Ever increasing risks for directors and managers

Parliament is increasingly interested in imposing personal responsibility on directors and senior managers for ensuring that their entities comply with their legal obligations.

This trend started with the Health and Safety At Work Act 2015 under which directors are required to exercise due diligence to ensure that certain H&S requirements are met and that trend will continue this year with a raft of new changes to credit laws, climate-related disclosures and proposed changes to the obligations of directors of deposit takers. This increase in director obligations may stray beyond the health and safety and financial sector in coming years as personal liability becomes a common theme for Parliament to consider in proposing new legislation.

Proposed criminal sanctions for climate-related disclosure breaches by directors

As discussed on page 19, the Financial Sector (Climate-related Disclosures and Other Matters) Amendment Bill 2021 will, if passed, introduce a new requirement that would criminalise directors’ conduct where an entity knowingly fails to comply with a climate reporting requirement. Under this proposed provision, a director of a climate reporting entity commits an offence if any of the following statements fail to comply with an applicable climate standard, and the director knows they fail to comply when those are lodged:

  • the climate statements of the entity prepared under section 461W;
  • group climate statements in relation to a group comprising the entity and its subsidiaries prepared under section 461X;
  • the climate statements or group climate statements prepared by the entity under section 461Y; or
  • in the case of a manager of a registered scheme, the climate statements for any separate fund or for the scheme prepared under section 461Z.

A director who commits an offence under this proposed provision would be liable on conviction, in the case of an individual, to imprisonment for a term not exceeding five years, a fine not exceeding $500,000, or both; and in any other case, to a fine not exceeding $2.5 million.

Proposed new duties for directors of deposit takers

The Reserve Bank of New Zealand has been conducting a review of the Reserve Bank Act (2017 Review) which considered whether executive accountability should be increased. A new Deposit Takers Act has been proposed, which will amongst other things impose a new duty on directors to ensure there are adequate systems, processes and policies in place so that the deposit taker complies with its prudential requirements and obligations. Whether the new Act should impose duties on senior managers was considered, however, it was ultimately decided that this would create an unduly intrusive supervisory model.

Unlike the current attestation regime which relies on an individual reporting where they believe the bank systems are non-compliant, the new Act will impose a positive duty on directors to ensure there are adequate systems, processes and policies in place so that the deposit taker complies with its prudential requirements and obligations. These duties would be applied through a ‘positive accountability framework’ where directors are required to take certain actions separate from the regulated entity, such as ‘reasonable steps’ to ensure the entity is run in a prudent manner.

A defence for a breach of this duty is available where a director can show they took reasonable steps to meet their obligations. However, directors would be permitted to take out personal insurance against penalties for such breaches.

The new due diligence duty under the Credit Contracts and Consumer Finance Act (CCCFA)

The CCLAA introduces a new duty for directors and senior managers regarding compliance with the CCCFA. The aim of this change is to oblige and incentivise individual corporate officers to drive a culture of compliance with the CCCFA from the top down.

From 1 December 2021, every director and senior manager of a lender under a consumer credit contract (CCC) must exercise due diligence to ensure that the lender complies with its duties and obligations under the CCCFA. This duty will apply to obligations owed under contracts entered into on, or after, 1 December 2021 and may apply to contracts entered before 1 December 2021 where there are ongoing obligations under those contracts such as ongoing disclosure obligations.

This is an entirely new legal obligation and represents a substantial change to the law. It is also a personal obligation, meaning directors and senior managers will face personal liability for breaches.

What does the due diligence duty entail?

The exact parameters of the duty will vary from case to case. The test is an objective one. Broadly speaking, directors and senior managers must ensure the lender:

  • has systems and procedures in place to ensure compliance with the CCCFA;
  • requires its employees and agents to follow those procedures or ensures that the business has automated procedures in place that are designed to do that;
  • undertakes reasonable checks on whether the procedures do what they are meant to and whether they are being used correctly;
  • has methods in place to systematically identify problems with the effectiveness of its procedures; and
  • promptly fixes any problems it discovers.

Importantly, directors and senior managers will not necessarily be found to have breached their due diligence duty just because the lender breaches the CCCFA. Directors and senior managers are likely to satisfy the duty by requiring management to undertake key tasks (to fulfil legislative and regulatory obligations), setting the approach to resource allocation and prioritisation, and driving a culture of compliance.

The duty also requires directors and senior managers to take prompt action where the lender has identified failures within systems and procedures. This may include setting clear requirements for reporting and timeframes for addressing and remediating non-compliance; ensuring the lender has a procedure in place to ensure that reporting is prompt and accurate; and ensuring the lender has appropriate systems to promptly remedy the deficiency and remediate affected customers.

If there is a breach of the due diligence duty, the court can order payment of pecuniary penalties of up to $200,000. If, in addition to the breach of duty, the lender has breached the CCCFA, the relevant director or senior manager may face joint or several liability for statutory damages and compensation with the lender.

Directors and senior managers may not obtain indemnification from a body corporate or use insurance to indemnify themselves against penalties under the CCCFA or costs involved with defending civil proceedings in which penalties are imposed. Insurance can, however, be used to cover payment of statutory damages.

What does this mean?

Given the trend here, we anticipate that whenever new legislation is proposed that drafters will consider whether any personal liability should fall on directors, officers and senior managers. If this trend continues it could put undue pressure on finding qualified directors who are willing to take on the risks. As such, a balance should be struck with defences available for directors where reasonable steps to comply have been demonstrated.

The key question directors and senior managers should be asking themselves is: Have I exercised the care, diligence and skill that a reasonable director or senior manager of a lender of the type and size of my business and with my role and responsibilities would have exercised?

Read MinterEllisonRuddWatts' Litigation Forecast

Who can help