There are many reasons for forming a corporation or an LLC rather than conducting business without a legal entity. Avoiding personal liability tops the list.
But these protections have limits under Delaware (DE) law. Owners, officers, and directors can be sued and personally liable across a range of scenarios.
There are five categories of mistakes owners, officers, and directors should avoid - whether as directors of publicly traded companies, small business owners, or startup founders.
Alter Ego/Piercing the Corporate Veil
Self-Dealing/Duty of Loyalty
Knowing Violations of Law/Duty of Good Faith
Compliance Failures/Duty of Oversight
Disclosure Claims/Duty of Candor
Alter Ego Theory/Piercing the Corporate Veil
Alter ego theory is a doctrine for holding individuals liable for the debts or liabilities of a company - also called "piercing the corporate veil."
It is generally invoked against dominant owners, whether of an LLC or a corporation.
Particularly when a plaintiff (the person suing) finds it necessary or advisable to hold the owner(s) personally liable. This might be because the claims are large, the company appears insolvent, or the plaintiff believes the owners already have or might soon loot the company's cash.
To seek direct liability against a business owner under DE law, the plaintiff needs to prove (i) a "unity of interest and ownership" between the business and its owners, meaning the business is essentially treated as the owner's personal entity, and (ii) that piercing the "corporate veil" is necessary to prevent an inequitable outcome.
And that's why the term "alter ego" is used. Alter ego is Latin for "other I," meaning alternate self.
Relevant factors for imposing personal liability under alter ego theory include:
Commingling of personal and corporate funds, aka treating the company as one's piggy bank
Failure to maintain proper corporate records or hold meetings
Using corporate assets for personal use
No clear separation between the individual and the company's operations
Lack of adequate capitalization
To avoid personal liability, owners, including LLC members and corporate shareholders/founders, should:
Formally assign/transfer all assets related to the business to the business and only acquire business assets with business funds.
Maintain a business bank account and be sure to pay all business expenses from it and deposit all company revenues and other payments into that account.
Never comingle company and personal funds, including by withdrawing company cash for personal uses or paying for personal expenses outside of an established expense reimbursement policy and systems for documenting expenses.
Observe all LLC or corporate formalities required for the entity type, including keeping the entity in good standing by filing any necessary annual reports, fees and/or taxes.
LLC owners and managers should abide by all terms of the company's operating agreement. Absent an operating agreement, the owner(s) should assume state default rules apply and abide by them.
Ensure that (i) shareholders vote on things requiring their approval, (ii) the board votes on all things requiring board approval, and (iii) officers always conduct business clearly as business representatives by signing contracts and other documents in the company's name, using appropriate officer titles.
Do not "steal corporate opportunities." This is discussed again in connection with "self-dealing," but business owners, officers, and directors should not take personal advantage of opportunities appropriate for the business.
In general, failing to provide sufficient capital to a business is a weak basis for piercing the corporate veil. Other listed factors generally have to be present. But evidence of intent to thwart or defraud creditors or other claimants through asset shifting schemes could be sufficient on its own.
A possibly risky pattern is for startup founders to informally cover startup expenses or periodically deposit funds into the startup's bank account to cover expenses.
The better approach is to document founder loans to the company. Loan docs can even provide for periodic draws by the company or additional advances by the founder.
Self-Dealing/The Duty of Loyalty
This discussion is DE law-centric. Outcomes in other jurisdictions might vary. But it would be reasonable to expect roughly similar results for similar conduct, as other states often consider DE law authoritative.
Fiduciary Duties Overview
Corporate officers and directors are fiduciaries, owing duties of care and loyalty.
The duty of care requires the care a reasonably prudent person in like position would reasonably believe appropriate under the circumstances.
The duty of loyalty requires discharging duties in good faith and with the reasonable belief that actions taken are in the best interests of the corporation and its shareholders.
Self-interested acts are the opposite of acts in the best interests of the corporation and its shareholders - they violate the duty of loyalty.
Under Delaware law, the duty of loyalty has a subsidiary duty of good faith.
Under the duty of good faith, there is a duty of oversight and a duty of candor/disclosure.
It may be helpful to read the terms "good faith" and "loyalty" mostly interchangeably. All breaches of the duty of loyalty are also breaches of the duty of good faith, and many breaches of the duty of good faith also breach the duty of loyalty, particularly those involving self-interested acts.
Only Duty of Care Violations are Exculpable
Duty of loyalty breaches, including breaches of the duties of good faith, oversight, or disclosure, can subject an officer or director to shareholder suit and personal liability.
This is because directors and officers can be exculpated (shielded) from and indemnified (compensated/reimbursed) for breaches of the duty of care, but not for breaches of the duty of loyalty.
Under modern corporate law, the vast majority of directors are shielded from personal liability for breaches of the duty of care under exculpation clauses in their corporations' certificate/articles of incorporation.
Here's a standard exculpation clause:
The liability of the directors and officers for monetary damages for breach of fiduciary duty as a director shall be eliminated to the fullest extent under applicable law.
Rights to exculpation were deemed necessary to encourage individuals to serve as officers and directors by shielding them from litigation second-guessing their business judgment, particularly when risks taken in business turn out bad.
Note the words "to the fullest extent under applicable law."
Applicable law here is Section 102(b)(7) of the Delaware General Corporation Law (DGCL), which says in part:
"A provision eliminating or limiting the personal liability of a director or officer to the corporation or its stockholders for monetary damages for breach of fiduciary duty as a director or officer, provided that such provision shall not eliminate or limit the liability of:
(i) A director or officer for any breach of the director’s or officer’s duty of loyalty to the corporation or its stockholders;"
Pro Tip: Note, on August 1, 2022, the GGCL was amended to allow for the inclusion of "officers" in exculpation clauses. Consider amending certificates of incorporation currently only protecting directors to extend exculpation to officers.
Here's a good article on that topic: Recent Developments in Delaware Officer Exculpation Charter Amendments
No Indemnification for Duty of Loyalty Breaches
Similarly, companies can provide indemnification to officers and directors, but not for breaches of the duty of loyalty or its subsidiary duties.
Here's a standard indemnification clause like those found in most certificates of incorporation:
To the fullest extent permitted by applicable law, the corporation is authorized to provide indemnification of (and advancement of expenses to) directors, officers and agents of the corporation (and any other persons to which applicable law permits the Company to provide indemnification) through Bylaw provisions, agreements with such agents or other persons, vote of stockholders or disinterested directors or otherwise in excess of the indemnification and advancement otherwise permitted by such applicable law....
Note again the phrase "permitted by applicable law."
Applicable law here is DGCL Section 145, limiting indemnification to circumstances where:
"... the person acted in good faith and in a manner the person reasonably believed to be in or not opposed to the best interests of the corporation."
The prohibition against indemnifying for breaches of the duty of loyalty also applies to contractual indemnification rights and obligations.
Pro Tip: Rights to indemnification are only as good as the company's D&O insurance coverage or its bank account.
Additionally, D&O insurance typically does not cover breaches of the duty of loyalty, as most policies exclude coverage for actions considered fraudulent, dishonest, or intentional misrepresentations, which would include a deliberate breach of good faith.
The Business Judgement Rule
Under most circumstances, it is not difficult for boards to meet their duty of care obligations. In making decisions, a board simply needs to (i) reasonably inform itself, (ii) observe reasonable processes, and (iii) act in good faith in the best interests of the corporation.
These are the elements of what is called the "Business Judgement Rule."
One of the more momentous recent cases for VCs, In re Trados Inc. Shareholder Litigation, said the BJR presumes "in making a business decision the directors of a corporation acted on an informed basis, in good faith and in the honest belief that the action taken was in the best interests of the company."
The Trados court went on to say that, unless one of these listed elements is rebutted, "the court merely looks to see whether the business decision made was rational in the sense of being one logical approach to advancing the corporation's objectives."
So most garden-variety board acts and decisions by an informed, well-run board do not raise concerns.
Acts involving actual or potential "self-dealing" or "conflicts of interest," on the other hand, warrant careful scrutiny and special processes to assure independence in making the decision.
Examples of Self-Dealing/Conflicts. The following are some examples of self-dealing or conflicts of interest that should either be avoided or firewalled off by processes involving special committees, recusals of conflicted directors, fairness opinions, shareholder approvals based on disclosure of all conflicts, and other procedural guardrails exceeding the scope of this article:
An officer or director taking a corporate opportunity from the company, like buying a building the company was interested in and offering to lease it to the company.
An officer or director causing or allowing the company to enter into a contract with a business they own or control without proper disclosure and approval.
Providing or approving preferential deals to entities controlled by directors, officers, or their associates.
A director or officer failing to disclose material conflicts of interest or otherwise misleading the board about a personal interest in a transaction.
Loans to directors or officers on terms not favorable to the company or without proper approval.
Using company resources (e.g., money, property, or confidential information) for personal gain.
Starting a business that competes with the company without disclosing the conflict.
Financings and M&A transactions are among the types of transactions that often pose conflicts of interest, some obvious and some not.
Safely navigating such transactions often requires creating special committees of truly independent directors to review and approve them.
And as Elon Musk has learned, it is easier to challenge a director's independence than one might expect. The DE Court of Chancery held in 2024 that the directors who approved Musk's pay package lacked independence because of how much they had benefited from their relationship with him.
Violations of Law/The Duty of Good Faith
Causing a company to engage in violations of law violates the duty of good faith.
A series of suits and criminal proceedings against Massey Energy and its Ds&Os highlights this risk. Massey Energy’s directors and officers were found to have been aware of and failed to correct persistent safety violations in the company’s mines, leading to a 2010 mine disaster that killed 29 miners.
A settlement of $210 million was distributed among various parties including the affected miners and their families.
In addition to his civil liability, the former CEO of Massey Energy paid a $250,000 fine and served a year in prison for conspiring to violate mine safety standards.
Tensions Between Innovation and Regulation
Success in business often requires operating in gray areas, including sometimes in areas where reasonable persons see gray, but regulators correctly or incorrectly see black and white.
The inability of regulators and regulations to keep pace with beneficial innovation is an age-old quandary. If Uber didn't blatantly violate taxi regulations across innumerable localities for several years, we'd all still be suffering under a patently inferior transportation paradigm.
Those operating in gray areas and pushing regulatory boundaries for the greater good need to lawyer up. They may also need to acknowledge the potential for personal liability and protect against that to the maximum extent possible through combinations of insurance and asset protection strategies.
Companies and industry associations can also work toward regulatory reform through targeted litigation and participation in legislative processes to reduce risks of personal liability under antiquated or misguided laws.
Compliance Failures/The Duty of Oversight
The duty of oversight goes beyond the more obvious duty prohibiting willful violations of law.
Under this duty, directors and officers are not just personally liable for causing or encouraging violations, but for failing to establish appropriate compliance safeguards to prevent them.
The 1996 Delaware Court of Chancery case In re Caremark International Inc. Derivative Litigation set the bar for such claims.
Caremark’s directors allowed kickbacks and illegal payments to go undetected, resulting in the company facing significant fines.
Caremark stands for the proposition that directors can be held liable for failing to implement a system of controls to detect and prevent corporate legal violations.
Claims of this type are often referred to as "Caremark claims" and the case is credited with establishing these “Caremark duties":
Implement reporting systems: Directors and officers must implement systems to report on key corporate actions
Monitor and oversee operations: Directors and officers must monitor and oversee operations to ensure they are aware of risks and problems
Report red flags: Officers must report red flags that suggest improper oversight
Other cases involving inadequate compliance systems and processes include:
Rich v. Chong (2013), Delaware Court of Chancery
Key Holding: Directors may breach their duty of good faith by allowing false financial reporting and failing to address illegal conduct.
Relevant Breach: The board of China Agritech was found liable for failing to investigate and correct accounting fraud. The directors ignored red flags and allowed false financial reports to be filed with the SEC.
Marchand v. Barnhill (2019), Delaware Supreme Court
Key Holding: Directors can be held liable for failing to oversee and monitor “mission-critical” regulatory risks, particularly in heavily regulated industries.
Relevant Breach: Blue Bell Creameries faced a deadly listeria outbreak, and the board was found liable for failing to implement any food safety oversight mechanisms, despite being in the highly regulated food industry. The court held that food safety was a mission-critical risk that required active monitoring by the board.
This case marked a shift in Delaware law, emphasizing that directors must actively monitor compliance with legal and regulatory requirements that are critical to the company's operations.
In re Clovis Oncology, Inc. Derivative Litigation (2019), Delaware Court of Chancery
Key Holding: Directors can be liable for failing to monitor compliance with critical regulatory requirements.
Relevant Breach: Clovis Oncology’s board failed to ensure compliance with FDA regulations during a clinical trial for a cancer drug. The board ignored red flags about data integrity issues and misleading public statements about the drug’s progress.
The court emphasized that directors in highly regulated industries have a heightened duty to oversee legal compliance.
City of Birmingham Ret. & Relief Sys. v. Good (2022), Delaware Court of Chancery
Key Holding: Directors can be held liable if they fail to respond to red flags about legal violations and ignore their oversight duties.
Relevant Breach: The board of Pluralsight, Inc. allegedly ignored red flags about violations of securities laws, including misleading earnings guidance and revenue manipulation.
Duty of Candor/Disclosure
The In Re Wayport Inc. Litigation plaintiffs contended defendants owed them fiduciary duties that included a duty to disclose material information when they purchased plaintiffs' shares.
The court agreed, saying "directors of Delaware corporations are under a fiduciary duty to disclose fully and fairly all material information within the board's control when it seeks shareholder action."
Governing principles around the duty of candor, aka the duty of disclosure, have evolved around several recurring scenarios:
Stockholder ratification of a transaction triggers a duty to disclose all facts material to the stockholders' consideration of the transaction.
A request for stockholder action or investment decision, such as a merger, can subject directors to liability for damages where there is proof of (i) a culpable state of mind, (ii) reliance by the stockholders on information not disclosed, and (iii) damages proximately caused by disclosure failure.
Public statements made to the market, statements informing shareholders about the affairs of the corporation, or public SEC filings.
Share purchases (not via public market) by a corporate fiduciary.
Securities lawyers will note striking similarities between these candor/disclosure duties and state and federal securities laws.
Summary
Creating an entity is just the first step toward avoiding personal liability. Adhering to corporate governance best practices, properly managing conflicts of interest, staying on the right side of the law, and following good legal and regulatory advice are also necessary.
Here are some specifics:
Avoid alter ego exposure by maintaining good "corporate hygiene," especially by keeping company funds and personal funds separate and obtaining appropriate board and shareholder approvals.
Avoid self-dealing and seek legal guidance for any decisions or transactions involving even minor conflicts of interest, such as approving new and significant compensation programs.
Involve counsel in all major transactions, particularly financings and M&A deals.
Avoid knowingly or negligently violating laws and regulations.
In gray areas, seek thoughtful guidance from experienced counsel. You might find counsel who believes in good faith that laws or regulations thwarting your business initiatives are being misinterpreted and/or vulnerable to a successful challenge. Challenging arbitrary, overbroad, and overreaching regulations became easier in 2024, when the U.S. Supreme Court overturned the Chevron Doctrine in the Loper Bright Enterprises case.
Do not operate in highly regulated areas without first developing appropriate regulatory processes and systems managed by persons competent to implement them.
Those operating in regulatory gray areas might also consider taking appropriate steps to protect their assets from third-party claims.
And again, D&O insurance isn't perfect, but don't let the perfect be the death of the good.
Paul Swegle, editor of the StartupGC Blog, serves as in-house chief legal officer/general counsel to numerous tech companies and has advised countless others. He has completed $18+ billion of financings and M&A deals, including growing and selling startups to public companies ING, Capital One, Nortek, and Abbott. Paul teaches entrepreneurship law at Gonzaga Law and Seattle University School of Law and speaks regularly at other top law schools and MBA schools where his popular business law books are widely used in courses focused on entrepreneurship and business law.
Comments