Caremark and Enterprise Risk Management

By Bainbridge, Stephen M. | Journal of Corporation Law, Summer 2009 | Go to article overview
Save to active project

Caremark and Enterprise Risk Management


Bainbridge, Stephen M., Journal of Corporation Law


  I. INTRODUCTION
 II. ENTERPRISE RISK MANAGEMENT
     A. Overview
     B. Risk Management and the Financial Crisis of 2008-2009
III. CAREMARK AND PROGENY
 IV. DO ENTERPRISE RISK MANAGEMENT AND LAW COMPLIANCE DIFFER IN KIND?
  V. THE SIGNIFICANT DIFFERENCES IN DEGREE
     A. Risk Management is Still Evolving
     B. The Benefits of Risk Management Programs are Inherently Less
        Certain
     C. Risk Management and Risk Taking are Inextricably Intermingled
 VI. TWEAKING CAREMARK
     A. An Utter Failure to Adopt Risk Management Programs
     B. Risk Management Red Flags
VII. CONCLUSION

I. INTRODUCTION

Enterprise risk management is the process by which the board of directors and executives of a corporation define the firm's strategies and objectives so as "to strike an optimal balance between growth and return goals and related risks." (1) It encompasses determining an appetite for risk consistent with the interests of the firm's equity owners and identifying, preparing for, and responding to risks. (2) Although primary responsibility for risk management rests with the corporation's top management team, the board of directors is responsible for ensuring that the corporation has established appropriate risk management programs and for overseeing management's implementation of such programs. (3)

The financial crisis of 2008 revealed serious risk management failures on an almost systemic basis throughout the business community. (4) Shareholder losses attributable to absent or poorly implemented risk management programs likely are enormous. (5) Will shareholders be able to recoup some of those losses by suing boards of directors of companies with lax risk management programs?

Shareholder suits bringing such claims principally implicate the analysis of oversight failures by the board of directors, as established by the Caremak (6) decision and its progeny. (7) Caremark held that the board of directors has a duty to ensure that appropriate "information and reporting systems" are in place to provide the board and top management with "timely, accurate information." (8) Although post-Caremark opinions and commentary have focused on law compliance programs, (9) the original Caremark decision contemplated a similar duty with respect to the corporation's "business performance." (10)

There is no doctrinal reason that Caremark claims should not lie in cases in which the corporation suffered losses, not due to a failure to comply with applicable laws, but rather due to lax risk management. (11) Likewise, there is no basis in the underlying policy concerns for limiting Caremark to cases involving lax law compliance. Risk management and law compliance differ only in degree and not in kind. (12) Even so, some of those differences matter. Accordingly, courts need to develop a modified regime for deciding Caremark claims that do not involve law compliance issues. This Article concludes by outlining the relevant considerations.

II. ENTERPRISE RISK MANAGEMENT

A. Overview

Enterprise risk management is the process by which a business organization anticipates, prevents, and responds to uncertainties associated with the organization's strategic objectives. (13) Put another way, risk management is the process by which business organizations proactively determine the types and levels of risk appropriate for achieving the organization's strategic goals. (14) In recent decades, increasing attention has been paid to the evolving standards of enterprise risk management "as financial theory has advanced, new technology has made modeling of risks more feasible, and innovation has helped to find better ways to mitigate risk." (15)

A large public corporation these days faces "a myriad of risks ... ranging from complex financial risk to quality control regarding material manufactured in China." (16) In general, however, the risks corporations face can be broadly categorized as operational, market, and credit.

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
Loading One moment ...
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited article

Caremark and Enterprise Risk Management
Settings

Settings

Typeface
Text size Smaller Larger
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

While we understand printed pages are helpful to our users, this limitation is necessary to help protect our publishers' copyrighted material and prevent its unlawful distribution. We are sorry for any inconvenience.
Full screen

matching results for page

Cited passage

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited passage

Welcome to the new Questia Reader

The Questia Reader has been updated to provide you with an even better online reading experience.  It is now 100% Responsive, which means you can read our books and articles on any sized device you wish.  All of your favorite tools like notes, highlights, and citations are still here, but the way you select text has been updated to be easier to use, especially on touchscreen devices.  Here's how:

1. Click or tap the first word you want to select.
2. Click or tap the last word you want to select.

OK, got it!

Thanks for trying Questia!

Please continue trying out our research tools, but please note, full functionality is available only to our active members.

Your work will be lost once you leave this Web page.

For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

Already a member? Log in now.

Are you sure you want to delete this highlight?