For those of you who do not regularly read the Dilbert comic strip or who have spent the last few years on a monastic retreat in the Himalayas, the Y2K problem is one which essentially resulted from the use of two-digit year fields in computer software codes and in embedded silicon chip technology.  As a result, the software and/or chip either cannot recognize “00″ as being 2000 as opposed to 1900, or it does not recognize it at all.  As a result, there may be a “crash” of data, miscalculations, shut down of machinery, or even more catastrophic events.  While we have a fairly good handle on what litigation exposures may ensue, there remains a wide disparity of opinion as to the frequency and severity of the Y2K failures that actually will take place. Particularly with embedded chips, we may not have definitive answers until the clock ticks past midnight on Dec. 31, 1999.

The focus of this article will be on the particular exposures of corporate officers and directors to Y2K problems and the implications for them, their corporations, and their Director's and Officer's (D&O) Liability insurers.

The Exposures Defined

The Gartner Group, a leading consultant and expert in this area, has projected that globally the cost of remediation for Y2K issues will be in the range of $300 to $600 billion dollars. (Best's Review, P/C Edition, November 1998 at 33, hereinafter Best's.) Lloyd's of London, accounting for the likelihood of Y2K-related litigation in addition to the remediation effort, has opined that the costs may exceed $1 trillion. (Insurance Litigation Reporter, March 15, 1998, at 164.) According to a spokesperson for a major United States D&O insurer, Y2K is “the emerging issue in directors' and officers' liability today.” (Best's at 33.)

The onset of Y2K litigation began in 1997 with the first customer and consumer class actions against software distributors and creators that had non-Y2K compliant products (Insurance Litigation Reporter, March 15, 1998, at 164.)   Not surprisingly, the first suit involving coverage for a Y2K-related claim followed in late 1998. (Cincinnati Insurance Co. v. Source Data Systems and Pineville Community Hospital, N.D. Iowa (No. C-98-0144) reported in Mealy's Year 2000 Report December 1998.).

Corporate officers and directors may have significant exposures under federal laws relating to securities fraud and corporate mismanagement, as well as similar laws in other jurisdictions addressing duties owed to shareholders and the corporation.  Director and officer liability readily can be perceived under three basic scenarios.

First, there is the problem of disclosure and potential securities fraud liability arising from incomplete, inaccurate, or non-disclosure.  To the extent addressing the Y2K problem will have a significant financial impact on the corporation–either in terms of the cost of the prophylactic fix or in terms of remedying damage that may occur in the future–such impact must be timely and adequately disclosed to the corporation's shareholders.

Second, there is the problem of mismanagement.  The potential for corporate mismanagement liability, most likely to be brought in the form of shareholders' derivative actions, is great if management does not address the Y2K problem in a timely or effective manner.  Although in many respects the Y2K problem appears still to be a future one, it may have already arrived for many corporations because there may not be enough time for a cost-efficient and effective fix. Plaintiff law firms are already preparing for shareholder derivative actions in this area.  For example, Milberg, Weiss, Bershad, Hynes & Lerach, which is a prominent firm both in the area of securities fraud class actions and shareholder derivative suits, began assembling a Y2K litigation “team” in 1998.  Indeed, that firm's web site advertises that “[p]ossible targets of shareholder litigation are corporate directors and officers who fail to disclose the costs of fixing the problem to shareholders.” (Best's at 34.)

Finally, as we have already witnessed in about two dozen suits filed to date, there may be exposure to third parties such as customers of the corporation. While this litigation has been and should be largely confined to actions against the corporate defendant alone, there can be instances where a corporate officer or director will be named under a fraud theory or with allegations of aiding and abetting in the breach of a contract by the corporate defendant.  Although there will be many defenses to such claims, which will vary among jurisdictions, this does not discount the possibility that such actions will be brought. When brought, they will require significant defense expenditures before the individual director or officer is extricated from the litigation through motion and/or settlement.

The Y2K problem is especially significant in the insurance industry where multi-year policies, annuity contracts, and other products already have been issued with expiration dates in the year 2000 and beyond and that require calculations based upon actual dates in the 21st century. Arguably, the Y2K problem first may have surfaced in the area of life insurance where programmers in the early 1970s had to account for annuities and life contracts running past the year 2000.

Even in industries where the problem is not yet acute, Y2K compliance may have to be achieved well before December 31, 1999.  For example, many financial institutions in the United States had to have Y2K programs in place no later than December 31, 1998.  Compliant software has been defined by the financial regulators to be that which contains four-digit years in its code and which has been tested for efficacy.

The business judgment rule typically offers directors and officers a defense to allegations of mismanagement.  Although the application of this rule varies from jurisdiction to jurisdiction, it generally provides a judicial presumption that a director or officer, in rendering a business decision, acted in good faith and in the corporation's best interests.  The presumption can be overcome only upon a showing of gross negligence or more culpable conduct.  It should also be borne in mind that the rule only applies to affirmative errors and not to omissions. Thus, there must be a business decision before the business judgment rule will attach.  Should management simply ignore a Y2K problem, business judgment rule protection will not be afforded.

Recent Statutory and Regulatory Developments

The Y2K litigation to date has essentially been premised upon alleged violations of existing statutory and case law.  Nonetheless, directors and officers, corporations, and their insurers need to be particularly concerned with the following recent developments.