Recent market trends in the Canadian private equity landscape indicate a growing appetite for sponsor-led liquidity solutions amid challenging market conditions. There has been a notable increase in secondary transactions and alternative exit strategies as sponsors seek to unlock value and provide liquidity to investors. While traditional exit routes such as initial public offerings (IPOs) have become less viable due to market volatility and regulatory uncertainties, sponsor-led solutions offer greater flexibility and efficiency in achieving liquidity objectives. Secondary market transactions—including fund restructurings, tender offers, and strip sales—have emerged as preferred alternatives, enabling sponsors to optimize portfolio performance and generate returns for investors.

These trends underscore the importance of agility and innovation in navigating the evolving private equity (PE) landscape, with sponsors leveraging strategic partnerships and sophisticated financial instruments to maximize value and mitigate risks.

This article explores several potential alternatives that PE sponsors may employ to meet increasing demands to address the liquidity needs of the fund, investors, and portfolio companies.

Fund Restructuring

A fundamental aspect of PE funds is their limited lifespan. However, liquidating PE assets at the expiry of the fund’s term, usually within a ten-year time frame, may not always be an optimal strategy, especially in a challenging macroeconomic environment. In such circumstances, one sponsor-led solution would be to create a continuation fund to acquire one or more portfolio companies from the existing fund. Under this structure, sponsors can retain control over managing the fund’s assets for an extended period until these assets achieve their maximum potential.

Continuation funds typically have a shorter term than the existing fund (e.g., two to six years). Furthermore, the investors of the existing fund generally will have the following options when the continuation fund is established:

1. selling their interest in the existing fund and receiving a pro rata share of the cash purchase price for the transfer of the assets to the continuation fund,
2. rolling over their interest into the continuation fund, or
3. occasionally, a combination of the previous options.

In the rollover option, investors may be allowed to roll over their interest on either a reset or a status quo basis. On a reset basis, the investor participates in the continuation fund on updated economic terms, which could involve lower management fees and higher carried interest rates. In return for the favorable economic terms under the reset basis, the sponsor would seek to lock in its carried interest earned in managing the existing fund to date. On a status quo basis, investors continue to participate in the continuation fund on substantially the same economic terms (i.e., same management fees and carried interest and no crystallization of carried interest on the transferred assets).

Numerous factors must be carefully considered when forming a continuation fund, including tax implications and structural complexities. However, a critical aspect is to address the sponsor’s conflict of interest, ensuring it complies with its fiduciary obligations to investors. To mitigate the conflict of interest risk, the sponsor can undertake measures such as seeking a fairness opinion from an independent valuation expert and providing adequate disclosure to all investors with respect to the terms of the restructuring process.

Historically, continuation funds have not been widely utilized in Canada. However, in recent years, there has been a growing trend towards their adoption, offering investors the flexibility to either withdraw from their investment in the portfolio company or remain invested by rolling into the continuation fund.

Tender Offers

Sponsors may also consider organizing a secondary sale process directly to facilitate liquidity for existing investors, allowing them to either maintain their interest in the existing fund or sell their interest to a secondary buyer.

Compared to a fund restructuring, a tender offer represents a simpler alternative, as it does not involve establishing a continuation fund, freeing the sponsor from the complications of investor negotiations and expenses associated with a continuation fund transaction. Additionally, a tender offer may prove particularly advantageous when the secondary buyer commits to subscribe for a “stapled” interest in another fund being raised by the sponsor.

Strip Sales

In a strip sale, the sponsor partially sells the fund’s portfolio company investments at a price negotiated with the secondary buyer. Buyers in these transactions typically consist of other PE funds that do not intend to acquire a controlling stake in the underlying assets. These sales offer partial liquidity in a well-performing portfolio without surrendering complete control of the underlying assets. However, it implies that the existing fund will surrender a percentage of the potential appreciation of the assets.

Similarly to when considering a continuation fund, sponsors considering strip sales should carefully review conflict of interest issues and financing arrangements of the portfolio companies.

Preferred Equity Options

Another sponsor-led liquidity strategy is preferred equity options, which allow a new investor to inject additional capital into the fund, in exchange for which the new investor receives priority over the distributions from the assets held by the fund.

This type of mechanism is typically structured by transferring the assets to a newly established special-purpose vehicle, which issues preferred shares to the new investor. Alternatively, the sponsor may admit the new investor to the fund and issue a preferred interest to such investor.

This strategy offers the benefit of providing liquidity to existing investors while contributing extra capital to the fund. Nonetheless, these transactions may require an amendment to the fund documentation to allow the issuance of preferred equity, typically requiring a higher level of consent from the limited partners.

Net Asset Value (NAV) Loans

Fund finance has traditionally consisted of subscription facilities, in which credit facilities are secured by the uncalled capital commitments of the limited partners. However, NAV loans have recently emerged as an attractive alternative to provide liquidity for funds when market conditions render asset sales difficult.

NAV loans, generally used for later-stage funds, allow sponsors to borrow against the value of their portfolio holdings, offering them flexible and efficient access to extra capital while avoiding potential discounts associated with other secondary market deals. NAV loans appeal to sponsors aiming to accelerate distributions to investors and finance add-on investors without requiring additional capital calls.

In NAV loan arrangements, lenders typically have recourse to the fund’s portfolio investments, with the borrowing base calculated on the net asset value of the fund’s portfolio assets. However, securing NAV loans will generally require a comprehensive due diligence review of the fund, the limited partners, and the portfolio assets. In this regard, reviewing the fund’s organizational documents is crucial to ascertain the feasibility of NAV finance. If the fund’s organizational documents do not expressly contemplate NAV borrowings, sponsors must carefully interpret the relevant borrowing provisions and determine the need for amendments or investor consent.

The current economic landscape continues to favor NAV loans, and sponsors should stay attuned to the evolving fund documentation and legal considerations surrounding these types of arrangements.

Risk Management and Mitigation Strategies

Effective risk management is paramount in sponsor-led liquidity transactions to safeguard investor interests and preserve value. Key risk factors include valuation uncertainties, conflicts of interest, regulatory compliance, and market volatility, all of which require proactive mitigation strategies.

Valuation Uncertainties:

Sponsors considering sponsor-led liquidity solutions must grapple with valuation uncertainties, particularly in volatile market conditions. The valuation of portfolio assets can fluctuate significantly, impacting the attractiveness and feasibility of liquidity options. To mitigate this risk, sponsors should employ robust valuation methodologies, leveraging industry best practices and engaging qualified valuation experts to ensure transparency and accuracy in the valuation process. Additionally, sponsors should conduct thorough due diligence on portfolio assets, scrutinizing financial performance, market dynamics, and potential risk factors to inform valuation assessments.

Conflicts of Interest:

Sponsor-led liquidity transactions inherently involve conflicts of interest, as sponsors seek to balance the interests of various stakeholders, including investors, portfolio companies, and themselves. To effectively manage conflicts of interest, sponsors should implement rigorous governance structures and adopt transparent communication practices throughout the transaction process. This may involve establishing independent committees or hiring third-party advisors to oversee the transaction and ensure fairness and impartiality. Moreover, sponsors should adhere to fiduciary duties and regulatory requirements, prioritizing the best interests of investors and maintaining integrity and ethical standards in decision-making.

Financial and Operational Risks:

Sponsor-led liquidity solutions entail inherent financial and operational risks, including potential disruptions to portfolio company operations, exposure to adverse market conditions, and unforeseen liabilities. Sponsors should conduct comprehensive risk assessments and scenario analyses to identify and mitigate potential risks, developing contingency plans and risk mitigation strategies to safeguard against adverse outcomes. This may involve stress-testing liquidity options under various market scenarios, assessing the impact of financial covenants and performance metrics on portfolio assets, and implementing robust risk monitoring and management frameworks to proactively address emerging risks.

Investor Relations and Transparency:

Maintaining strong investor relations and transparency is essential for fostering trust and confidence among stakeholders throughout the sponsor-led liquidity process. Sponsors should communicate openly and transparently with investors, providing timely updates and disclosures regarding transaction developments, risks, and potential outcomes. This includes facilitating meaningful dialogue and engagement with investors, addressing concerns and inquiries promptly, and soliciting feedback to inform decision-making. By prioritizing investor relations and transparency, sponsors can mitigate concerns regarding conflicts of interest and enhance investor confidence in the transaction process.

By addressing these key risk management and mitigation strategies, sponsors can navigate the complexities of sponsor-led liquidity solutions with greater confidence and resilience, effectively managing risks and maximizing value for all stakeholders involved.

Conclusion

Determining the optimal liquidity alternative for a PE fund will depend on various factors associated with the existing market conditions, interest rates, and the fund’s valuation. Sponsors are encouraged to evaluate the different liquidity options available carefully, considering the fund’s investment strategy and the provisions outlined in its organizational documents and portfolio-level agreements. Moreover, in structuring sponsor-led transactions, sponsors must navigate other critical considerations, including the previously described risk management and mitigation strategies, as well as skillful negotiation of the economic terms of the proposed transaction.

Looking ahead, we anticipate sustained growth in sponsor-led solutions in the United States and Canada, as the need to maximize liquidity in today’s market remains a top priority for sponsors and investors. Through strategic planning and execution, sponsors will be well positioned to achieve optimal results.

John J. McCann, former chair of the American Bar Association Business Law Section (1992–1993), passed away on March 13, 2024, but his work as a lawyer and leader of the Business Law Section (BLS) lives on. Most notably, McCann was instrumental in his leadership role in creating a new publication for the Business Law Section: Business Law Today (BLT). Debuting in 1992 as a print magazine, it evolved during the last thirty years into an electronic magazine and then a dedicated business law website, www.businesslawtoday.org.

“The work of John McCann ensured that our members would receive a steady stream of analytical articles on a wide range of business law practices,” said Lynette Hotchkiss, BLT’s current editor-in-chief. “In many ways, John was a true visionary, and he has left this amazing content resource for business lawyers, students, and academics.”

Over the course of more than forty years in business law, McCann’s legal expertise and knowledge was invaluable to both his clients and his business law colleagues. A graduate of Columbia Law School, John was admitted to the New York, New Jersey, and Florida bars and was partner in the New York law firm of Donovan, Leisure, Newton & Irvine; in-house counsel to the Prudential Insurance Company; and in-house counsel to Orion Specialty Insurance Company.

His contributions to BLS content allowed him to be recognized as a BLS leader and led to his appointment as an officer, and then as chair of the Section for the 1992–1993 bar year.

“I clearly remember that one evening at a BLS leadership meeting at the Ritz-Carlton in Florida,” said Maury Poscover, former chair of the Business Law Section (1997–1998). “I was in the chair’s suite with Lorrie, my spouse, talking with Herb and Ruthie Wander. John walked in, and he was so excited because he had just been told that he would be nominated as secretary of the Section. The memory stands out because Lorrie and I were equally excited because our son had just told us he was engaged.”

In September 1991, McCann announced to the membership the creation of a new periodical, Business Law Today, that would have its debut during his bar year. “This 64-page magazine will be a significant member benefit,” said McCann. “Business Law Today will enable us to publish many of the excellent submissions that we are unable to publish in The Business Lawyer. It will provide committees with a vehicle for regular content on all the practice areas of business law.”

And John’s Business Law Today has now morphed into a website that features articles, videos, podcasts, and other business law resources. Truly, a significant contribution to the ABA’s Business Law Section and the legal profession.

Imagine receiving a layoff notice because an AI evaluation tool predicted a higher risk of future underperformance due to your age. Or picture repeatedly having job applications rejected, only to find out the cause was an AI tool screening out candidates with a disability. These are just a few examples of real-world AI bias in the realm of hiring and employment, a growing issue that has already resulted in several notable lawsuits. How can companies effectively take advantage of AI in their employment practices while minimizing legal risks? This article discusses employment laws applicable to AI discrimination and provides practical strategies for companies to prevent potential government investigations, lawsuits, fines, class actions, or reputational damage.

A. AI Bias

A recent IBM article defines AI bias as “AI systems that produce biased results that reflect and perpetuate human biases within a society, including historical and current social inequality.”^[1] Two major technical factors contribute to AI bias:

1. Training Data: AI systems develop their decision-making based on training data; when those data overrepresent or underrepresent certain groups, it can cause biased results. A typical example is a facial recognition algorithm trained on data that overrepresents white people, which may result in racial bias against people of color in the form of less accurate facial recognition results. Moreover, mislabeled data, or data that reflect existing inequalities, can compound these issues. Consider an AI recruiting tool trained on a dataset where some applicant qualifications were incorrectly labeled. This could result in the tool rejecting qualified candidates who possess the necessary skills but whose résumés were not accurately understood by the tool.
2. Programming Errors: AI bias may also arise from coding mistakes, wherein a developer inadvertently or consciously overweighs certain factors in algorithmic decision-making due to their own biases. In one good example discussed in the IBM piece, “indicators like income or vocabulary might be used by the algorithm to unintentionally discriminate against people of a certain race or gender.”

B. AI Employment Discrimination

Companies have increasingly used AI tools to screen and analyze résumés and cover letters; scour online platforms and social media networks for potential candidates; and analyze job applicants’ speech and facial expressions in interviews.^[2] In addition, companies are using AI to onboard employees, write performance reviews, and monitor employee activities and performance.^[3] AI bias can occur in any of the above use cases, throughout every stage of the employment relationship—from hiring to firing and everything in between—and can result in discrimination lawsuits.

In one notable example, the Equal Employment Opportunity Commission ( “EEOC”) settled its first AI hiring discrimination lawsuit in August 2023.^[4] In Equal Employment Opportunity Commission v. iTutorGroup, Inc.,^[5] the EEOC sued three companies providing tutoring services under the “iTutorGroup” brand name (“iTutorGroup”) on the basis that iTutorGroup violated the Age Discrimination in Employment Act of 1967 (“ADEA”) because the AI hiring program it used “automatically reject[ed] female applicants age 55 or older and male applicants age 60 or older,” resulting in screening out over 200 applicants because of their age.^[6] Subsequently, iTutorGroup entered into a consent decree with the EEOC, under which iTutorGroup agreed to pay $365,000 to the group of automatically rejected applicants, adopt antidiscrimination policies, and conduct training to ensure compliance with equal employment opportunity laws.

The ongoing Mobley v. Workday, Inc.^[7] litigation, one of the first major class-action lawsuits in the United States alleging discrimination through algorithmic bias in applicant screening tools, presents another warning. The plaintiff, an African-American man over the age of forty with a disability, claims that Workday provides companies with algorithm-based applicant screening software that unlawfully discriminated against job applicants based on protected class characteristics of race, age, and disability and thus violated Title VII of the Civil Rights Act of 1964, the Civil Rights Act of 1866,^[8] the ADEA, and the ADA Amendments Act of 2008 (“ADAAA”). On January 19, 2024, the court granted Workday’s motion to dismiss the case, with leave for the plaintiff to amend the complaint.^[9] On February 21, 2024, the plaintiff filed an amended complaint outlining further details to support his claims.^[10]

With the foresight to prevent the kind of lawsuits discussed above, Amazon took proactive measures in 2018 by ceasing using an AI hiring algorithm after finding it discriminated against women applying for technical jobs; after being trained on a dataset of mostly men, the tool preferred applicants who used words that are more commonly used by men in their resumes, such as “executed” or “captured,” among other issues.^[11]

These cases, along with Amazon’s decision to scrap its biased AI hiring tool, highlight the growing concern about algorithmic bias in recruitment. Given this evolving landscape, employers must carefully examine all applicable federal, state, and local laws, as well as EEOC guidelines, to ensure fair and unbiased hiring practices.

C. Governing Law

1. Federal Law

There is currently no federal law specifically targeting the use of AI in the employment context. However, most employers’ use of AI tools in their employment practices would be subject to federal laws prohibiting employment discrimination based on race, color, ethnicity, sex (including gender, sexual orientation, and gender identity), age, national origin, religion, disability, pregnancy, military services, and genetic information.

Below is a list of primary federal laws a company must consider when evaluating AI-based employment evaluation tools. The most highly litigated one is Title VII, which applies to private employers that employ fifteen or more employees.

1. Title VII of the Civil Rights Act of 1964 (“Title VII”)^[12]: prohibits employment discrimination based on race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), or national origin.
2. Section 1981 of the Civil Rights Act of 1866^[13]: prohibits discrimination based on race, color, and ethnicity.
3. The Equal Pay Act^[14]: prohibits sex-based wage discrimination.
4. The Age Discrimination in Employment Act^[15]: prohibits discrimination based on age (forty and over).
5. The Immigration Reform and Control Act^[16]: prohibits discrimination based on citizenship and national origin.
6. Title I and Title V of the Americans with Disabilities Act (“ADA”)^[17] (including amendments by the Civil Rights Act of 1991 and the ADAAA): prohibits employment discrimination against qualified individuals based on disability and those regarded as having a disability.
7. The Pregnant Workers Fairness Act^[18]: prohibits discrimination against job applicants or employees because of their need for a pregnancy-related accommodation.
8. The Uniformed Services Employment and Reemployment Rights Act^[19]: prohibits discrimination against past and current members of the uniformed services, as well as applicants to the uniformed services.
9. The Genetic Information Nondiscrimination Act^[20]: prohibits discrimination in employment and health insurance based on genetic information.

2. State and Local Law

To address concerns over the use of AI in employment, states and local governments have become more proactive. Three notable examples of legislation that have been enacted, discussed below, demonstrate the growing trend among policymakers to regulate AI usage in employment practices, underscoring the increasing importance placed on ensuring fairness and accountability in AI-driven decision-making.

i. Illinois

In 2020, Illinois adopted the Artificial Intelligence Video Interview Act (820 ILCS 42/1), which imposes several requirements on employers if they conduct video interviews and use AI analysis of such videos in their evaluation process. These requirements include (i) notifying applicants of the AI’s role, (ii) providing applicants with an explanation of the AI process and types of characteristics used for evaluating applicants, (iii) obtaining the applicants’ consent for such AI use, (iv) only sharing videos with those equipped with the expertise or technology to evaluate the applicant’s fitness for a position; and (v) destroying videos within thirty days of a request by the applicant.

ii. Maryland

While not explicitly targeting AI, Maryland’s 2020 facial recognition technology law prohibits an employer from using certain facial recognition services—many of which use AI processes—during job interviews unless the applicant consents.

iii. New York City

New York City began enforcing its law on Automated Employment Decision Tools (“AEDT Law”) on July 5, 2023. Under this law, passed in 2021, employers and employment agencies are prohibited from using an automated employment decision tool (“AEDT”), which includes AI, to assess candidates for hiring or promotion in New York City unless an independent auditor completes a bias audit of the AEDT before its use and the candidates who are New York City residents receive notice that the employer or employment agency uses an AEDT. A bias audit must include “calculations of selection or scoring rates and the impact ratio across sex categories, race/ethnicity categories, and intersectional categories.”^[21] For each violation, offenders could face penalties ranging from $375–$1,500.

3. EEOC Guidance

The EEOC enforces federal laws prohibiting discrimination in hiring, firing, promotions, training, wages, benefits, and harassment. Employers with at least fifteen employees, labor unions, and employment agencies are subject to EEOC review. The EEOC has the authority to investigate discrimination charges against employers and, if necessary, file a lawsuit. Therefore, even though EEOC guidance is not legally binding, it proves valuable for companies seeking to avoid potential investigations or lawsuits when using AI tools.

i. EEOC 2022 Guidance on the ADA and AI

In May 2022, the EEOC issued technical guidance addressing how the ADA applies to the use of AI to assess job applicants and employees.^[22] The guidance outlines several common ways that utilizing AI tools can violate the ADA, including, for example, relying on an algorithmic decision-making tool that intentionally or unintentionally excludes an individual with a disability, failing to provide necessary “reasonable accommodation,” or violating the ADA’s restrictions on disability-related inquiries and medical examinations.

Employers can implement practices recommended by the EEOC to effectively handle the risk associated with utilizing AI tools, such as the following:

1. Disclose in advance the factors to be measured with the AI tool, such as knowledge, skill, ability, education, experience, quality, or trait, as well as how testing will be conducted and what will required.
2. Ask employees and job applicants if they require a reasonable accommodation using the tool. If the disability is not apparent, the employer may ask for medical documentation when requested for a reasonable accommodation.
3. Once the claimed disability is confirmed, provide a reasonable accommodation, including an alternative testing format.
4. “Examples of reasonable accommodations may include specialized equipment, alternative tests or testing formats, permission to work in a quiet setting, and exceptions to workplace policies.”^[23]

ii. EEOC 2023 Guidance on Title VII and AI

In May 2023, the EEOC issued new technical guidance on how to measure adverse impact when AI tools are used for employment selection, titled “Select Issues: Assessing Adverse Impact in Software, Algorithms, and Artificial Intelligence Used in Employment Selection Procedures Under Title VII of the Civil Rights Act of 1964.”^[24]

Under this guidance, if the selection rate of individuals of a particular race, color, religion, sex, or national origin, or a “particular combination of such characteristics” (e.g., a combination of race and sex), is less than 80 percent of the rate of the non-protected group, then the selection process could be found to have a disparate impact in violation of Title VII, unless the employer can show that such use is “job related and consistent with business necessity” under Title VII.

If the AI tool is found to have an adverse impact under Title VII, the employer can take measures to reduce the impact or select a different tool. Failure to adopt a less discriminatory algorithm that was considered during the design process may subject the employer to liability.

Under both EEOC guidance documents discussed here, an employer will be held liable for the actions or inactions of an outside vendor who designs or administers an algorithmic decision-making tool on its behalf and cannot rely on the vendor’s assessment of the tool’s disparate impact.

D. Legal Strategies

Considering the applicable laws and EEOC guidance, it would be prudent for a company to consider the following strategies to reduce risk of AI bias in employment decisions:

1. Prior to signing a contract with a vendor who designs or implements an AI-based employment tool, as part of the vendor due diligence process, a company’s legal team should work closely with its IT and HR teams to review and evaluate the vendor’s tools, including reviewing assessment reports and historical selection rates, based on the applicable laws and EEOC guidelines.

   In addition, any employers who are subject to New York City’s AEDT Law should have an independent auditor conduct a bias audit before utilizing the AI tool.

2. To incentivize a vendor to deliver a high-quality, legally compliant AI tool while mitigating risks, carefully negotiate and draft the indemnity, warranty, liability cap carveouts, and other risk allocation provisions of the contract with the vendor. These provisions should obligate the vendor to bear liability for any issues arising from the use of the AI tool in employment contexts caused by the vendor’s fault.

3. Prepare detailed internal documents clearly explaining the AI tool’s operation and selection criteria based on the review mentioned in item a to protect the company in case of government investigations or lawsuits.^[25]

4. The legal team should work closely with HR and the IT team to conduct bias audits on a regular basis.

5. If an audit reveals the tool has disparate impacts at any point, the company should consider working with the vendor to implement bias-mitigating techniques, such as modifying the AI algorithms, adding training data for underrepresented groups, or selecting a different tool, unless the legal counsel determines that the use of this tool is “job related and consistent with business necessity.”

6. Provide advance notice to candidates or employees who will be impacted by AI tools in accordance with applicable laws and EEOC guidance.

7. Educate HR and IT teams regarding AI discrimination.

8. Keep track of legal developments in this area, especially if your company has offices nationwide.

Faced with the looming threats of EEOC enforcement actions, class action lawsuits, and legislative uncertainty, employers may understandably feel apprehensive about charting a course that includes using AI in hiring or HR. However, consulting with attorneys to understand legal requirements and potential risks associated with AI employment bias—along with adopting proactive measures outlined in this article, staying informed about legal developments, and fostering collaboration across legal, HR, and IT teams—can help organizations effectively mitigate risks and confidently navigate the intricate landscape of AI employment bias.

1. IBM Data and AI Team, “Shedding light on AI bias with real world examples,” IBM, October 16, 2023. ↑

2. Keith MacKenzie, “How is AI used in human resources? 7 ways it helps HR,” Workable Technology, December 2023. ↑

3. Aaron Mok, “10 ways artificial intelligence is changing the workplace, from writing performance reviews to making the 4-day workweek possible,” Business Insider, July 27, 2023. ↑

4. Annelise Gilbert, “EEOC Settles First-of-Its-Kind AI Bias in Hiring Lawsuit (1),” Bloomberg Law, August 10, 2023. ↑

5. Equal Employment Opportunity Commission v. iTutorGroup, Inc., No. 1:22-cv-2565-PKC-PK (E.D.N.Y. filed May 5, 2022) (Aug. 9, 2023, joint notice of settlement and request for approval and execution of consent decree). ↑

6. “iTutorGroup to Pay $365,000 to Settle EEOC Discriminatory Hiring Suit,” U.S. Equal Employment Opportunity Commission, September 11, 2023. ↑

7. 3:23-cv-00770-RFL (N.D. Cal. filed Feb. 1, 2023). ↑

8. 42 U.S.C. § 1981. ↑

9. Joseph O’Keefe, Evandro Gigante, and Hannah Morris, “Judge Grants Workday, Inc.’s Motion to Dismiss in Groundbreaking AI Class Action Lawsuit Mobley v. Workday,” Law and the Workplace (blog), Proskauer, January 24, 2024. ↑

10. Daniel Wiessner, “Workday accused of facilitating widespread bias in novel AI lawsuit,” Reuters, February 21, 2024. ↑

11. Rachel Goodman, “Why Amazon’s Automated Hiring Tool Discriminated Against Women,” American Civil Liberties Union, October 12, 2018. ↑

12. 42 U.S.C. § 2000e. ↑

13. 42 U.S.C. § 1981. ↑

14. 29 U.S.C. § 206(d). ↑

15. 29 U.S.C. §§ 621–634. ↑

16. Pub. L. 99-603, 100 Stat. 3359 (1986)), as codified as amended in scattered sections of Title 8 of the United States Code. ↑

17. 42 U.S.C. §§ 12101–12113. ↑

18. 42 U.S.C. §§ 2000gg–2000gg-6. ↑

19. 38 U.S.C. § 4311. ↑

20. 42 U.S.C. § 2000ff. ↑

21. “Automated Employment Decision Tools: Frequently Asked Questions,” NYC Department of Consumer and Worker Protection, June 6, 2023. ↑

22. “The Americans with Disabilities Act and the Use of Software, Algorithms, and Artificial Intelligence to Assess Job Applicants and Employees,” U.S. Equal Employment Opportunity Commission, May 12, 2022. ↑

23. Id. ↑

24. “Select Issues: Assessing Adverse Impact in Software, Algorithms, and Artificial Intelligence Used in Employment Selection Procedures Under Title VII of the Civil Rights Act of 1964,” U.S. Equal Employment Opportunity Commission, May 18, 2023. ↑

25. See Lena Kempe, “AI Risk Mitigation and Legal Strategies Series No. 5: Explainable AI,” LK Law Firm, January 11, 2024. ↑

In recent years, several state legislatures have enacted consumer credit laws designed to regulate FinTech companies operating through partnerships with depository institutions, or more generally to limit the interest rates charged by those depository institutions. 2023 was no exception, and this growing trend should be watched closely by state-chartered depository institutions and financial services companies.

Section 521 of the Depository Institutions Deregulation and Monetary Control Act (“DIDMCA”), authorizes FDIC-insured state-chartered banks to use both the most favored lender authority and federal exportation authority enjoyed by national banks under 12 U.S.C. 85 by preempting state law. DIDMCA Section 521 allows states to “opt out” of the federal preemption; if a state does not opt out by statute, constitutional amendment, or referendum, then the state law interest rate limitations are preempted by federal law. Iowa and Puerto Rico have already opted out, with Colorado joining them in July 2024 and opt-out legislation recently introduced in the District of Columbia. Meanwhile, many other states are increasing their scrutiny and adopting laws to impose regulations on bank–FinTech partnerships, rather than upon all state-chartered depository institutions.

On June 5, 2023, Colorado House Bill 23-1229 was signed, clarifying that consumer loans made in Colorado are excluded from the provisions of DIDMCA Section 521. HB 23-1229 amends the Colorado Uniform Consumer Credit Code to change the terms and finance charges that a lender may impose in consumer credit transactions. This amendment requires that out-of-state banks follow Colorado’s interest rate and fee restrictions when lending to Colorado residents in Colorado.

The Colorado opt-out will impact state-chartered banks issuing loans to Colorado residents, including those that have programs with FinTech companies. The opt-out arises in a long context of enforcement, notably the Avant-Marlette settlement that set forth the expectations for FinTech-bank programs. In that case, Colorado’s Consumer Credit Administrator directly challenged the out-of-state loans made by an out-of-state bank, in partnership with multiple FinTech companies. The state argued that the federal interest rate preemption could not be applied because the bank was not the true lender of the loans and the partner company could not stand in the bank’s shoes for loans sold by the originating bank. The case was settled in an agreement that put into place certain operational requirements for the programs, but it did not apply Colorado’s usury limits to the originating bank given that, at the time, Colorado had not opted out of Section 521.

State legislatures have also sought to enact laws regulating partnerships between depository institutions and FinTech companies. On June 29, 2023, Connecticut enacted legislation to join states that have previously adopted such laws, including Maine, New Mexico, and Illinois. The laws codify a predominant economic interest test, and create other tests seeking to determine when the FinTech—not the originating depository institution—should be viewed as the “true lender,” in which case the depository institution’s federal rate preemption should be disregarded. The laws also impose varying interest rate limits and rate calculation methodologies.

Similar legislation in Minnesota, Minn. S.F. 2744, was enacted on May 24, 2023, and became effective January 1, 2024. The law caps the annual percentage rate (“APR”) on consumer small loans and consumer short-term loans at a 50 percent all-in APR. Consumer small loan is defined as a consumer-purpose unsecured loan for an amount equal to or less than $350 that must be repaid in a single installment. A consumer short-term loan is a loan that has a principal amount, or an advance, on a credit limit of $1,300 or less, and requires a minimum payment of more than 25 percent of the principal balance or credit advance within sixty days. Minn. S.F. 2744 provides that, if the all-in APR exceeds 36 percent, the lender must perform an ability-to-pay analysis, reviewing evidence of the borrower’s net income, major financial obligations, and living expenses. Like statutes in other states, it also implements the predominant economic interest test and other tests for the true lender.

The tests utilized in these laws vary by state, but they often provide that a nonbank entity should be viewed as the lender if any of the following are true:

1. the person holds, acquires, or maintains, directly or indirectly, the predominant economic interest in the consumer credit product at issue;
2. the person markets, brokers, arranges, or facilitates the consumer credit product and holds the right, requirement, or right of first refusal to purchase the consumer credit products; or
3. the totality of the circumstances indicate that such person is the lender and the transaction is structured to evade the applicable state law requirements.

The laws typically establish several factors to consider for the totality of the circumstances test. They may vary from state to state but typically include a review of:

1. Indemnifying, insuring, or protecting an exempt person for any costs or risks related to the consumer credit product;
2. predominantly designing, controlling, or operating the lending program; or
3. purporting to act as an agent, service provider, or in another capacity for an exempt person (typically any depository institution) in the state while acting directly as a lender in another state.

To date, there has been little public enforcement activity regarding these laws, making it hard for commentators to assess their impact on partnerships between banks and non-banks. State legislative trends indicate that more states will continue to consider legislation regulating such programs or opting out of DIDMCA, leading to a more fragmented landscape in the United States compared to the consistency seen in other countries. DIDMCA opt-outs raise interesting questions regarding how a DIDMCA opt-out will actually impact banks located out of state, and whether it will actually reach such loans. Similarly, the interplay of federal rate exportation authority with laws seeking to curtail that exportation absent DIDMCA opt-out raise interesting enforceability questions that may lead to future litigation should the trend continue.

***

This article is related to a CLE program titled “True Lender and Rate Exportation: Analyzing the Impact of State Laws Restricting Bank Originated Loans” that was presented during the ABA Business Law Section’s 2023 Fall Meeting. To learn more about this topic, listen to a recording of the program, free for members.

Last updated on March 1, 2025.

This is a summary of the Hotshot course “Updating Disclosure Schedules: Market Trends,” in which ABA M&A Committee members John F. Clifford from McMillan LLP and Ann Beth Stebbins from Skadden, Arps, Slate, Meagher & Flom LLP & Affiliates discuss market trends for disclosure schedules updates provisions, drawing on data from the ABA M&A Committee’s Private Target Deal Points Study. View the course here.

Updating Disclosure Schedules: Market Trends

• The 2023 ABA M&A Committee’s Private Target Deal Points Study looked at how often parties allow updates to a seller’s disclosure schedules between signing and closing.
  • The study found that in 2022 and the first quarter of 2023:
    • Updates were expressly permitted or required in 14% of deals;
    • Updates were expressly prohibited in 5% of deals; and
    • The remaining 81% of deals were silent on the point.
• Over the years, the number of deals allowing updates has been consistently less than half.
  • 14% in 2022 to 2023;
  • 24% in 2020 to 2021;
  • 31% in 2018 to 2019; and
  • 28% in 2016 to 2017.
• Of the deals that permitted or required updates in the latest study, there was a decrease in those that allowed updates for information occurring both pre- and post- signing, from 62% in the 2021 study to 60% in the 2023 study.
• The buyer had a right to close and seek indemnification for updated matters in 67% of the deals that permitted or required updates.
  • This marks a significant decrease from the last study, where it was 90%.
• The buyer’s right to terminate the agreement was not affected by updated disclosure in 80% of the deals in the 2023 study.
  • In 20% of the deals, the buyer could terminate because of the disclosure, but only within a specific time period.

The rest of the video includes interviews with ABA M&A Committee members John F. Clifford from McMillan LLP and Ann Beth Stebbins from Skadden, Arps, Slate, Meagher & Flom LLP & Affiliates.

Download a copy of this summary here.

This is a summary of the Hotshot course “Updating Disclosure Schedules: Sample Provisions,” a look at two disclosure schedules updates provisions. View the course here.

Negotiating a Disclosure Schedule Updates Provision

• When negotiating a disclosure schedules updates provision parties typically focus on:
  • Whether the seller is obligated or merely permitted to make updates;
  • The scope of permitted updates; and
  • How the updates affect other rights and obligations of the parties.

Sample Seller-Friendly Disclosure Schedules Update Provisions

During the Pre-Closing Period, Seller shall have the right (but not the obligation) to update the Disclosure Schedules to the extent information contained therein or any representation or warranty of Seller becomes untrue, incomplete or inaccurate after the Agreement Date due to events or circumstances after the date hereof or facts of which the Seller becomes aware after the date hereof. [Buyer shall have the right to terminate this Agreement pursuant to Section [_] within five (5) days after receipt of such update if the updated portion or portions of the Disclosure Schedules disclose any facts and circumstances that would cause a failure of the Closing Condition set forth in Section [_]; provided, however, that if (a) Buyer is not entitled to, or does not timely exercise, such right to terminate this Agreement, or (b) Buyer consummates the Closing,] Buyer shall, in any such case, be deemed to have accepted such updated Disclosure Schedules, any such update shall be deemed to have amended the Disclosure Schedules, to have qualified the relevant representations and warranties contained in Article [_], and to have cured any breach of any representation or warranty that otherwise might have existed hereunder by reason of such event or circumstance. Nothing in this Agreement, including this Section [_], shall be interpreted or construed to imply that Seller is making any representation or warranty as of any date other than as otherwise set forth herein.

[Emphasis added.]

• This provision says that the seller has the right, not the obligation, to update the disclosure schedules. This is good for the seller because when updates are required:
• • An inadvertent failure to disclose new facts could result in an indemnification claim for breach of the seller’s covenant to update the disclosure schedules.
  • Or the buyer could claim that the closing conditions weren’t satisfied because the seller didn’t comply with its obligation to perform under the covenant.
• The next part of the first sentence allows any updates needed to complete or correct any information in the disclosure schedules or reps that becomes untrue, incomplete, or inaccurate because of “events or circumstances” or “facts of which the Seller becomes aware”—in each case after the date of the agreement.
  • This sets up a broad scope for updates, including anything that happens or is learned after signing.
  • The only way this provision could be more seller-friendly is if the seller were also allowed to include information known or that should have been known prior to signing.
• Most of the rest of the provision covers the impact of the disclosure schedule updates on the buyer’s rights, and it’s also beneficial to the seller because the buyer’s only recourse in this version of the provision is to terminate the provision.
  • If the buyer completes the acquisition, it’s deemed to have accepted the new disclosure and can’t then bring an indemnity claim relating to the new facts.

Sample Buyer-Friendly Disclosure Schedules Update Provisions

From time to time prior to the Closing, Seller shall promptly supplement or amend the Disclosure Schedules hereto with respect to any matter arising after the date hereof, which, if existing, occurring or known at the date of this Agreement, would or should have been required to be set forth or described in the Disclosure Schedules (each a “Schedules Supplement”). Any disclosure in any such Schedules Supplement shall not be deemed to have cured any inaccuracy in or breach of any representation or warranty contained in this Agreement, including for purposes of the indemnification or termination rights contained in this Agreement or of determining whether or not the conditions set forth in Section [_] have been satisfied.

[Emphasis added.]

• In this example, the seller is obligated to promptly update the disclosure schedules when it becomes aware of new facts that would have been required to be disclosed if they had arisen prior to signing.
  • This ensures that the buyer has complete information at closing.
  • Most sellers agree to this formulation because it’s a pretty convincing argument that the buyer has a right to know all new facts or events that could impact the business prior to closing.
• The provision goes on to limit updates to matters that arise after signing that would or should have been disclosed if they had occurred prior to signing.
  • This is different from the seller-friendly version because here the seller isn’t allowed to update the disclosure schedules with facts that arose before signing.
  • Parties often agree to limit the scope of updates to new things that happen post-signing.
    • Drafting the provision this way removes any incentive for a seller to wait to disclose material information until after signing, when the buyer could be obligated to close the deal.
• Finally, in this example updates don’t affect the buyer’s rights under the agreement.
  • So the buyer has the option not to close if the closing conditions aren’t satisfied.
  • If the acquisition does close, the buyer can still bring an indemnification claim based on the disclosure as it stood at signing.

The rest of the video includes interviews with ABA M&A Committee members John F. Clifford from McMillan LLP and Ann Beth Stebbins from Skadden, Arps, Slate, Meagher & Flom LLP & Affiliates.

Download a copy of this summary here.

This is a summary of the Hotshot course “Updating Disclosure Schedules,” an introduction to disclosure schedules updates provisions, including why parties include a right or obligation to update disclosure schedules, the scope of permitted updates, and the updates’ effect on other rights and obligations of the parties under the acquisition agreement. View the course here.

Why Update Disclosure Schedules?

• The disclosure schedules to an M&A agreement, together with the reps and warranties they modify, provide a snapshot of the seller and the target as of the signing date.
• If the deal doesn’t close at signing, it’s possible that the disclosure schedules and the reps and warranties could be inaccurate or incomplete when the parties are ready to close.
  • This could be due to:
    • New facts discovered between signing and closing that the parties weren’t aware of before signing; or
    • New developments, such as the target getting sued by a customer after the agreement is signed.
  • Parties sometimes deal with this possibility by allowing, or even requiring, updates to the disclosure schedules.
• When parties agree to allow or require updates, they add a disclosure schedules updates provision in the interim covenants section of the agreement.
• Updating disclosure schedules is good for sellers, because the more accurate their disclosure is at closing, the lower the risk of a post-closing indemnification claim.
• And, in principle, buyers also like disclosure schedules to be as accurate as possible before closing so that they can negotiate changes to the deal or even walk away if new and adverse facts are disclosed.
• But parties don’t often include the right to update the disclosure schedules because they can’t agree on:
  • How the updated disclosure affects the rest of the agreement; or
  • The scope of the permitted or required updates.
• When updates are not allowed, the parties are often taking the position that they’d rather not speculate on outcomes that aren’t certain when the agreement is signed. Instead they agree to deal with any issues as they arise.

Scope of Updates and Impact on the Acquisition Agreement

• Several areas of the acquisition agreement can be affected when parties allow updates to the disclosure schedules.
  • The first is the closing conditions.
    • An update to the disclosure schedules is essentially an amendment to the seller’s reps and warranties.
    • Most M&A agreements include a condition that the seller’s reps and warranties have to be true and correct or true and correct in all material respects as of the closing. So if something happens after the deal is signed that would make the seller’s reps and warranties incorrect at closing, the buyer doesn’t have to close.
    • But if disclosure schedule updates are allowed and the seller makes updates to reflect the new development, the buyer could be required to close even if the new disclosure materially amends the reps the seller made at signing.
  • This dynamic leads parties to think carefully about another aspect of the agreement, the buyer’s termination rights. For example:
    • Should the buyer have the right to terminate the acquisition agreement based on the new disclosure, especially when the buyer can no longer rely on the closing conditions to get out of the deal?
    • What if the new disclosure is minor and doesn’t materially change the deal?
  • A third issue the parties think about is the seller’s liability for a breach of the reps and warranties as they existed at signing. For example:
    • Does an update to the disclosure schedules cure that breach and relieve the seller from its indemnification obligations for any resulting damages?

Scope of Updates

• If the parties are able to agree on those issues, they’ll include a provision that typically lays out:
  • Whether the seller is required to update the schedules or if updates are simply permitted;
  • The scope of updates that can be made; and
  • How an update affects the rest of the agreement, like the closing conditions, termination rights, and indemnification provisions.
• Defining the parameters for updates can be tricky. The parties consider:
  • The type of rep or warranty;
  • When the new information arose; and
  • The materiality of the new disclosure.

Type of Rep or Warranty

• Buyers might be more willing to allow updates to affirmative, rather than negative, disclosures.
  • For example, both parties will want any new material contracts to be disclosed as part of the seller’s rep regarding material contracts.
    • The buyer would expect this kind of update, since the seller agrees to continue operating the business in the ordinary course between signing and closing.
  • But the buyer may be less willing to allow an update to a negative rep or warranty, like the “no liabilities” or “no litigation” reps.
    • In those cases, the underlying facts are more likely to have a negative impact on the value of the business.
    • And these types of updates usually relate to matters outside the ordinary course, so allowing them could expose the buyer to an unpredictable amount of additional risk.

When the New Info Arose

• The parties also may limit new disclosure based on when the underlying facts arose.
• A seller has a pretty compelling case for updating the disclosure schedules to include things that happen after signing.
  • But should they also be able to add facts that were known or that should have been known before signing?
  • What if those facts weren’t disclosed at signing because of an honest mistake or because the seller was genuinely unaware?
• On the other hand, if the seller is allowed to update the disclosure schedules with information that arose prior to signing, what’s preventing them from withholding material information at signing that would otherwise affect the deal?

Materiality

• The materiality of new information may also affect whether or not the seller can include it in a disclosure schedules update.
• Buyers are typically willing to allow updates relating to facts that arise in the ordinary course of business and that don’t affect the economics of the deal.
  • But they often want to prohibit updates for new circumstances that are financially or operationally material to the business.
  • Depending on how the buyer’s closing conditions and termination rights are drafted, the buyer could be forced to close despite the new material disclosure.

Rep and Warranty Insurance

• One other thing to consider is that if a deal has rep and warranty insurance, the policy is typically issued when the acquisition agreement is signed.
  • The coverage will not extend to newly disclosed facts unless the insurer expressly agrees to an extension of the policy.
  • So, if updates to the disclosure schedules are permitted or required, there may be a gap in the insurance coverage.

The rest of the video includes interviews with ABA M&A Committee members John F. Clifford from McMillan LLP and Ann Beth Stebbins from Skadden, Arps, Slate, Meagher & Flom LLP & Affiliates.

Download a copy of this summary here.

This article is related to a Showcase CLE program titled “AI Is Coming for You: The Practical and Ethical Implications of How Artificial Intelligence Is Changing the Practice of Law” that took place at the American Bar Association Business Law Section’s 2024 Spring Meeting. All Showcase CLE programs were recorded live and will be available for on-demand credit, free for Business Law Section members.

“This article highlights for busy board members and C-suite executives the dangers of not paying attention to Generative AI. The risk to publicly held companies from non-supervised implementation of Generative AI is significant. The authors make a solid case best practices are warranted to protect the corporation and the decision-makers.”—Kyung S. Lee, Shannon & Lee LLP, program co-chair

“Although at first glance this thoughtful article seems only tangentially related to the ethical use of Generative AI by lawyers, it actually provides an excellent framework for tackling the question of where, when, and how to use Generative AI capabilities inside the law firm or law department. Like their clients, a law firm or law department needs to consider many of the same issues. Does a potential use create a risk of data exposure? Could potential biases contained in underlying training data create biased outputs from the proposed application? How likely are “hallucinations,” and what damage can they cause? Suggested solutions for public company boards also apply to legal organizations. Education, bringing in experts, and creating systems and teams to vet uses all play their role in making sure legal teams use Generative AI responsibly. The article provides a useful roadmap to protecting legal organizations from the risks of Generative AI deployment.”—Warren Agin, program panelist

Introduction

Artificial intelligence is capturing the imagination of many in the business world, and one real-world message is unmistakable:

Any director or executive officer (CEO, CFO, CLO/GC, CTO, and others) of a publicly held company who ignores the risks, and fails to capitalize on the benefits, of Generative AI does so at his or her individual peril because of the risk of personal liability for failing to properly manage a prudent GenAI strategy.

Generative artificial intelligence, or GenAI,^[1] is a technological marvel that is quickly transforming our lives and revolutionizing the way we communicate, learn, and make personal and professional decisions. Due to GenAI-powered technology and smart devices, all industries—ranging from the healthcare, transportation, energy, legal, and financial services industries to the education, technology, and entertainment industries—are experiencing almost logarithmic improvements. The use cases for GenAI seem boundless, balancing the opportunity to improve society with the risks that make one worry about the devastation that can be caused by GenAI if it operates without meaningful regulation or guardrails. Nowhere is the risk more fraught than in a specific type of highly regulated organization that is accountable to a myriad of stakeholders: U.S. publicly held companies.

Insofar as publicly held companies can be both (i) consumers of GenAI technology and (ii) developers and suppliers of GenAI technology, there are countless use cases, scenarios, and applications for a publicly held company. Common ways in which GenAI is used include data analysis and insights, customer services and support, financial analysis and fraud detection, automation and quality control in production and operation management, and marketing and sales.

Even though the specific applications of GenAI within a publicly held company depend on that company’s industry, goals, and challenges, every board of directors and in-house legal team managing a publicly held company must be keenly attuned to the corporate and securities litigation risks posed by GenAI. Indeed, as GenAI technologies become increasingly important for corporate success, board oversight of GenAI risks and risk mitigation is vital, extending beyond traditional corporate governance. Any publicly held company that does not establish policies and procedures regarding its GenAI use is setting itself up for potential litigation by stockholders as well as vendors, customers, regulatory agencies, and other third parties.

This article focuses on the principle that GenAI policies and procedures at a publicly held company must come from its board of directors, which, in conjunction with the executive team, must take a proactive and informed approach to navigate the opportunities and risks associated with GenAI, consistent with the board’s fiduciary duties.

Legal Background: The Duty of Supervision

Corporate governance principles require directors to manage corporations consistent with their fiduciary duty to act in the best interest of shareholders. The board’s fiduciary duty is comprised of three specific obligations: the duty of care,^[2] the duty of loyalty,^[3] and the more recently established derivative of the duty of care, the duty of supervision or oversight.^[4]

The duty of supervision stems from the Caremark case, where the Delaware Court of Chancery expressed the view that the board has “a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate, exists, and that failure to do so under some circumstances may, in theory at least, render a director liable for losses caused by non-compliance with applicable legal standards.”^[5] The Caremark court later explained that liability for a “lack of good faith” depends on whether there was “a sustained or systematic failure of the board to exercise oversight — such as an utter failure to attempt to assure a reasonable information and reporting system exist . . . .”^[6] In Stone v. Ritter, the Delaware Supreme Court explicitly approved the Caremark duty of oversight standard, holding that director oversight liability is conditioned upon: “(a) the directors utterly failed to implement any reporting or information system or controls; or (b) having implemented such a system or controls, [the directors] consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention.”^[7]

Thus, the first prong of the duty of supervision requires the board of directors to assure itself “that the corporation’s information and reporting system is in concept and design adequate to assure the board that appropriate information will come to its attention in a timely manner as matter of ordinary operations.”^[8] If the board meets the standard in the first prong, the board can still violate the duty of supervision if it shows a “lack of good faith as evidenced by sustained or systematic failure of a director to exercise reasonable oversight.”^[9]

The principles in Caremark were clarified further in a securities derivative suit against Boeing Corporation. In that now-classic case, the Delaware Court of Chancery established an enhanced duty of supervision where the nature of a corporation’s business presents unique or extraordinary risk. In Boeing, the Court permitted a Caremark claim to proceed against Boeing’s board of directors amidst a former director’s acknowledgement of the board’s subpar oversight of safety measures. The Court found that safety was a “mission-critical” issue for an aircraft company, and any material deficiencies in oversight systems in a vital area justified enhanced scrutiny of a board’s oversight of them.^[10]

The Caremark duty of supervision was extended beyond the board level to executive management last year in a shareholder litigation against McDonald’s Corporation.^[11] In McDonald’s, the Delaware Court of Chancery adopted the reasoning of Caremark when extending the duty of oversight to the management team because executive officers function as agents who report to the board, with an obligation to “identify red flags, report upward, and address the [red flags] if they fall within the officer’s area of responsibility.”^[12]

Application of the Duty of Supervision in the Era of GenAI

Each new technology entering the corporate world stimulates a new round of corporate governance questions about whether and how the fiduciary duty of directors and executive officers of publicly held companies is transformed due to new business operations and the risks appurtenant to them. GenAI is no different. The nature of GenAI calls for immediate attention from the board of directors and the legal team at publicly held companies.

With the specters of privacy violations, AI “hallucinations” (where an AI model creates incorrect or misleading results), “deepfakes,” bias, lack of transparency, and difficulties in evaluating a “black box” decision-making process, many things can go wrong with the use of GenAI. Each of those things that can go wrong exposes a publicly held company to material risk. At this stage in the evolution of AI, there are certain categories of corporate, regulatory, and securities law risks that are most dangerous for public companies. Publicly held companies need to be especially mindful of public disclosures around AI usage; the impact of AI on their operations, competitive environment, and financial results; and whether AI strategy and usage is likely to have a material effect on overall financial performance and why.

Given the enormous benefits, opportunities, and risks emerging in the era of GenAI, the principles articulated in the Caremark line of cases are instructive for a board of directors and executive management of publicly held companies. Without question, the board of every publicly held company must implement reporting, information systems, and controls that govern the organization’s use of GenAI technology. The macro-implications of GenAI compel this conclusion, and the section below suggests specific practical takeaways and best practices.

When implementing GenAI-related systems and controls, the board and management team must contextualize the corporation’s use of AI so that the systems and controls align with the corporation’s business operations, financial goals, and shareholder interests. Publicly held companies that develop and sell GenAI products have different considerations and obligations than do companies that only use GenAI in their operations. When implementing these systems and controls, publicly held companies must be mindful of the fact that the duty of supervision equally applies to executive officers as well as to boards under the McDonald’s case. As the “conscience” of the organization, the legal team advising a publicly held company must consider day-to-day compliance tactics and measures in addition to adopting systems and controls at the board level that comply with the overarching principles of the duty of supervision.

Practical Takeaways and Best Practices

The following items are integral components of any public held company’s AI plan:

1. Baseline technological GenAI knowledge. Every board member and executive team member must have and maintain a working understanding of what GenAI is, its different iterations and how each works, and how the organization uses and benefits from GenAI.
2. Ongoing GenAI education. As GenAI technology or the organization’s use of it changes, board members and the executive team should continue to keep themselves informed on issues of significance or risk to the company through regularly scheduled updates.
3. Institutionalization of GenAI risk oversight. Publicly held companies should build a team of stakeholders from across the entire organization for GenAI oversight. That team must include individuals from business, legal, and technology departments—both high-level executives and operational experts—responsible for evaluating and mitigating GenAI-related risks.
4. Inclusion of AI experts in board composition. Publicly held companies must modify the composition of their boards to include members with expertise in AI, technology, and data science. The goal is to have well-rounded perspectives on AI-related matters. To meet the legal demands of GenAI supervision, boards should consider recruiting members with legal expertise in technology, data privacy, and AI regulations, as well as board members who are expert at identifying new technology risks.
5. AI committee. A publicly held company should establish an AI committee charged with additional oversight of GenAI risks and opportunities.
6. Adoption of written policies. The board and executive team must create a written framework for making policies and materiality determinations regarding public disclosure in the context of GenAI usage, reporting GenAI incidents with advice of counsel, and setting standards for professionals who oversee GenAI systems and controls.
7. Understanding of GenAI legal and regulatory compliance. The board and executive team must understand and stay apprised of AI-related legislation and regulations and oversee policies, systems, and controls to ensure that GenAI use complies with new legal requirements.
8. Ethical GenAI governance. The board and executive team should address ethical standards for GenAI usage, development, and deployment, including issues such as bias, transparency, and accountability.
9. SEC disclosure. Public companies must understand how Securities and Exchange Commission requirements affect GenAI and incorporate those requirements into their disclosure protocols. Boards must stay informed about regional and global variations in GenAI regulations and adapt corporate policies to ensure compliance with securities regulations and avoid legal pitfalls.
10. Performance monitoring: The board and the executive team should implement mechanisms to monitor the performance of any GenAI controls and to assess the impact on key performance indicators, as well as regularly review and adapt the company’s GenAI strategies based on other performance metrics.
11. Collaboration with legal counsel. Close collaboration between boards and legal counsel is essential to minimize GenAI risk. Legal experts should be integral to the decision-making process, providing guidance on compliance, risk management, and the development of legal strategies pertaining to GenAI.

Conclusion

Artificial intelligence, including GenAI, has the power to drive substantial change in our daily lives and in the ways that companies conduct business. With that power comes an emerging and significant risk that publicly held companies and their board members and executives—ever the target of shareholder litigation—must take seriously by implementing robust AI-focused policies, procedures, and risk-management initiatives.

1. Although earlier generations of artificial intelligence (and technology generally) can afford great benefits and pose material risks, this article focuses on Generative Artificial Intelligence, or GenAI, because of the unique challenges GenAI poses due to machine learning capabilities, training data biases and challenges, privacy issues, and the “black box” nature of the technology. ↑

2. Smith v. Van Gorkom, 488 A.2d 858, 872 (Del. 1985). ↑

3. Cede & Co. v. Technicolor, Inc., 634 A.2d 345, 361 (Del. 1993). ↑

4. In re Caremark Int’l Inc. Deriv. Litig., 698 A.2d 959, 970 (Del. Ch. 1996). ↑

5. Id. at 971. ↑

6. Id. (emphasis added). The second prong in Caremark often is characterized as “consciously disregarding ‘red flags.’” ↑

7. Stone v. Ritter, 911 A.2d 362, 370 (Del. 2006). ↑

8. Caremark at 970. ↑

9. Id. at 971. ↑

10. In re The Boeing Co. Derivative Litig., No. 2019-0907-MTZ, 2021 WL 4059934 (Del. Ch. Sept. 7, 2021). ↑

11. In re McDonald’s Corp. S’holder Derivative Litig., 289 A.3d 343 (Del. Ch. 2023) (“Although the duty of oversight applies equally to officers, its context-driven application will differ. Some officers, like the CEO, have a company-wide remit. Other officers have particular areas of responsibility, and the officer’s duty to make a good faith effort to establish an information system only applies within that area.”). ↑

12. Id. at 366. ↑

This article is related to a Showcase CLE program titled “Has a New Day Dawned? Practical Advice on the Legal Ethics and Regulatory Compliance Obligations of the Corporate Transparency Act and Amended ABA Model Rule 1.16” that took place at the American Bar Association Business Law Section’s 2024 Spring Meeting. All Showcase CLE programs were recorded live and will be available for on-demand credit, free for Business Law Section members.

The enactment of the Corporate Transparency Act (“CTA”) and the adoption of ABA Model Rule of Professional Conduct 1.16 have brought back into focus a lawyer’s ethical obligations of confidentiality under ABA Model Rule 1.6, the attorney-client privilege, and the ABA’s stated position that lawyers are not gatekeepers. Both the CTA and ABA Model Rule 1.16 were enacted or adopted to address “illicit finance,” especially money laundering and terrorist financing, though—as will be explained—Rule 1.16 applies more broadly. Both involve an element of due diligence by the lawyer: one—the CTA—involves an entity client’s obligation to identify (and report on a new federal database named the Beneficial Ownership Secure System, or “BOSS”) the beneficial owners of most entities, and the other—Rule 1.16, as amended—involves a lawyer’s ethical duties to inquire and assess, both at the outset of a representation and at unspecified times during a representation, whether the prospective client or client intends to use (or is using) the lawyer’s services to perpetuate a crime or fraud. Both the CTA and Rule 1.16 are certainly applicable to the business lawyer, though Rule 1.16 is not so limited, and in fact, the Rule may well apply to a litigator who falls victim to an online scammer.

The Corporate Transparency Act

Enacted in 2021, the CTA became effective as of January 1, 2024 (though nonexempt entities in existence as of the effective date need not comply with the CTA’s reporting requirements until December 31, 2024). The focus of the CTA, according to the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”), is to “make it harder for bad actors to hide or benefit from their ill-gotten gains through shell companies and other opaque ownership structures.”^[1] To accomplish this, information about “beneficial ownership” of nonexempt entities must be reported to the FinCEN BOSS database that will be accessible to federal and state law enforcement agencies. “Reporting companies” formed after January 1, 2024, have ninety days within which to input their information to BOSS, and those entities formed on or after January 1, 2025, will have thirty days after formation to file the same detailed report.

There are twenty-three categories of exempted entities that need not report beneficial ownership under the CTA. Those exemptions range from banks and credit unions to accounting firms and large operating companies. However, if the entity is a nonexempt corporation, limited liability company, or other entity created through filing a document with a secretary of state, the entity is a reporting company for which personal information about its beneficial owners must be input into the BOSS database. Beneficial owners are every individual who, directly or indirectly, either exercises “substantial control” over the reporting company or owns or controls at least 25 percent of the ownership interests of a reporting company.

Many, if not most, clients will feel the required information is intrusive because it includes the beneficial owner’s date of birth, residential address, and a copy of a valid driver’s license or passport. Further, reporting companies must file an updated report when there is a change to a beneficial owner’s information (e.g., a move to a new residence, a name change resulting from a marriage or divorce, a new passport number). There is a limited workaround to the beneficial owner’s obligation to report that personal information to the reporting company, known as a “FinCEN Identifier,” but all of these issues are complicated, and there are still questions surrounding how one is to file and who is a “company applicant.”

At the same time, failure to comply with the CTA has significant ramifications, including fines and the possibility of jail time. Several business lawyers have suggested that their business clients consider appointing a “CTA Compliance Officer” who is entrusted to oversee the information collection and report submission role, which may require board resolutions or amendments to the company’s formation documents.

ABA Model Rule 1.16

The amendment to ABA Model Rule 1.16 was likewise adopted with the intent of combatting money laundering and terrorist financing, though the ABA did not so limit the breadth of the Rule. The formal Revised ABA Report for Resolution 100 accompanying the proposed rule change stated:

This Resolution constitutes another piece of the ABA’s longstanding and ongoing efforts to help lawyers detect and prevent becoming involved in a client’s unlawful activities and corruption[.] . . . The proposed amendments will help lawyers avoid entanglement in criminal, fraudulent, or other unlawful behavior by a client, including tax fraud, mortgage fraud, concealment from disclosure of assets in dissolution or bankruptcy proceedings, human trafficking and other human rights violations, violations of U.S. foreign policy sanctions and export controls, and other U.S. national security violations.^[2]

The Report asserted that amended Rule 1.16 would not impose new ethical obligations on lawyers with respect to conducting client due diligence; however, even if that were the case, the obligation is now part of the Black Letter ABA Model Rule 1.16. Rule 1.16, as amended, provides that lawyers have an obligation to “inquire into and assess the facts and circumstances of each representation to determine whether the lawyer may accept or continue the representation.”^[3] Furthermore, if “the client or prospective client seeks to use or persists in using the lawyer’s services to commit or further a crime or fraud, despite the lawyer’s discussion pursuant to Rules 1.2(d) and 1.4(a)(5) regarding the limitations on the lawyer assisting with the proposed conduct,” then the lawyer must decline the representation or, if the representation has already commenced, the lawyer must withdraw from the representation.^[4]

Importantly, the inquiry or assessment required by Rule 1.16 is a fact-specific risk-based analysis. As new Comment 2 to Rule 1.16 explains:

Under paragraph (a)(4), the lawyer’s inquiry into and assessment of the facts and circumstances will be informed by the risk that the client or prospective client seeks to use or persists in using the lawyer’s services to commit or further a crime or fraud. This analysis means that the required level of a lawyer’s inquiry and assessment will vary for each client or prospective client, depending on the nature of the risk posed by each situation.

The depth of required due diligence remains unclear, although a list of five nonexclusive factors have been added to the Comments. These five factors provide a rough guide to lawyers on what to inquire upon and how deeply to do so, and they include:

1. the identity of the client, including the beneficial owners of the client if it is an entity;
2. the lawyer’s “experience and familiarity with the client”;
3. the “nature of the requested legal services”;
4. the “relevant jurisdictions involved in the representation” and, specifically, “whether a jurisdiction is considered at high risk for money laundering or terrorist financing”; and
5. the “identities of those depositing into or receiving funds from the lawyer’s client trust account, or any other accounts in which client funds are held.”

In addition to these factors, new Comments to Rule 1.16 identify a number of documents to assist lawyers in “assessing risk,” including the Financial Action Task Force (“FATF”) Guidance for a Risk-Based Approach for Legal Professionals, the Organization for Economic Cooperation and Development (“OECD”) Due Diligence Guidance for Responsible Business Conduct, the U.S. Department of the Treasury’s Specially Designated Nationals and Blocked Persons List, and ABA publications on the topic.

At least for now, the lawyer is not obligated to disclose any information that the lawyer comes to learn as a result of the inquiry or assessment and, indeed, under ABA Model Rules 1.6 and 1.18, depending on the circumstances, the lawyer may be prohibited from making that disclosure. Finally, it remains unclear at present what “triggers” a lawyer’s obligation to undertake an inquiry or assessment after the representation has begun. Does the duty arise when the lawyer “knows,” as that term is defined by Rule 1.0(f), that the client is using the lawyer’s services to commit a crime or fraud? What does Rule 1.0(f)’s “actual knowledge of the fact in question,” which “may be inferred from circumstances,” mean in this context?

Conclusion

These new (or highlighted) obligations present practical issues for lawyers. What information may the lawyer need to collect if the lawyer is asked to assist a client in its obligation to comply with the CTA—and, whether or not so requested, what (or how) should the lawyer communicate to the client about these obligations? What possible traps for business clients and the lawyers who represent them does the CTA present, and how can the risks of those traps be mitigated? What resources are available and appropriate to conduct client due diligence? What triggers the obligation to conduct due diligence after a representation has begun? While Rule 1.16 certainly applies to the transactional lawyer, does it apply to litigators as well? And what does the future hold for the lawyer’s duty of confidentiality and the attorney-client privilege given the momentum evidenced by the CTA and ABA Model Rule 1.16? These and other issues will be addressed in the CLE panel discussion connected to this article at the American Bar Association Business Law Section’s 2024 Spring Meeting.

1. FinCEN Beneficial Ownership Information Reporting FAQ A.2., issued Sept. 18, 2023. ↑

2. ABA Standing Committee on Ethics and Professional Responsibility and Standing Committee on Professional Regulation Revised Report to the House of Delegates for Resolution 100 (2023), at 1 and 2. ↑

3. See ABA Model Rule 1.16(a). ↑

4. See Rule 1.16(a)(4). ↑

Macroeconomic factors and market indicators point to a rebound in M&A activity in 2024. An increase in deals necessarily affects many directors and officers (D&O) insurance policies in ways that could lead to future coverage disputes, as policy provisions addressing changes in control take effect and so-called tail policies are implemented. At the same time, federal and state regulators continue to put pressure on companies and their directors and officers, whether through increased regulatory requirements—like the recent amendments to Form PF adopted by the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC), impacting how large hedge fund advisers report investment exposures—or through heightened enforcement associated with developments like the SEC’s new cybersecurity disclosure rules and growing crypto assets and cyber unit. These and other circumstances heighten the risk of both M&A and regulatory exposures that may implicate coverage under D&O and management liability policies.

Last month, a California federal judge held that a D&O liability insurer must advance subpoena-related defense costs on behalf of two former biotech directors and officers after the insurer could not provide conclusive evidence that the subpoenas alleged actual wrongdoing by the individuals after the company’s merger, as required to trigger the policy’s “Change in Control” exclusion.^[1] The decision highlights the interplay of two significant D&O coverage issues—government investigations and M&A transactions—and underscores why policyholders must pay close attention to how their liability insurance policies may by impacted by a merger, acquisition, asset sale, or similar deal.

Background

In 2020, KBL Merger Corp. IV (KBL) purchased primary and excess D&O policies with $5 million in limits. Later that year, KBL changed its name to 180 Life in a merger that involved the resignation of its CEO and all directors. Following the merger, the SEC opened an investigation and issued subpoenas to KBL’s former CEO and a former director. 180 Life demanded coverage for the expenses it advanced to the former director and officer in connection with the subpoenas. The primary insurer filed a declaratory action asserting that 180 Life was not an insured under the policy issued to KBL (the pre-merger entity) and, in any event, that the subpoena-related expenses were subject to the policy’s “Change in Control” exclusion.

The parties disagreed over whether the policy’s advancement clause was triggered when there were “potentially covered” claims or whether the duty to advance defense costs was limited to “actually covered” claims. After consideration of the policy language and relevant case law, the court found that the advancement clause required the insurers to advance defense costs for potentially covered claims, consistent with California law. The court then turned to whether coverage for the SEC subpoenas was barred by the application of the Change in Control exclusion, which turns on when the alleged wrongful acts are alleged to have been committed or attempted.

The Change in Control Exclusion

The Change in Control exclusion barred coverage for claims “alleging in whole or in part any Wrongful Acts committed, attempted or allegedly committed or attempted” by the individual insureds after the merger. The court first noted that an insurer that wishes to rely on an exclusion has the burden of proving, through “conclusive evidence,” that the exclusion “applies in all possible worlds.” As applied in the context of the Change in Control exclusion, the insurers needed to show that the subpoenas alleged post-merger wrongful acts by the insureds.

That showing, the court acknowledged, was difficult to make in the context of a subpoena, which merely requests documents, compared to a civil complaint containing specific allegations of wrongdoing.

The insurers emphasized that the SEC subpoenas requested documents relating to both pre-merger and post-merger time periods and urged the court to infer from those requests that the subpoenas allege both pre-merger and post-merger wrongful acts. The court declined to make that “logical leap” and ultimately concluded that the insurers failed to meet the high burden of conclusively showing that the Change in Control exclusion applied. The court recognized, however, that the insurers may be able to make this showing at a later date. If so, they will be able to recoup any advanced defense costs that turn out not to be covered.

Takeaways

Time and time again, insurers argue that government subpoenas are not covered under D&O policies because they do not allege any wrongful acts by insureds and, as a result, cannot trigger insuring agreements requiring that demands for documents be “for Wrongful Acts.” Here, where it supported a complete disclaimer, the insurers took the opposite position that the subpoenas alleged wrongful acts simply because the document requests related to post-merger time periods. The court correctly applied the high burden required for insurers to deny coverage based on exclusions where it determined that the subpoenas did not allege wrongful acts—they only requested documents.

More broadly, the context in which this dispute arose—a government investigation following a merger—also highlights the importance of coordinating coverage in the context of M&A deals. This includes not only carefully examining the scope of exclusions that may defeat coverage for claims that only allege in part conduct during the excluded time period, but also reviewing liability policies covering directors and officers before and after closing to ensure continuity of coverage and avoid unexpected gaps in coverage.

All companies, whether currently contemplating a transaction or not, need to understand how their D&O policies account for changes in control. Legacy D&O policies typically provide going-forward coverage in the event of a sale, and imprecise policy wording or overbroad exclusions may result in finger-pointing and coverage gaps if left unaccounted for. Working closely with insurance brokers, consultants, and outside coverage counsel can help identify these issues, work towards mitigating deal-related risks, and minimize surprises if a D&O claim arises after closing.

1. See AmTrust Int’l Underwriters DAC v. 180 Life Scis. Corp., No. 22-CV-03844-BLF, 2024 WL 557724 (N.D. Cal. Feb. 12, 2024). ↑