Already, the high-profile compliance breakdown at Wells Fargo has resulted in consent orders from two regulatory agencies, $185 million of fines and penalties, employee lawsuits, shareholder lawsuits, billions of dollars of lost shareholder value, the resignation of a CEO and the clawback of millions of dollars of compensation from executive officers.

Wells Fargo and the entire banking industry have suffered serious reputational damage from this scandal. However, it is far from over.

With John Stumpf no longer leading the company, the focus of shareholders is likely to shift to the board of directors, and the following questions are likely to be asked: What did the board know and when? Does the board have responsibility and/or liability for these compliance failures?

Whether or not the Wells Fargo board satisfied its oversight responsibilities, it was undeniably tone deaf to the incendiary nature of various aspects of the alleged improper behavior. Those aspects included the fact that sales targets and incentive compensation induced noncompliant and allegedly fraudulent activity that directly and adversely affected as many as 2 million consumers; the firing of thousands of low-level employees compared to the retirement golden parachutes provided to the executive who managed retail operations; and the apparent lack of accountability at the top.

As the political firestorm that erupted clearly demonstrates, the board was also mistaken in considering the matter "immaterial" from a public disclosure point of view. This may be as much the fault of those advising the board, but the board apparently allowed itself to be insulated and out of touch with the realities on the ground.

Although the board must share responsibility for how the scandal unfolded, there is a high bar for board liability in this type of situation. Indeed, a claim that a board failed in its oversight role has been characterized by the Delaware courts as "possibly the most difficult theory of corporate law upon which a plaintiff might hope to win a judgment."

A stockholder claiming a breach of the board's oversight duty must demonstrate that the board utterly failed to implement reporting and information systems – investments designed to enable management and the board to reach informed judgments concerning the corporation's compliance with laws, regulations and policies. Or a stockholder must demonstrate that the board, having implemented these systems, failed to inform itself or act upon information flowing back to it, known as red flags.

Broadly, recent case law holds that boards need to be more alert to red flags alleging fraudulent activity within a company, as opposed to adverse risk developments. Companies are in the business of taking risk but not in the business of committing fraud. With this in mind, several aspects of the Wells Fargo episode related to the board's responsibilities are interesting:

  • The Office of the Comptroller of the Currency's consent order with Wells Fargo alleges that the bank lacked an enterprisewide sale practices oversight program, and thus lacked sufficient oversight to prevent and detect violations of law.
  • The admitted wrongdoings occurred as long ago as 2011, came to light as the result of a Los Angeles Times investigative report in 2013, were brought to the attention of the board in late 2013 or 2014, and allegedly continued at least until July 2015.
  • The alleged noncompliant behavior appears to also involve fraudulent activity, not just a failure to achieve regulatory compliance – a point that many senators emphasized in the contentious Sept. 20 Senate hearing.

Already, governance changes have occurred at the board level at Wells Fargo. In connection with Stumpf's resignation, the position of chairman has been separated from that of chief executive. Although it might sound like a minor change, separating the two positions is still in stark contrast to the practice followed by most megabanks.
That may be just a start. Stockholders are likely to call for accountability at the board level. It is possible that the bank will announce further board changes prior to the next annual meeting of Wells Fargo stockholders. If not, it will be an interesting board proxy and director election season for Wells Fargo in 2017. In this regard, it is the policy position of ISS, the most influential proxy advisory firm, to recommend that shareholders withhold or vote against individual directors, committee members or the entire board, in extraordinary circumstances, due to material failures of governance, stewardship or risk oversight. According to the 2016 proxy statement, the audit and examination committee of the Wells Fargo board is responsible for overseeing operational risk and legal and regulatory compliance, among other matters.

Wells Fargo has a majority vote standard for the uncontested election of directors. Will there be a campaign to remove certain Wells Fargo directors? Even if there is not a challenge to the election of Wells Fargo directors, there certainly will be numerous stockholder proposals included in the proxy statement relating to the compliance scandal, which will provide shareholders an opportunity to express their frustrations with the company and its board. Regardless of what happens, the Wells Fargo episode is a reminder of the challenges facing boards of directors. Boards need to understand their oversight roles and responsibilities with respect to compliance oversight and remain vigilant.

John J. Gorman is a partner at the Washington law firm of Luse Gorman PC and a faculty member of the National Association of Corporate Directors. He has served as a commissioner on the NACD Blue Ribbon Commission on Board Leadership and the 2016 NACD Blue Ribbon Commission on Building the Strategic-Asset Board.