s);
  • Have the investigator conduct a thorough investigation, under the circumstances (note that in some circumstances courts have held that the investigation need not necessarily be perfect, but it should be sufficient, reasonable and thorough under the exigencies and circumstances at hand without the benefit of full discovery or a trial);
  • Implement progressive discipline if appropriate; and
  • Have the investigator prepare a well-reasoned report and conclusion, supported by and based on objective evidence.

That’s all for now. Of course, each situation is different, and on many of the above points courts and regulatory agencies have provided additional guidance.

David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in northern and southern California. http://rroyselaw.com  

Royse Law Firm – Practice Area Overview – San Francisco Bay Area and Los Angeles Basin

  • Corporate and Securities, Financing and Formation
  • Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
  • Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  • International
  • Immigration
  • Mergers & Acquisitions
  • Labor and Employment
  • Litigation (I broke out the litigation because this is my primary area of practice)
  •             Business
  •             Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  •             Trade Secrets, NDA, Accounting Issues, Fraud, Lost Income, Royalties, Etc.
  •             Privacy, Internet, Hacking, Speech, Etc.
  •             Labor and Employment
  •             Mergers & Acquisitions
  •             Real Estate
  •             Owner, Founder, Investor, Board & Committee, Shareholder, D&O, Etc.
  •             Insurance Coverage and Bad Faith
  •             Lender/Debtor
  •             Investigations
  •             Trust, Estate, Conservatorship, Elder Abuse, and Contentious Administrations
  • Real Estate
  • Tax (US and International) and Tax Litigation
  • Technology Companies and Transactions Including AgTech, HealthTech, Etc.
  • Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

 

 

 

Updated of possible risk management process summary chart

I have updated my summary risk management process chart, and I have provided the chart below. The chart generally follows the new COSO ERM framework (see also below), with some additional tweaks. You can find additional discussions about the COSO ERM framework in earlier posts.

Thank you. David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in northern and southern California, http://rroyselaw.com

Overview of Possible Risk Management Process 11122017

 

Royse Law Firm – Practice Area Overview – San Francisco Bay Area and Los Angeles Basin

  • Corporate and Securities, Financing and Formation
  • Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
  • Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  • International
  • Immigration
  • Mergers & Acquisitions
  • Labor and Employment
  • Litigation (I broke out the litigation because this is my primary area of practice)
  •             Business
  •             Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  •             Trade Secrets, NDA, Accounting Issues, Fraud, Lost Income, Royalties, Etc.
  •             Privacy, Internet, Hacking, Speech, Etc.
  •             Labor and Employment
  •             Mergers & Acquisitions
  •             Real Estate
  •             Owner, Founder, Investor, Board & Committee, Shareholder, D&O, Etc.
  •             Insurance Coverage and Bad Faith
  •             Lender/Debtor
  •             Investigations
  •             Trust, Estate, Conservatorship, Elder Abuse, and Contentious Administrations
  • Real Estate
  • Tax (US and International) and Tax Litigation
  • Technology Companies and Transactions Including AgTech, HealthTech, Etc.
  • Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

 

Good video about the GC relationship with the CEO, the Company and the Board – forwarding from Inside America’s Boardrooms

I have provided below a link to a recent Inside America’s Boardrooms video discussing the relationship between the general counsel (GC) and the CEO and the Board. You don’t hear these discussions very often. The GC represents the Company, not the CEO. But, of course, those common interests are most often aligned, but not always. The Board acts on behalf of the Company and the Shareholders, and as such you might say that the GC also represents the Board, but not the Board Members individually, and even this relationship between the GC and the Board can get sticky in some circumstances. This is a fascinating and important discussion.

Best to you, David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in both northern and southern California, http://rroyselaw.com/

 

Director, Officer and ERISA Liability – forwarding from Woodruff Sawyer

The following is a link to a series of posts (part 1) from Woodruff Sawyer discussing director, officer and ERISA liability. Woodruff Sawyer knows its stuff – good reading, Click Here For The Discussion

Best to you, David Tate, Esq., Royse Law Firm (Menlo Park, California office – with offices in northern and southern California – http://rroyselaw.com/

Help with culture oversight and ERM – possibly where to start

Now that oversight of the entity’s “culture” has reached the boardroom, where do you start if culture hasn’t really been on the radar? As you might know, for example, whereas the new COSO ERM framework lists culture and governance at step one, it doesn’t go into too much detail or guidance about what these might include, but leaves it for every organization to decide for itself what enterprise risk management will involve and include in these and other areas and steps. If the organization’s culture really hasn’t been on the radar, I suggest that you consider or start with the employee handbook and policies, and the code(s) of conduct – evaluate whether those are currently sufficient or need updating, and then run through the ERM process for the conduct described or listed. Of further interest, below I have pasted snapshots of a current NACD website page discussing culture (and that you can obtain a NACD discussion paper online), a summary of a possibly ERM process (significantly based on the new COSO ERM framework), some additional governance, ERM and audit committee items, and a link to a new Norman Marks discussion “Do we understand what a Risk Event is?

Thanks for reading, and best to you. David Tate, Esq., Royse Law Firm (Menlo Park, California, office)

Overview of Possible Risk Management Process 11122017

 

Norman Marks “Do we understand what a Risk Event is:  https://wordpress.com/read/feeds/254243/posts/1658495448

Audit Committee 5 Lines of Defense 10222017 David W. Tate, Esq. jpg

COSO Enterprise Risk Management Framework ERM Components and Principles

NIST Cybersecurity Framework Tiers Summary

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

That’s it for now. Thanks for reading. David Tate, Esq., Royse Law Firm, Menlo Park office, with offices in the San Francisco Bay Area and Los Angeles