In Tola v. Bryant, No. 16150, 2022 Cal. App. LEXIS 241 (Cal. App. Mar. 24, 2022), the First Appellate District of the California Court of Appeal applied Delaware’s new formulation of the test for determining whether a stockholder has standing to assert derivative claims on behalf of a company. Under the test articulated by the Delaware Supreme Court in United Food & Commercial Workers Union v. Zuckerberg, 262 A.3d 1034, 1058 (Del. 2021), a stockholder of a Delaware corporation has standing to assert derivative claims when the stockholder can plead particularized facts, on a director-by-director basis, demonstrating that at least half of the board in place at the time the complaint is filed:
- received a material personal benefit from the alleged misconduct that is the subject of the litigation;
- faces a substantial likelihood of liability on the claims asserted; or
- lack independence from someone who received a material personal benefit from the alleged misconduct or from someone who would face a substantial likelihood of liability on any of the claims.
The stockholder plaintiff in Tola failed to satisfy this standard. The Tola decision should help corporate counsel advise clients facing derivative lawsuits filed in the wake of operational problems.
Intel Corporation (“Intel”) is a Delaware corporation headquartered in California that designs and manufactures microprocessors. An Intel stockholder filed a derivative complaint alleging Intel’s management learned of two security vulnerabilities in its microchips, but kept this information under wraps for six months, until eventually disclosing the vulnerabilities in response to media reports discussing the same. Plaintiff alleged that Intel’s belated disclosures harmed the company because they resulted in a $4 drop in the price of Intel shares, which amounted to over $20 billion in lost market capitalization.
Plaintiff alleged that five out of ten of Intel’s directors could not consider a demand independently or disinterestedly, rendering presuit demand on the board futile. Plaintiff argued demand was futile as to the officer directors (the CEO and CFO) because they allegedly received a “material benefit” as a result of the challenged conduct by selling Intel stock after learning of the security vulnerabilities, but before those problems were made public. With respect to the other three outside directors and the CEO, plaintiff argued demand was futile because they allegedly failed to implement any controls to report cybersecurity issues to the board. The trial court sustained defendants’ demurrer, without leave to amend, concluding that even if a demand was futile as to the CEO and CFO, the rest of the board members were not disqualified from considering a demand. Plaintiff appealed.
The Court of Appeal affirmed. The Court began by quoting the seminal Delaware Court of Chancery decision in In re Caremark International Inc., 698 A.2 959 (Del. Ch. 1996), to note that plaintiff’s “failure of oversight” theory was “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment.” Under Delaware law, a director is only liable for damages to the corporation if he acts in bad faith by “failing to act in the face of a known duty to act.” Thus, plaintiff was required to plead a “sustained or systematic failure of the board to exercise oversight” to support an inference of bad faith. The stockholder plaintiff’s allegations failed because the complaint conceded that Intel had controls in place to monitor the company:
Tola does not allege, for example, that . . . Intel lacked an audit committee, that Intel’s audit committee met only rarely, or particularized facts suggesting that Intel’s board knew monitoring cybersecurity vulnerabilities was critical to Intel’s operations yet simply chose to ignore the need for board-level reporting.
Plaintiff’s complaint also was insufficient because it conceded that Intel immediately began attempting to remedy the security vulnerabilities by, for example, forming a “problem response team” shortly after learning of the problem. Moreover, when the potential security vulnerabilities became public, Intel’s board immediately acted by holding a meeting to discuss the issue, engaging the audit committee to investigate the problem, and creating a subcommittee of the board tasked with cybersecurity. There were simply no detailed allegations to support the inference that the security risks were acute and that the board ignored them in bad faith over a prolonged period of time. Because plaintiff, at most, pled facts that called into question the impartiality of just two out of Intel’s ten directors, he lacked standing to pursue corporate claims.
It is a bedrock principle of Delaware corporate law that the board of directors—and not the stockholders—are empowered to pursue corporate litigation. The decision in Tola demonstrates the difficulties stockholder plaintiffs face when attempting to usurp the board’s prerogative to control corporate claims, especially when proceeding on a theory of failure of oversight. Because many corporations headquartered in California are incorporated under Delaware law, we expect Tola will receive frequent citation by California counsel defending putative stockholder derivative claims. In addition, the decision in Tola should serve as a handy roadmap for counsel seeking to advise board clients on how to respond to unexpected corporate challenges and operational issues.