Officer May Have Liability for Ignoring “Red Flags” of Sexual Harassment Problem at the Company (Under Caremark)—and for His Own Sexual Harassment (as a Duty of Loyalty Violation)—McDonald’s

In In re McDonald’s Corporation Stockholder Derivative Litigation (Jan. 25, 2023), the Delaware Court of Chancery rejected dismissal of Caremark claims against an ex-officer of McDonald’s Corporation for failing to have exercised oversight of the risk of sexual harassment of company employees. The court, at the pleading stage of litigation, held that the officer, who was McDonald’s Executive Vice President and Global Chief of People, had a fiduciary duty to oversee risks associated with sexual harassment. The court found it reasonably conceivable (the standard of proof at the pleading stage): (i) that the officer had ignored red flags that sexual harassment was occurring at the company; and, (ii) as he himself allegedly had engaged in sexual harassment of employees, that he had ignored those red flags consciously (i.e., with bad faith intent). In addition, the court found that, as the officer’s alleged sexual harassment of employees was not in the best interests of the company, he may have breached his fiduciary duty of loyalty.

With this decision, the court has, for the first time, clarified that Caremark duties apply not just to directors but also to officers. Also, the decision establishes that the court will hear sexual harassment (and other) claims to the extent that the plaintiff adequately pleads that the acts constitute breaches of Caremark duties (i.e., the duty to oversee corporate risks) or, more generally, the duty of loyalty (i.e., the duty to act in the best interests of the corporation rather than one’s self-interest).

Key Points

• The court, for the first time, clarified that officers have Caremark duties. While officers generally have been considered to have fiduciary duties equivalent to those of directors, it has been an open issue whether officers have, specifically, Caremark duties (which to date have implicated a board’s responsibility for oversight). In this decision, the court held that officers can be liable under Caremark for their bad faith failure in their role in the oversight process. That is, officers have (i) a duty to seek to ensure that the company has information and reporting systems so that management and the board can address the critical risks facing the company, and (ii) a duty not to consciously ignore red flags that the company may suffer harm arising from such risks.
• An officer’s duty of oversight generally extends only to those issues within the sphere of his or her responsibility—however, the court stated, an officer may have a duty not to ignore “a particularly egregious red flag, even it [falls] outside the officer’s domain.”
• The court found it reasonable to infer, based on an officer having engaged in acts of sexual harassment, that he may have consciously (i.e., with bad faith) ignored red flags about similar behavior in others. Thus, at the pleading stage of litigation, the court may, as it did in this case, presume that an officer who engaged in harassment also breached his Caremark duties.
• It bears emphasis that, for a plaintiff to succeed on a Caremark claim, the defendant (whether a director or an officer) must have breached the duty of loyalty—i.e., must have acted with “bad faith intent” (scienter). Thus, it remains very difficult for a plaintiff to succeed on a Caremark claim. The court rejected the plaintiffs’ argument that officers should be subject to a less protective standard under Caremark (namely, gross negligence, without a requirement for a duty of loyalty violation) than applies to directors.
• Sexual harassment by an officer constitutes a breach of the duty of loyalty. As an officer has an obligation to act in the company’s best interests, and, as harassment constitutes “reprehensible conduct for selfish reasons,” a fiduciary who engaged in sexual harassment acted in bad faith and breached the duty of loyalty, the court held. Although sexual harassment has generally been thought of as an employment-style claim rather than a fiduciary claim, the court rejected the defendant’s argument that, as a policy matter, a claim for breach of fiduciary duty should not extend to acts of sexual harassment.
• The alleged context was egregious. Notably, in this case, involving one of the largest employers in the world, the context, as alleged, included: a pervasive “toxic culture” at the company; excessive alcohol use and a “party atmosphere” instigated by the two defendants (who were the CEO, and the global head of human resources); widespread sexual harassment (including assault and rape) of most of the women at the company and its restaurants in the U.S.; numerous employee complaints, made internally and to the EEOC, as well as related employee walkouts and strikes in multiple cities in the U.S.; retaliation for complaints made; and numerous instances of sexual harassment or assault by the head of human resources, which ultimately led to his termination for cause.

Background. After “SE” was installed as CEO of McDonald’s, he promoted “DF” to be Executive Vice President and Global Chief of People. SE and DF, allegedly, were very friendly with each other and together engaged in and promoted a party-type atmosphere, with excessive drinking and sexual harassment, at the company and its restaurants. In October 2016, more than a dozen company employees filed complaints with the EEOC alleging sexual harassment and retaliation. Also that month, company employees engaged in a walkout in over thirty U.S. cities to draw attention to the EEOC complaints. In May 2018, the company faced another round of EEOC complaints relating to specific instances of misconduct and claims that the human resources function had “turned a blind eye” to harassment issues throughout the company. In September 2018, company employees from ten cities organized a one-day strike to protest sexual harassment at the company and the management’s failure to address it. These events were covered in the national media and, in December 2018, prompted inquiries to the company from lawmakers.

Also in December 2018, the board received reports of sexual harassment and assault by DF himself, which acts had been verified by the company’s Compliance Department. The board’s Audit Committee, following SE’s recommendation, did not follow its policy of zero-tolerance for sexual harassment and, instead, permitted DF to continue in his position, but cut his bonus and had him sign a letter in which he acknowledged that his conduct had violated company policy and harmed the company and he agreed that he would cease the misconduct. Starting in 2019, the company, with the board’s involvement, as well as DF’s participation, took actions to strengthen its programs and policies regarding sexual harassment.

In October 2019, the board, after learning that SE was engaged in a prohibited relationship with a company employee, negotiated a separation agreement with him and terminated his employment without cause. A few days later, the board addressed unspecified issues relating to DF’s employment and terminated his employment for cause.

In November 2019 and April 2020, company employees brought class action lawsuits alleging systemic, pervasive problems with sexual harassment (including assault and rape); a general lack of sexual harassment training; general refusal of the human resources department under DF to help workers relating to these issues; and retaliation against employees making complaints. Employee surveys indicated that more than 75% of women employees (and even higher numbers at corporate-owned restaurants as compared to franchised restaurants) had suffered both sexual harassment at the company and retaliation for reporting it.

In this decision, the court addressed the claims against DF. Vice Chancellor Laster rejected dismissal of the claims against DF for (i) breach of his oversight duty, under Caremark, with respect to sexual harassment, and (ii) breach of his duty of loyalty, based on the acts of sexual harassment in which he had engaged.

Discussion

Caremark claims and officers’ duty of oversight. It has been well-established that, to plead a Caremark claim, a plaintiff must allege particularized facts supporting a reasonable inference that the company’s directors either (a) “utterly failed to implement any reporting or information system or controls” with respect to the company’s critical risks (a “prong-one” or “information systems” Caremark claim); or (b) “having implemented such a system or controls, consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention” (a “prong-two” or “red flags” Caremark claim). The court, acknowledging that no Delaware decision has explicitly stated that officers owe a duty of oversight, cited “diverse authorities” as indicating that officers do owe a fiduciary duty of oversight “as to matters within their areas of responsibility.” The court noted the following: “the reasoning of the original Caremark opinion, the Delaware Supreme Court’s holding that the duties of officers are the same as the duties of directors, decisions from other jurisdictions and academic commentary, and the additional duties that officers owe as agents.”

The scope of officers’ duty of oversight. The court observed that “the situational application” of oversight duties will be different for officers than they are for directors, as officers “regularly operate in different contexts than directors.” A board has “oversight duties regarding the corporation as a whole,” as a CEO and Chief Compliance Officer likely do as well, the court stated; however, “other officers generally have a more constrained area of authority” and thus “a constrained version” of the duty of oversight. For example, the court explained, a CFO is responsible for financial oversight and a CLO for legal oversight. Officers generally will be responsible for implementing information systems and addressing or reporting red flags only within their areas of responsibility. However, the court wrote: “If a red flag is sufficiently prominent…then any officer might have a duty to report upward about it. [For example,] [a]n officer who receives credible information indicating that the corporation is violating the law cannot turn a blind eye and dismiss the issue as ‘not in my area.’”

The standard of liability for officers under Caremark. The court held that “oversight liability for officers requires a showing of bad faith”—that is, for Caremark liability, an officer, like a director, “must consciously fail to make a good faith effort to establish information systems, or must consciously ignore red flags.” The court rejected the argument that officers should be subject to a less protective standard than directors, which would provide for liability in the event of their breach of the duty of care (i.e., gross negligence) without a requirement for breach of the duty of loyalty (i.e., bad faith intent). The court explained that arguments in favor of a less protective standard for officers generally emphasize that “officers are full-time employees who are deeply involved in corporate decision-making on a daily basis”; have “greater knowledge” about the areas under their control than directors do; and are paid significantly more than directors “for doing their job.” The court found more persuasive, however, the arguments in favor of a standard for officers that is equivalent to the standard for directors. These arguments focus on the need to encourage capable people to serve as officers; “the risk of hindsight bias in judicial decision-making”; the “relative incompetence of judges in assessing business decisions”; and the potential for a “disproportionate level of liability” to an individual for harm to a large enterprise. The court observed that this approach is consistent with the recently adopted legislation permitting corporations to provide in their charters for exculpation of officers for duty of care violations under certain circumstances (whereas previously only exculpation of directors was permitted).

Caremark claims based on a failure of oversight of sexual harassment. The court noted that an officer’s failure to take action to address sexual harassment (or other misconduct) had to be “sufficiently sustained, systematic, or striking to constitute action in bad faith.” The plaintiffs claimed that DF permitted “a toxic culture to develop” at the company and “turned a blind eye to sexual harassment and misconduct.” The plaintiffs cited a series of events as red flags evidencing that “growing culture” and DF’s role in it. The court agreed that these allegations supported that DF knew about, and ignored, red flags. As Global Chief People Officer, the court noted, DF “was supposed to have his ear to the ground and be knowledgeable about the Company’s employees.” The court stated that, “[f]or someone in [DF’s] position,” the EEOC complaints and related walkout were “massive red flags,” and, moreover, they were followed by additional EEOC complaints and a related strike, which constituted “another set of red flags”—based on which DF “should have been figuring out whether something was seriously wrong and either addressing it or reporting upward to the CEO and the directors.”

The requirement of bad faith (i.e., conscious disregard of the red flags). The court found it reasonable to infer that DF had “consciously” ignored the red flags. First, allegedly (and as confirmed by the company’s Compliance Department), DF himself had engaged in multiple acts of sexual harassment—including after the first EEOC complaints and walkout; then, again, after the second set of EEOC complaints and the strike; and then, again, after he and management had spent a year focusing on addressing the company’s problems with sexual harassment. The court wrote: “When considering whether a defendant consciously ignored red flags regarding a culture of sexual harassment and misconduct, it is reasonable to give weight to the fact that the defendant himself committed multiple acts of sexual harassment, including repeating the behavior after being disciplined and given a last chance. It is reasonable to infer that such an individual could consciously turn a blind eye to red flags about similar conduct by others.” Second, allegedly, under DF’s watch, the human resources department ignored complaints about sexual harassment and misconduct and employees’ fear of retaliation for reporting complaints to the department. “Those allegations support the inference that, as a serial harasser, [DF] was consciously failing to do what he should have done to address problems with sexual harassment and misconduct,” the court wrote. Third, there was no evidence from the books and records produced by the company for the stockholders’ Section 220 investigation indicating that DF had taken action to report sexual harassment or misconduct issues to the board until June 2019. The court concluded that it was reasonable to infer “that [DF]’s acts of sexual harassment constituted knowing misconduct.”

Potential Caremark liability while an officer addresses previously ignored risks. The court concluded that, with respect to DF’s actions in 2019 and thereafter, when he was involved with the board’s and management’s efforts to address the sexual harassment problems, it was not possible, at the pleading stage, to decide whether or not he might have liability for actions taken during that time. It was “possible” that his participation in the remediation efforts had involved just “going through the motions of assisting his colleagues” to address the sexual harassment problem while in reality “continuing to turn a blind eye” to the problem, the court observed. That possibility, and other permissible inferences from the remediation efforts DF made from early 2019 through termination of his employment in late 2019, could be resolved only at trial.

Sexual harassment as a duty of loyalty violation. The court held that the claims against DF for his own acts of sexual harassment constituted claims for breach of his duty of loyalty. The court stated that fiduciaries must act in the best interests of the corporation, and that they act in bad faith when engaged in “intentional dereliction of duty or a conscious disregard for [their] responsibilities.” When DF engaged in sexual harassment, he was “intentionally act[ing] with a purpose other than that of advancing the best interests of the corporation,” the court wrote. “It is not reasonable to infer that [DF] acted in good faith and remained loyal to the Company while committing acts of sexual harassment, violating company policy, violating positive law, and subjecting the Company to liability.”

The court observed that “some might question as a matter of policy whether a claim for breach of fiduciary duty should extend to acts of sexual harassment”—as a corporation can terminate the offending employee; there often will be a claim for breach of an employment agreement; and the victims can pursue remedies under federal and state law. “Some might ask whether the Court of Chancery should be hearing sexual harassment claims and worry that recognizing such a claim will open the floodgates to employment-style litigation,” the court wrote. The court rejected this concern, stating, first, that “a flood of new employment-style claims seems unlikely,” as, “like an oversight claim, a claim for breach of duty based on [an] officer’s own acts of sexual harassment is derivative, so all of the protections associated with derivative claims apply.” Second, the court stated, such a claim is not one that a victim has standing to bring against a solvent corporation. “Until a victim obtains a judgment against the corporation, the victim is a contingent creditor, and after judgment, an actual creditor.” Third, the court stated that a claim for breach of fiduciary duty “is…not duplicative of other remedies.” Indeed, the court observed: “In many cases, a claim for breach of an employment agreement may be a possible cause of action, but not all fiduciaries have employment agreements. Directors rarely do. If an officer or director personally engages in acts of sexual harassment, and if the entity suffers harm, then either the governing body of the entity (or, if necessary, a plaintiff acting properly on its behalf) should be able to assert a claim for breach of fiduciary duty in an effort to shift the loss that the entity suffered to the human actor who caused it.” The court concluded: “Sexual harassment is bad faith conduct. Bad faith conduct is disloyal conduct. Disloyal conduct is actionable.”

Practice Points

• It is uncertain how sweeping the impact of the decision will be. First, presumably, the holding that officers in charge of employees’ welfare have a duty of oversight with respect to sexual harassment problems at a company likely would apply to any type of material harassment or discriminatory behavior (based on, for example, race, religion or sexual or gender orientation). Further, conceivably, based on the court’s discussion as to reasonable inference of a breach of the duty of loyalty based on an officer’s sexual misconduct at the company, any director or officer that violates law or company policy, such that the company is harmed, could have potential liability for breach of the duty of loyalty.
• Companies should consider reviewing the compliance risks the company faces, their compliance policies, and the company’s oversight procedures, including the reporting chains of command. Officers should be made aware, and reminded, that they have oversight responsibility (and potential liability under Caremark) for their role in the oversight process even though the board has ultimate responsibility for oversight. Also, officers should be made aware that, while their oversight responsibility generally extends only to the issues within their respective domains (e.g., financial issues for the CFO; legal issues for the CLO), they may have an obligation to report “up the chain” if they become aware of particularly egregious red flags even outside their own domain. Companies should consider implementing training programs, or reviewing existing training programs, with respect to key compliance matters.
• Boards should keep in mind the risks that may be associated with departing from an existing zero-tolerance policy with respect to compliance with sexual harassment or similar policies. A board generally should consider, and document, its reasons for making an exception to a zero-tolerance policy.
• Companies with high-profile exposure to the public should be particularly sensitive to the risks associated with bad publicity arising from material sexual harassment, discrimination, or other non-compliance problems at the company. Also, these issues may be more acute at companies (such as McDonald’s) with a large proportion of women and/or young employees.