By Alison Anderson, Kenya Davis, and Sigrid McCawley
In summary
The #MeToo Movement has exposed significant and pervasive sexual misconduct taking place within corporate organisations. Many executives and officers have already faced some measure of accountability, both for their own sexual misconduct and for covering up the sexual misconduct of others, and many more will in the future. Government regulators are increasingly using white-collar statutes to prosecute actions against companies they believe have acted inappropriately. White collar defence and government investigations practitioners must be cognisant of the significant risk of investigation and prosecution by the US Securities and Exchange Commission (SEC), the US Department of Justice, international regulators, as well as the risk of shareholder suits that frequently follow government enforcement actions.
This article explains the relevant securities law framework and how that framework relates to allegations of sexual misconduct, identifies recent examples of private and government action in this area, anticipates future developments and identifies how companies can act now to address these risks.
Discussion points
- Securities law framework relevant to corporate sexual misconduct
- Movement in private shareholder action
- The SEC’s actions and resolutions with McDonald’s and Activision
- What is on the horizon for corporate sexual misconduct and government enforcement
- What can companies be doing now?
Referenced in this article
- SEC resolution with McDonald’s
- SEC resolution with Activision
The relevant securities law framework
The SEC has jurisdiction to bring enforcement actions against any company whose shares are publicly traded in the United States and is, therefore, subject to federal securities laws. As relevant to allegations of sexual misconduct, the securities laws that are primarily implicated include violations of Regulation S-K, Rule 14a and Rule 10b-5.
Regulation S-K violations
Under the federal securities laws, companies have affirmative duties to disclose certain information to their shareholders. The Securities Exchange Act of 1934 requires every company that is an issuer of a security on a national securities exchange to file certain reports and statements with the SEC, including registration statements for initial public offerings and shelf offerings, periodic reports, tender offers and proxy statements. Regulation S-K details a company’s affirmative disclosure duties for those reports and statements, which most commonly arise when companies are drafting Form S-1 (registration statements), Form 10-K (annual reports), Form 10-Q (quarterly reports) and Form 8-K (current reports). Regulation S-K also requires that companies must provide the SEC with certain information and documents to keep their registration statement ‘reasonably current’.
Several sub-parts of Regulation S-K are especially relevant to the issue of alleged sexual misconduct, including Items 101, 103 and 105, which were amended in August 2020 to include new disclosure requirements regarding ‘human capital’. Specifically:
- Item 101 requires disclosure of ‘[a] description of the registrant’s human capital resources, including . . . any human capital measures or objectives that the [company] focuses on in managing the business (such as . . . measures or objectives that address the development, attraction and retention of personnel)’;
- Item 103 requires the disclosure of ‘any material pending legal proceeding’ against the company; but note that Item 103(b)(2) provides that a company does not need to disclose a ‘claim for damages if the amount involved, exclusive of interests and costs, does not exceed 10 percent of the current assets of the [company] and its subsidiaries on a consolidated basis’;
- Item 105 requires disclosure of ‘a discussion of the material factors that make an investment in the [company] or offering speculative or risky’;
- Item 303 requires disclosure of ‘any known trends or uncertainties that have had or that are reasonably likely to have a material favorable or unfavorable impact on net sales or revenues or income from continuing operations’; and
- Item 402 requires the company to publish compensation details of the CEO, CFO and the other three highest paid individuals. This includes compensation as well as other paid ‘perquisites’ worth US$10,000 or more.
Rule 14a violations
Under Rule 14a, companies have an affirmative duty to include accurate and fulsome information in proxy statements in connection with a vote of the security holders or shareholders. This includes information relayed to shareholders in voting on executive separation agreements.
Rule 10b-5 violations
More broadly, even where companies do not have an affirmative duty to disclose certain information, Rule 10b-5 of the Securities Exchange Act makes in unlawful for a company to make ‘any untrue statement of material fact’ or ‘omit to state a material fact’ that renders a statement misleading in connection with a securities transaction. An omission is ‘material’ where ‘the omitted fact would have assumed actual significance in the deliberations of the reasonable shareholder’. Rule 10b-5 applies to statements even when those statements are made outside of SEC filings. And in some circuits, companies have a duty to update statements if they later become misleading.
Shareholder actions paving the way and gaining speed
Even before the #MeToo movement, plaintiffs had begun bringing shareholder actions for securities fraud based on sexual misconduct within public companies, but these actions were ultimately unsuccessful. After the #MeToo movement, plaintiff shareholders have begun to have more success with suits of this nature.
In January 2019, a shareholder actions were brought against Alphabet, Inc’s (Google’s) board of directors, alleging that the tech giant violated state and federal law by covering up workplace sexual harassment. The shareholders alleged that Google’s board engaged in a ‘culture of concealment’, acquiescing in the cover-up of a long-standing pattern of sexual harassment by high-powered male executives. The parties settled with Google agreeing to a US$310 million funding commitment to enact sweeping workplace and corporate governance reforms, maintain a DEI Advisory Council for at least five years, and pay attorneys’ fees and expenses.
In Construction Laborers Pension Trust for Southern California v CBS Corporation, in denying the defendants’ motion to dismiss, the court held that plaintiffs had sufficiently plead securities fraud by alleging that a CEO’s statements at an industry event were material and misleading. The CEO stated at the event that ‘[#MeToo] is a watershed moment. It’s important that a company’s culture will not allow for this . . . There’s a lot we’re learning. There’s a lot we didn’t know.’ The court held that these statements were material and misleading because the CEO was ‘at that time actively seeking to conceal his own past sexual misconduct from CBS and the public’. While the district court upheld plaintiffs’ claims regarding the CEO’s statement, the court held – consistent with prior cases – that CBS’s code of conduct did not contain material false or misleading statements because it was merely aspirational, and accordingly dismissed many of the plaintiffs’ other basis for their securities fraud claims. In April of 2022, CBS agreed to pay approximately US$15 million to settle the action.
The SEC has entered the arena: McDonald’s and Activision
This year, the SEC has brought two significant actions based on allegations of corporate sexual misconduct against McDonald’s and Activision, and it is expected that the SEC will continue ramping up enforcement in this space. Indeed, in July 2023, news broke that the SEC is investigating World Wrestling Entertainment and its executive chair for allegations of sexual misconduct.
McDonald’s
After learning in October 2019 about allegations that its then-CEO, Stephen Easterbrook, had engaged in an inappropriate sexual relationship with one of his employees, McDonald’s engaged outside counsel to conduct an internal investigation. In an interview with outside counsel, Easterbrook denied having had any additional sexual relationships with McDonald’s employees. On 1 November 2019, McDonald’s terminated Easterbrook ‘without cause’, which permitted him to keep certain equity-based compensation worth approximately US$44 million. In its 9 April 2020 definitive proxy statement soliciting shareholder approval for the compensation Easterbrook was to receive under his separation agreement, McDonald’s disclosed that Easterbrook was entitled to that compensation because he was terminated ‘without cause’.
In July 2020, McDonald’s received an anonymous complaint alleging that Easterbrook had, in-fact, involved in other inappropriate sexual relationships with McDonald’s employees. McDonald’s engaged in a second internal investigation and learned that Easterbrook had lied in his October 2019 interview, had engaged in inappropriate sexual relationships with additional McDonald’s employees and had withheld potentially relevant information during the initial internal investigation. McDonald’s sued Easterbrook for breach of fiduciary duty and in the settlement of those claims, Easterbrook agreed to forfeit the equity that he received in his original separation agreement.
In its January 2023 order accepting McDonald’s offer of settlement, the SEC found that McDonald’s violated: (1) Regulation S-K by failing to disclose executive compensation under Item 402, which requires that ‘all material elements of the [company’s] compensation of the named executive officers’ including ‘specific decisions that were made or steps that were taken that could affect a fair understanding of the named executive officer’s compensation’; and (2) Rule 14a-3 for failing to disclose in its proxy solicitation (as required under section 14(a) of the Exchange Act) that McDonald’s used its discretion in terminating Easterbrook ‘without cause’ instead of ‘for cause’, which McDonald’s could have done due to Easterbrook’s violations of its Standards of Business Conduct, and which cost McDonald’s the US$44 million in compensation to which Easterbrook would otherwise not be entitled.
The SEC did not require McDonald’s to pay a penalty for the violations on the basis that McDonald’s had cooperated with the SEC’s investigation and had recovered the US$44 million from Easterbrook in a separate civil action.
Activision
Activision is a publicly traded company that develops, publishes, and distributes interactive entertainment and products on consoles, mobile devices and personal computers. In July 2021, Activision was sued by California’s Department of Fair Employment and Housing for fostering a ‘frat boy workplace culture’ that subjected women to pervasive sexual harassment. And in March 2022, Activision reached an US$18 million settlement with the US Equal Employment Opportunity Commission over allegations of sexual misconduct. These suits included allegations of male employees drinking excessively and joking about rape, nicknaming a room the ‘Cosby Suite’ where an executive was known for sexually harassing women and of a female employee that committed suicide after colleagues shared a nude picture of her among her workplace colleagues.
By October of 2021 news agencies had begun reporting that the SEC was also investigating Activision for failing to disclose in its 10-Ks and 10-Qs risks related to its workforce and how its ability to attract, retain and motivate skilled personnel might materially impact its business. In February 2023, Activision entered into a consent order with the SEC in which Activision agreed to cease violating securities laws and to pay a US$35 million fine. In the order, the SEC determined that because Activision did not ‘collect or analyze employee complaints of workplace misconduct’, Activision’s ‘management was unable to assess related risks to the company’s business, whether material issues existed that warranted disclosure to investors, or whether the disclosures it made to investors in connection with these risks were fulsome and accurate.’
What is on the horizon for corporate sexual misconduct and government enforcement?
Given the SEC’s continued focus on ESG initiatives generally, the SEC is very likely to continue to focus on increased disclosure requirements and corporate representations around human capital, which include sexual misconduct. Thus, we are likely to see more actions brought by the SEC relating to sexual misconduct, especially when it is either committed by the upper ranks of the company, as in the McDonald’s matter, or when it is a wide-spread cultural issue, as it was in Activision. The SEC will likely not only get more aggressive in investigating and bringing actions against public companies that cover up or fail to fully address sexual misconduct within its ranks, but it will also be laser-focused on whether companies do all they can to claw back compensation from disgraced executives, as in McDonald’s. It is also anticipated that the SEC and other government regulators will ramp up efforts to hold accountable executives that either commit sexual misconduct or cover up the sexual misconduct of others.
Where financial regulators start to tread, criminal authorities are not far behind. Companies are now on notice of what the SEC expects and, thus, those that engage in the cover-up of sexual misconduct or knowingly make false statements or disclosures regarding sexual misconduct or cultural issues may eventually find themselves (and their executives and officers) answering to the US Department of Justice. Indeed, in August 2023, WWE disclosed the receipt of a federal grand jury subpoena and search warrant in the investigation that can only be issued at the request of federal criminal authorities.
In addition to actions by United States agencies, foreign agencies have begun, and are likely to continue to bring, actions against bad actors in their jurisdictions. Recently, Britain’s leading financial regulator, the Financial Conduct Authority (FCA), confirmed its investigation into Odey Asset Management LLP (OAM) and its CEO for allegations of widespread sexual misconduct. Indeed, the FCA’s top official said that ‘in the exceptional circumstances of this case, it is necessary and appropriate for me to confirm to [Britain’s Treasury Select Committee] that the FCA has ongoing investigations into both’ OAM and its CEO. In doing so, the FCA expressed a strong commitment to continue to view sexual misconduct as raising ‘questions about a firm’s decisions making and risk management’. In committing to aggressively pursue such investigations, the FCA noted that it should not require ‘the bravery of a few or the professional work of investigative journalists for a culture of decency to prevail’.
What can companies be doing now?
Public companies need to recognise these warning signs as an opportunity to mitigate the risk that their employees are engaged in sexual misconduct. Enforcers and private litigants around the world are paying increasing attention to the momentum of the #MeToo movement and are sending clear signals that sexual misconduct at public corporations will no longer be tolerated. But companies do not have to sit around hoping that they are not the next defendant embroiled in a corporate sexual misconduct investigation. Public companies can start taking the following actions to avoid the fate of McDonalds and Activision.
Codes of conduct should include zero tolerance for sexual misconduct
Companies should include a zero-tolerance standard for sexual misconduct within their codes of conduct, both to discourage bad behaviour and to allow the companies to discharge employees who do engage in bad behaviour with cause. Given that courts have consistently held that a company’s code of conduct is aspirational and, thus, cannot be the basis for a materially false statement in the securities fraud litigation, strengthening codes of conduct present minimal risk. It is also critical that the messaging of the code of conduct must start at the top. Employees will not buy in unless they know that this zero tolerance approach will be enforced at the highest levels of the company.
Companies should perform a culture assessment focused on sexual misconduct
A culture assessment can be done relatively easily and can help management quickly understand any cultural issues within the company. Cultural assessments can be done either by an outside consulting firm or by in-house compliance personnel and can be as simple as an anonymous survey or more in-depth, by including focus groups, site visits and analyses of recent complaints to human resources. A culture assessment is especially useful in identifying the type of sexual misconduct that occurred in Activision, where the company had a pervasive ‘bro’ culture that joked about and encouraged sexual harassment and assault.
Companies should assess their disclosure procedures surrounding sexual misconduct
Public companies have become highly sophisticated in designing policies, procedures, and internal controls involving financial disclosures, but many are woefully behind in doing the same for sexual misconduct disclosures. Public companies need to do a risk assessment specifically identifying areas where their public disclosures may be implicated by issues of sexual misconduct. And with that risk assessment in hand, they should then review their current policies, procedures and internal controls to ensure that they are sufficient to address the identified risks. This is an in-depth process that is best performed by an outside counsel, compliance consultant or a strong internal audit unit, but is well worth the effort.
Companies should treat investigations related to sexual assault different than other internal investigations
Companies designing and implementing policies and procedures need to recognise that sexual harassment, assault and other sex-based misconduct is quintessentially different than fraud or financial misconduct. Unlike with financial misconduct, with sexual misconduct the victim is often an employee, someone who likely has less power, authority or tenure within the organisation than the individual committing the misconduct. This dynamic must be accounted for when determining who will interact with alleged victims and who will access the information gathered over the course of an investigation, taking into account the relevant reporting lines of the individuals involved.
While financial fraud can often be proved or disproved by looking at data and objective evidence, the same is not always the case for sexual misconduct. Companies should dispel themselves of the ‘he said, she said’ mentality that if there are two opposing accounts of what happened, an allegation cannot be corroborated and action cannot be taken. Not only does this mentality leave a company’s compliance or human resources personnel paralysed from taking appropriate action and remedial measures, but it is a mentality that often keeps victims from reporting in the first instance and is a mentality that will find little sympathy with regulators.
Conclusion
The SEC and FCA are sending strong signals that they are only beginning their work in investigating and pursuing companies and individuals involved in corporate sexual misconduct. If companies and executives do not heed these warnings, they risk significant financial, reputational and regulatory risk, and potentially criminal exposure. It is never too late for a company to take steps to help protect itself and its shareholders by addressing corporate culture and allegations of sexual misconduct.
*Tremendous appreciation to Simon Leen for his significant contributions to this article.
This article was first published on Global Investigations Review in January 2024; for further in-depth analysis, please visit GIR Americas Investigations Review 2024.