A "Smee" might sound like a Smurf to you or me, but this newly emerged creature is not frivolous. Subject matter experts--or "S.M.E's" in lawyer's parlance-- will be central figures in "the most litigous event in history." Or, at least, that's what the Year 2000 computer problem has the potential to become, according to the assesment of insurance underwriters speaking at a conference sponsored TSB of London earlier this year.
Already you could say that Y2K has created the biggest-ver game of Pass the (Timebomb) Parcel. As of early October, 55 legislative bills had been proposed regarding Y2K liability and 21 lawsuits filed. The first of the federal bills to pass both houses, cleared the House of Representatives on October 1 and the bill, S2392--which was preapproved by the Administration--was expected to be signed at press time. The first of the Y2K lawsuits filed was actually settled two months ago when a Michigan supermarket operator, Produce Palace International, obtained $250,000 for costs plus damages arising from the inability of its card readers to handle credit cards with expiration dates in the next millennium. In that case, the respective companies that manufactured and installed the readers were sued, but elsewhere heat is being applied to card issuers whose cards can't operate beyond the Year 2000.
Ronald Alvira, national Y2K director for RCG Information Technology, an Edison, N.J. consulting firm, says Visa International is applying what Alvira declines to call a fee--but runs to $150,000 a day--to issuers who can't process cards with a "00" expiration year. That Visa rule has been in effect since May, Alvira says. Visa did not return USB's calls.
It's erroneous to consider Jan. 1, 2000 as D-Day because there are several problematic dates before then. The first of these is as soon as April 9 of next year. Being the ninety-ninth day of the ninety-ninth year, it could be represented as 9999, which traditionally has been used as a default code. It's there, much as an "X" might be, to indicate that no information was supplied for a given data field, and the absence of a date might disrupt the computer's ability to execute a command.
Even in the unlikely event that nothing goes wrong as computer systems try to interpret unprecedented dates, there's still a growing interest in legal recourse as a way to make someone pay for what is, in the words of John Bace, GartnerGroup's director of research, "a multi-million dollar investment with a zero return on investment." National banks alone--the 2,700 regulated by the Office of the Comptroller of the Currency--collectively will spend at least $11.3 billion on the Y2K fix, the OCC says. That's just for getting their own houses in order. Given that their efforts may be undermined by the failures of third parties outside their control, banks might want to add to their Y2K cost estimates the cost of legal counsel to vindicate their role.
"I don't see how banks can avoid being contaminated," says Brian Parker, who brought the first Y2K suit for Produce Palace. (Parker's firm is in Bingham Farms, Mich., about 70 miles from the state capital, Lansing.) "It's like AIDS--a healthy person can easily be contaminated by someone who is not." Parker adds that he has met "hundreds of lawyers who are banking on everything crashing. It's funny. The computer people say it's all hype, the banks don't want to say anything, and the lawyers say, 'Yeah! This is going to be big.'"
The Y2K complications created by an increasingly wired world were alluded to at the Financial Technology Expo, in New York in September. The conflict between one entity's need for assurance and another's fear of contamination arose at a Y2K session. A speaker from the floor--Barbara Wichman, a director of American General Life, Shaumburg, Ill.-- said some of its bank clients wanted to provide the insurer with data to run through its system as a test. However, AGI refused, on legal advice. A lawyer on the panel--Joshua Sternoff with Proskauer Rose LLP, New York--concurred that AGI's position was defensible because it doesn't want to risk having its systems corrupted by data the bank supplies. However, that bank is charged with ensuring that the third parties it deals with are ready for the new millennium.
It's also hard to tell where the sword may fall when it comes to disclosures made by public companies. The Securities and Exchange Commission imposed greatly extended Y2K disclosure obligations on public companies in late July, and the bank regulators have deferred to SEC guidelines for those banks that are publicly traded. The SEC says that if a company can't accurately estimate what it will cost it to make the requisite Y2K fixes and how that expense will affect its bottom line, the company should give what it believes to be the worst-case scenario. That may satisfy the SEC, but if bad news causes the firm's stock to fall the shareholders are likely to bring a class action suit against the firm.
Banks involved in securities and investment businesses have a bit more to worry about.
A key legal defense for those that underwrite and deal in securities is showing that they exercised due diligence. However, as Brian Smith, a partner in the Washington, D.C., office of Mayer, Brown & Platt told attendees at a company-organized seminar on banks' Y2K liability, "It's a delicate balancing act. If you do too much due diligence, you've become the underwriter of the decision that they are Y2K-compliant."
A particular trouble spot is ERISA--the Employees' Retirement Income Security Act (1974), which governs banks that manage peoples' retirement money--through pension funds, trusts, etc. One bill, S2000, proposed by Sen. Bob Bennett Rep. of Utah, would hold such banks responsible for ensuring that the companies in which they invest are ready for Y2K. Fortunately for banks, Bennett's May 1998 proposal is not expected to pass.
There are many more mundane opportunities for banks to find themselves named in lawsuits. If their systems can't run for want of electricity or telecommunications, when customers turn to blame the bank, can the blame be readily deflected? If funds-transfer mechanisms, such as the FedWire fail, who is at fault?
What about business borrowings that are never repaid because the businesses fail over Y2K? The good news--gauging from the experience of Northern Bank & Trust, a $250-million-asset bank in Cincinnati--is that businesses may be better up on the issue than banks fear. Neil Budelsky, executive vice president at Northern said he was "amazed" at how many borrowers of more than $100,000 were already compliant when commercial loan officers began calling on them early this year.
The 370 firms in that bracket complete a two-page evaluation form, and receive follow-up visits based on how they score. Ultimately, borrowers sign an acknowledgment form to the effect that they are compliant and an addendum to the loan agreement, making ill-preparedness for Y2K a condition of default. "It's my understanding that they're as legally binding as notes and other loan forms we use," Budelsky says.
There's also the government, in whose systems bankers surveyed by America's Community Bankers earlier this year expressed less confidence than in their own. Meanwhile, many of the Y2K bills proposed have been offered by legislators in individual states aiming to exempt those states from liability, as a number have already succeeded in doing.
Bank regulators have also made it very clear that they cannot be held accountable--even though initially they wanted banks to certify that they and their counterparties were compliant. At a Y2K conference organized by the Bank Administration Institute this summer, regulators addressed packed rooms on an off-the-record basis. The Federal Deposit Insurance Corp. recently warned FDIC-regulated banks that they cannot disclose the ratings they received from FDIC's assessment of their Y2K preparedness. Some months ago, when asked if the FDIC feared Y2K lawsuits, Frank Hartigan, the agency's Y2K project manager, said they were "not even a remote possibility."
Meanwhile, Greg Golembe, director of the American Association of Bank Directors, is worried and indignant about the fact that FDIC's director of supervision Nicholas Ketcha has placed personal responsibility for the Year 2000 issue on bank directors. (Ketcha is scheduled to retire next month.) Golembe, says the AABD's 3,000 members regard potential legal action against them personally as "a great concern." Legislation passed after the savings and loan crisis in the late Eighties, which held individual directors accountable, is "still on the books," notes Golembe. The AABD's members represent probably 350 banks, mostly with well under $1 billion in assets. It was noted at the Mayer Brown/GartnerGroup seminar series during the summer that a business judgment rule will be used to test directors during the Y2K retrospective.
So where can banks turn? Insurance is a possibility, although Alan Martin, an insurance lawyer with Mayer, Brown & Platt in Chicago notes, "Insurance companies plan to argue that Y2K is a known loss, and insurance provides only for unanticipated losses." However, he adds that companies that have acted to avert problems associated with Y2K but do encounter them can claim that consequent losses were unanticipated and therefore covered by insurance. One can guess how likely it is that every problem will have been anticipated. At DRI Legasys Group, Boston, which vets the work banks have done, chief executive Doug Archibald, says it has surprised Canadian bank clients by finding problems in computer code thought to have been fixed. Not that DRI undertakes to make code bug-free. "All we guarantee is that we won't put in any errors that weren't there when we got it," Archibald says.
Before going in search of an insurance policy specifically for Y2K, Martin says banks should look to their existing policies which, without mentioning Y2K per se, may still offer them coverage. When it comes to renewing their insurance policies, he warns banks, "Beware of Y2K exclusions being slipped in." At the behest of insurers, 42 state insurance commissioners have already agreed to Y2K exclusions, although Martin notes that these are not blanket exclusions.
David Sterling of Sterling & Sterling, a Great Neck, N.Y., insurance brokerage, says there's no Y2K coverage to be had. Well, he has encountered one policy--on which a $20,000 premium is being charged for $100,000 in coverage. "Software vendors have come to us for insurance against the eventuality that what they're doing isn't working, and it's not available," says the president of the 66-year-old company. The insurance industry is ill-prepared and "panicked," Sterling says, speculating that state commissioners will be very open to granting further Y2K exclusions in the interest of ensuring the industry's continued solvency.
The next resort, litigation, is reportedly being considered by banks, though none have yet filed suits or had suits filed against them. A number of law firms say they are in discussions with banks considering, for example, anticipatory breach of contract suits against vendors that the banks fear will not be ready on time. However, as noted in the September issue's story ("Y2K:Testing Times Ahead"), some banks want to switch vendors, but can't find another to take them.
RCG's Alvira says he's not surprised that no bank has filed a Y2K suit yet because banks' overriding concern is losing their customers' confidence. The bank may be pointing the finger elsewhere, but a lawsuit still suggests that all is not well within the bank. Interestingly, the FDIC's instruction to keep ratings quiet came within a directive urging banks to publicize their Y2K remediation efforts to their customers. The August issue of "Consumer Reports" advised consumers to "ask an officer at the bank how the institution plans to help customers if they encounter problems...If you don't like the answers you get, consider moving your account to a bank that's better prepared for 2000."
Such ad hoc inquiries could reap legal trouble, lawyers warned at the Mayer Brown seminar. "Until recently, just about anybody could answer a customer. You can't have that," Brian Smith said. Answer Y2K queries through a single contact person and make your own by way of brief, factual questions, bankers are advised--and watch for jocose e-mails telling outsiders that the ship is sinking.
Key Y2K staff--the aforementioned "Smees"--should be chosen partly for their suitability as expert witnesses, bankers were told. Jonathan Medow, a partner in the Chicago office, said banks should "consider establishing a consulting arrangement" with key figures to ensure that they are available to the bank should it find itself in legal proceedings. (With current demand for Y2K experts, staff turnover is very high.)
"The risks of nondocumentation generally outweigh the risks of documentation," Medow continued. However, "Let's not keep superseded versions around. Do you want to show that it took you 10 efforts to get things right? And remember, privilege attaches to a document when it's created; it can't be applied afterwards."
Vendor-client communication on Y2K is pretty poor, largely because of the legal cloud hanging over proceedings. Cross-industry surveys show vendors respond to only about 30% of Y2K surveys, and a Cap Gemini survey found banks and other respondents downgrading vendors' co-operativeness to 4.4 out of a worst-possible 5.0 by mid-year, whereas they had been at 2 out of 5.0 at the end of the first quarter.
Gordon Glaza, regulatory counsel with the American Bankers Association, expected the situation to improve with the passage, around press time, of legislation to encourage disclosures on companies' Y2K project status. Banks and their vendors, which must work closely together, to date have been unwilling, for example, to give internal target dates for different stages of the process, Glaza says. The fear is that A will say B was late on what it promised, causing A insurmountable problems, or vice versa.
The proposed legislation would create a situation in which one party could still be sued, but not simply for what it said. The legislation, which is not aimed solely at banks, is also expected to encourage banks to share their Y2K experiences with each other. The bill, S2392, which was mentioned at the start of this ariticle, had cleared both houses by Oct. 1. The bill, which supplanted two earlier bills, was another Y2K proposal by Senator Bob Bennett. Introduced in July, it was modified by Sen. Orrin Hatch Rep. of Utah, and Sen. Patrick Leahy Dem. of Vermont, and became unoficially known as "the Hatch-Leahy compromise bill."
Glaza expects the legal discussion to shift from business disclosure liability to consumer disclosure liability, and then to service disruption liability. Prosecutors "haven't yet found a way of dragging the banks in," Glaza notes wryly.
Six of the 21 Y2K suits filed so far are against Intuit Inc. over the inability of older versions of Intuit's Quicken personal financial management software to accept dates beyond Dec. 31, 1999. (To keep current with Y2K litigation, visit the Information Technology Association of America's Web site at http://www.itaa.org/Y2Klaw.htm#Lawsuit.) Intuit was sued by Milberg Weiss Bershad Hynes & Lerach, a firm with a high profile in class-action suits. The first of the Intuit cases was dismissed on August 27 in Santa Clara Superior Court. in California because no damages were alleged. Michael Spencer a partner in Milberg Weiss, New York, said that it was amending its complaint to show injury and consolidating the Intuit cases into one. Spencer doesn't see banks that distribute Quicken's software to their customers becoming implicated in these proceedings.
However, there may be many other class actions to come. In the words of Andrew Morris, a partner in Mayer, Brown in Washington, "It's likely that the courts will become more friendly toward consumer claims as more and more are filed."