Risk Corporation is incorporated in Minnesota. The company operates a financial services business and serves clients in Wisconsin and Minnesota. Although the articles of incorporation describe the business purpose of the company as "providing financial services to business clients," Risk Corporation has recently begun selling insurance to clients. Due to a recent increase in the number of cyber attacks affecting companies in the local area, Risk Corporation’s board of directors decides to address the issue of data security during its regularly scheduled board meeting. Since the board does not have expertise in this area, the board decides to hire Crown Security Experts, a consulting firm, to advise them on the issue of data security. The board hires Crown Security based on the suggestion of board member Fay Francis. The board is unaware that Fay Francis has an ownership interest in Crown Security Since Fay does not mention her ownership interest in Crown Security. Because Fay has a background in data security, the board relies on Fay in its decision to hire Crown Security even though other security consulting firms offer similar services at a lower rate. Crown Security informs the board that Risk Corporation should adopt a more aggressive data security program and an incident response plan in the event that corporate data is compromised by a data breach. Although many companies have incident response plans, there is no legal requirement to establish an incident response plan. Based on this advice, Risk Corporation's board decides to invest in an expensive incident response plan. Although the board monitors whether the incident response plan is implemented, the board does not fully monitor how individual employees are trained on data security procedures. Two months later, there is a significant data breach after a Risk Corporation employee inadvertently forwards an email to the wrong recipient. Had the company adopted a more aggressive data security training program, it is possible that the data breach could have been avoided. As a result of the data breach, customers’ personal and financial data is confiscated, resulting in significant financial losses for Risk Corporation customers. Following the discovery of the data breach, stock prices at Risk Corporation decline. Although Risk Corporation notifies customers of the security breach, the company does not notify customers in a timely manner. Risk Corporation notifies customers after two months, in violation of Wisconsin laws. Although the board ensures that customers are notified about the security breach, the board does not take an active role in evaluating the timing of the notification since other companies use a similar shareholder notification program. Based on these activities, shareholders file a derivative action against the company and sue the board of directors. At the time the shareholders file the lawsuit against Risk Corporation and the board of directors, Risk Corporation's customers file a lawsuit against the shareholders. The customers' lawsuit against Risk Corporation shareholders alleges that the shareholders are liable for the customers' losses due to confiscated personal data since the corporation was formed to evade an existing obligation.
If you are representing the defendant, the board of directors, present your arguments explaining why the board of directors should not be liable in this case. Discuss all relevant legal principles from chapters 39 and 40. also, indicate what additional information would be helpful in analyzing the case.
*****Please please please LIKE THIS ANSWER, so that I can get a small benefit, Please*****
In representing the defendant, the board of directors many legal principles are relevant in explaining why the board of directors should not be liable in this case. Chapter 39 talks about the process and financing within corporations. Corporate personnel states that the overall the board of directors is entrusted for what happens to the corporation, policy decision, and hiring. They are elected by shareholders and shareholders are those that purchase a share of the stock in a corporation. There are several different kinds of corporations and the classification depends on location, purpose and characteristics of ownership. Risk Corporation would be a domestic corporation to Minnesota and since they do business in Wisconsin that state would refer to them as a foreign corporation. Another important legal issue is a concept known as, “piercing the corporate veil”. This term ignores the corporate structure, when the owners use a corporate entity to conduct fraud, find a way around the law, or achieve an illegitimate objective in some different way. This term also refers to exposing shareholders to personal liability. This is done so in court when the corporate privilege is abused for own personal benefit and when the business is treated very carelessly. If this occurs shareholders become liable for corporate debts. Several factors lead courts to pierce the corporate veil, but no single factor is conclusive, and it depends on the specific circumstances and facts of the case. The board of directors did invest in an expensive incident response plan. Also, the lawsuit from Risk Corporations states the shareholders are liable for the customers' losses due to confiscated personal data since the corporation was formed to evade an existing obligation. In chapter 40 corporations’ directors, officers, and shareholders are discussed. The duties of the board of directors are to govern the corporation and call meetings as an agent of the corporation. They have the power to make micro decisions, such as the board ensuring the customers are notified about the security breach and the expensive investment of an incident response plan. Doing this is the board of directors’ duty to the corporations’ best interest, not the interest of the board of members or the shareholders. The board of directors are acting under the duty of care as their duty to the corporation and duties to make informed decisions and apply to the better judgement rule. They also have a duty of loyalty which is a fiduciary duty, as well as conflict of interest disclosing any conflicts between personal interests and those of the corporation. Lastly, hiring Crown Security was suggested by Fay Francis who the board of directors is unaware that she is interested in ownership of Crown Security who has overextended her obligations by serving on a number of corporate boards.
ALTERNATIVE ANSWER:
If I were represent the shareholders, then following arguments explaining why the shareholders should win their case as below
The additional information would be helpful in analyzing the case is the root cause analysis for the cyber attack issue or data breach incident. The root cause analysis will show the key cause that had resulted in the data breach incident and how this has happened and what could have prevented this event.
*****Please please please LIKE THIS ANSWER, so that I can get a small benefit, Please*****
Risk Corporation is incorporated in Minnesota. The company operates a financial services business and serves clients...
Marcetta, Wong & Palmirotto Investment Company, a corporation dedicated to brokerage, has as General Manager Sherry Faye Stull, in addition to being the principal officer the which is in charge of the portfolios of rich and famous clients. The General Manager disagrees with the system proposed by Financial Investment Decision Support System Group because it does not think it's right for the needs of the company. In the investment firm there is a variety of portfolio managers, some of the...
QUESTION 1 Manuela has worked as an accountant in her own accounting business, a sole proprietorship, for more than seven years. Among the services she offers is tax return filing and personal investment advising. Which of the following is true of Manuela’s business? A. Manuela has little control over the management and operations of her business. B. Manuela has unlimited liability. C. Outside funding for the business has been easy for Manuela to obtain. D. Manuela had varied and complicated...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
1. Analyze the major challanges USB faced in the last 5 years, in your opinion, what were the crucial factors in the banks downturn? 2. what are the main triggers to change the banks approach to communication and what is different today regarding the dealings and relationship to its share-and stakeholders? 3. How would you evaluate the constant replacement of the banks chairman and CEO? 4. in view of the future strategy of USB, what are your suggestions in order...
1. Analyze the major challanges USB faced in the last 5 years, in your opinion, what were the crucial factors in the banks downturn? 2. what are the main triggers to change the banks approach to communication and what is different today regarding the dealings and relationship to its share-and stakeholders? 3. How would you evaluate the constant replacement of the banks chairman and CEO? 4. in view of the future strategy of USB, what are your suggestions in order...
1) analyze the following case 2) give a summary and suggest ways for the company —————— Salesforce.com, one of the most disruptive technology companies of the past few years, has single-handedly shaken up the software industry with its innovative business model and resounding success. Salesforce provides customer relationship management (CRM) and other application software solutions in the form of software as a service leased over the Internet, as opposed to software bought and installed on machines locally. The company was...
Questions 3 and 5
Frozen Coke and Burger King and the Richmond Rigging 12 Case 8.17 president of Coca-Cola's Foodservice and Hospitality Division, was looking on sells fountain-dispensed soda to restaurants, convenience marts fountain division, a division responsible for one-third of all of Coke's revenues , and Tom Moore, president of sales in the The fountain division fourn theaters. Sales were stagnant, and he knew from feedback from the salespeople that Pepsi ias moving aggressively in the area. In 1999,...
Please read the article and answer about questions. You and the Law Business and law are inseparable. For B-Money, the two predictably merged when he was negotiat- ing a deal for his tracks. At other times, the merger is unpredictable, like when your business faces an unexpected auto accident, product recall, or government regulation change. In either type of situation, when business owners know the law, they can better protect themselves and sometimes even avoid the problems completely. This chapter...
1. Do you agree with Deloitte's assertion that Adams had no
"substantive role" in the 2008 and 2009 Caesars audits? Defend your
answer.
2. The SEC applies a principles-based approach to mitigating the
risks that may undercut auditor independence. Identify the four
guiding principles applied by the SEC to protect the independence
of auditors of public companies.
3. Assume Adams had used his personal funds to finance his
gaming activities in the Caesars casino. Under those circumstances,
would he have...
Case: Enron: Questionable Accounting Leads to CollapseIntroductionOnce upon a time, there was a gleaming office tower in Houston, Texas. In front of that gleaming tower was a giant “E,” slowly revolving, flashing in the hot Texas sun. But in 2001, the Enron Corporation, which once ranked among the top Fortune 500 companies, would collapse under a mountain of debt that had been concealed through a complex scheme of off-balance-sheet partnerships. Forced to declare bankruptcy, the energy firm laid off 4,000...