The D&O claims environment is now in an unusually uncertain state, largely due to the potential for unprecedented and wide-spread changes directly and indirectly caused by the new Trump administration. Many of the predicted changes may appear to lessen D&O exposures, including more conservative judges and a more business-friendly regulatory environment. But other changes will likely create a mixed bag of winners and losers. Some industries and companies will likely benefit from new Trump policies, such as the oil and gas and the crypto currency industries. Other industries and companies may be harmed, such as many green-energy companies and industries heavily dependent on an immigrant workforce. Plus, virtually all industries face the unpredictable consequences of potentially huge foreign tariffs, federal government downsizing and a more tolerant antitrust oversight of large M&A transactions.
History has shown that in times of significant uncertainties and changes, D&O claims often thrive, sometimes in surprising ways. Increased stock price volatility and financial distress caused by these types of developments are incubators for increased D&O claims involving many types of industries and companies.
Despite this unknown future, understanding recent D&O claims developments remains important both because many of those developments likely reflect future claims activity and because the consequences of new Trump policies probably will not impact D&O claims results for at least a year or two.
The following summarizes many of the more important recent legal developments involving D&O claims. It is now especially important for those who advise or insure directors and officers to carefully monitor and react to these and other developments in the coming months and years.
- Securities Class Action Litigation. In 2024, the frequency of new federal securities class action litigation filings increased by about 5%, representing the second straight year of modest increases after a four-year decline in filings from 2019 to 2022. The technology, pharmaceutical and medical device sectors accounted for a combined 37% of those filings. Surprisingly, 19 COVID-related securities suits were filed in 2024, which was a 46% increase from 13 in 2023. The frequency of securities class action filings during the first half of 2025 was essentially the same as 2024’s full-year number.
Merger objection suits remain very low, continuing a trend that began in 2021 when plaintiff lawyers began filing such suits as single-plaintiff cases rather than as class actions, thereby allowing the plaintiff lawyer to settle the case for a so-called mootness fee (without the need for court approval) following modest additional disclosures by the company.
The number of securities class action lawsuits dismissed by courts increased from 96 in 2023 to 124 in 2024 (i.e., 29% increase).
The median settlement value in securities class actions has remained about the same in the last few years (the 2024 median settlement amount was $13.5 million), although the average settlement value materially declined in 2024 due to several factors, including an arguably temporary decline in the number of mega securities settlements.
The following summarizes some of the recent more important developments in securities class action litigation:
- Since 2019, four separate securities class actions involving D&Os have settled for more than $1 billion each. See VEREIT, Bausch Health (fka Valeant), Dell Technologies and Wells Fargo settlements. These 10-figure settlements can no longer be considered isolated but suggest a trend toward dramatically increased settlement amounts in at least the most severe cases. An increase in settlement amounts in more modest cases has also occurred to some extent, probably reflecting in part a trickledown from these huge settlements.
- The traditional belief that securities class actions which survive a motion to dismiss are largely indefensible as a practical matter is being challenged by some recent developments involving class certification. In August 2023, the Second Circuit decertified a class of investors who sued Goldman Sachs and its executives, thereby effectively ending a more than 10-year-old securities lawsuit. The ruling was based on a 2021 U.S. Supreme Court ruling in the same lawsuit which instructed lower courts when deciding whether to certify a class in securities litigation to examine actual facts (not just allegations, which is the standard for motions to dismiss) to determine if the alleged misstatements had a material impact on the company’s share price. Similarly, in August 2025, the Sixth Circuit decertified a class of investors in securities litigation against First Energy and its executives, holding that the District Court applied the wrong standard. In contrast, in a July 2025 split decision, the Third Circuit affirmed the District Court’s class certification in a securities fraud suit. Several other circuit courts and numerous District Courts have recently addressed or are currently considering class certification issues in several cases. Although the recent rulings are divided, there appears to be an increased willingness by a number of courts to deny class certification, which creates new hope that at least some securities class actions can be defeated at the class certification stage even if the defendants’ motion to dismiss is denied.
- The Trump Administration’s evolving and frequently changing tariffs present numerous disclosure challenges for most public companies and create heightened risks for securities class action lawsuits for even the most careful companies. The financial uncertainties and volatility caused by the wide-ranging tariffs increase disclosure-related liability risks in numerous contexts, including issuance of earnings guidance, compliance with and the impact of the new and changing tariffs, impact on and disclosure of material tariff-related risks. The current uncertainties and stock market volatility are an ideal incubator for new securities class action lawsuits and will likely result in a significant increase in securities litigation filings against a wide variety of companies at least in the near term.
- SEC Enforcement. In addition to private securities litigation, D&Os need to also be concerned about SEC enforcement activity. The SEC is expected to continue at least to some extent its focus on holding directors and officers accountable in a variety of contexts. However, under the Trump Administration, the SEC has signaled a more business-friendly environment by emphasizing deregulation in numerous areas and reducing compliance costs for companies. The three main factors which continue to create albeit reduced concern for D&Os in this context are summarized below.
First, the revolving leaders at the SEC’s Division of Enforcement (dating back to the first Trump administration and before) have repeatedly stated that “individual accountability” is one of the Division’s “core principles,” and that “pursuing individuals has continued to be the rule not the exception.” Approximately two-thirds of the SEC’s cases in FY24 involved charges against individuals, and the SEC obtained 124 orders barring individuals from serving as officers and directors of public companies (which was one of the highest numbers in a decade). Although some of the aggressive tactics by the SEC in recent years will likely subside with the new Trump administration, directors and officers will still be subject to expensive and problematic investigations and proceedings by the SEC.
Second, during its 2024 fiscal year, the SEC received over 24,000 whistleblower reports, which was a record. This increased frequency of whistleblower reports to the SEC appears to be attributable in large part to the significantly larger bounty awards which have been paid by the SEC to persons who provide information that materially assists the SEC in identifying and prosecuting securities law violations. In its 2023 fiscal year, the SEC paid a record $600 million to whistleblowers, including a record $279 million to one whistleblower (which was more than double the previous record and which was in addition to other large awards of $28 million, $18 million and $12 million in 2023). These large awards continued in fiscal year 2024, including a $98 million award to two whistleblowers in August 2024 and total awards exceeding $255 million for the entire year. However, under the Trump Administration, the SEC is reportedly denying a record percentage of whistleblower claims for payment, resulting in the number of awards granted and the total amount of payouts made being significantly less than in prior years.
Third, SEC enforcement actions can be particularly problematic for D&Os because they frequently last a long time and usually cannot be resolved at the same time as parallel securities class action and shareholder derivative litigation. As a result, a sufficient amount of the company’s D&O insurance limits should be preserved following a settlement of the private litigation to fund the ongoing and potentially very large costs in the SEC action.
However, in June 2024, the U.S. Supreme Court granted some relief for companies and their directors and officers in SEC enforcement proceedings by ruling the SEC cannot use in-house administrative proceedings to impose civil fines for securities fraud. Instead, the SEC must use courts for assessing those monetary sanctions, which is viewed as a more even-handed forum for the defendants.
The SEC’s impact on D&O exposures was not limited to enforcement actions under the Biden administration. A number of new SEC rules relating to a wide variety of topics significantly expanded D&O responsibilities and exposures. The three most important new or proposed rules impacting D&Os involved (i) executive compensation clawbacks following a company restating its financial statements, (ii) disclosure requirements with respect to cybersecurity; and (iii) disclosure requirements with respect to climate change. In June 2025, the new Trump administration withdrew the controversial cybersecurity and climate change rules. It is unclear whether alternative rules related to those disclosure topics will be proposed in the future. The new compensation clawback rules, which are summarized below, will likely remain in effect.
In October 2022, the SEC adopted final rules to implement the compensation clawback provisions in §954 of Dodd-Frank. Pursuant to the new rules, any executive officer of a publicly-traded company that restates its financial statements must repay to the company any incentive-based compensation received by the officer during the three years prior to the restatement, regardless of whether the executive committed any wrongdoing or knew of the facts underlying the restatement. Importantly, the new rules prohibit the company from indemnifying the executive or purchasing insurance for the amount of the clawed back compensation, although executives who did not cause the restatement may personally purchase insurance for his or her clawback liability.
On March 17, 2025, the Acting Chair of the SEC stated he has directed staff to reassess a number of finalized and proposed regulations by the Biden administration and promised a more deliberate and slower process for considering any new rules in the future.
- Derivative Suits. Historically, shareholder derivative lawsuits (which are cases brought by shareholders on behalf of a company against D&Os seeking damages incurred by the company as a result of alleged wrongdoing by the D&Os) have presented relatively benign exposures. Although frequently filed in tandem with a more severe securities class action, derivative suits usually have been dismissed by the court or settled for relatively nominal amounts for several reasons. For example, a committee of independent directors who were not involved in the alleged wrongdoing may determine that prosecution of the derivative suit on behalf of the company is not in the company’s best interest, in which case the court may dismiss the case. Likewise, the defendant D&Os usually have several strong defenses in the derivative suit, including pre-suit demand requirements, the business judgment rule, state exculpation statutes, and reliance on expert advisors.
Despite these procedural and substantive defenses, an increasing number of derivative suits are now settling for large amounts. The following summarizes many of the more recent “mega” derivative settlements.
Company | Type of Incident | Derivative Settlement |
Tesla | Excessive executive compensation | $735 million of returned cash and equity compensation |
Alphabet | Alleged monopolization of search engine and advertising markets | $500 million compliance reforms |
Wells Fargo | Widespread improper consumer banking practices | $320 million |
Alphabet | Alleged culture of sexual discrimination/harassment and mishandling of complaints against senior executives | $310 million diversity and equity fund for governance reforms |
Renren | Transfer of company assets to privately owned company at undervalued price | $300 million |
VEREIT | Financial statement errors | $286 million |
Activision Blizzard | Executive officers unfairly acquired a controlling interest in the company | $275 million |
Boeing | Alleged breach of the board’s safety oversight duties resulting in crash of two Max 737 aircraft | $237.5 million |
Meta | Breach of customer privacy regulations | $190 million |
FirstEnergy | Executives bribed state officials | $180 million |
Insys | Opioid-related wrongdoing | $175 million |
McKesson | Opioid-related wrongdoing | $175 million |
CBS/Paramount | Allegedly unfair merger terms | $167.5 million |
AIG | Allegedly fraudulent $500 million reinsurance transaction to mask company losses | $150 million |
News Corp. | Relative of majority owner personally benefitted from acquisition of company; company’s employee journalists used illegal reporting tactics | $139 million |
Freeport-McMoRan | Merger fraught with allegations of sweetheart deals and self-dealing | $137.5 million |
Cardinal Health | Opioid-related wrongdoing | $124 million |
Walmart | Opioid-related wrongdoing | $123 million |
Oracle | $900 million in insider trading in advance of disappointing earnings announcement | $122 million |
Broadcom Corp. | Options backdating scandal that resulted in $2.2 billion write-down | $118 million |
Altria Group Inc. | $12.8 billion investment in vape manufacturer Juul | $117 million (including $100 million for programs to combat underage nicotine use) |
AIG | Allegation that company paid sham commissions to a closely-held insurance agency | $115 million |
Cencora Corp (fka AmerisourceBergen) | Opioid-related wrongdoing | $111.25 million |
L Brands | Alleged sexual harassment and toxic workplace | $90 million governance reform fund plus $21 million attorney fee award |
21st Century Fox | Allegedly rampant sexual harassment by former Fox executives | $90 million |
PG&E Corp. | Gas Line Explosion | $90 million |
Pfizer | Off-label marketing of drugs resulting in federal investigations and claims under the False Claims Act | $75 million |
Bank of America
|
Acquisition of Merrill Lynch based on allegedly false statements about Merrill’s losses | $62.5 million |
These large derivative suit settlements are not the result of new laws creating increased liability exposures for directors and officers, but instead primarily reflect an increased focus by the plaintiffs’ bar on derivative lawsuits (perhaps fueled in part by the popularity of Side A policies in D&O insurance programs today). However, despite these large settlements, the majority of derivative lawsuits continue to be dismissed or settled for nominal monetary consideration for the reasons described above.
- Criminal Proceedings. In recent years, regulators, prosecutors and commentators have repeatedly discussed the importance and purported commitment by the government to hold executives criminally accountable for wrongdoing. In the aftermath of the financial crisis in the late 2000s, there was a large public outcry for the prosecution of responsible individuals, although those prosecutions were essentially non-existent. Regulators and prosecutors both then and now repeatedly express the importance of criminal prosecution of executives.
But, despite this rhetoric, the prosecution of white-collar crime remains surprisingly infrequent, particularly with respect to directors and senior executives of large public companies where decisions are often made “by committee” without clear attribution to one or a few individuals who possess the necessary intent to violate the law. In addition, prosecutors often have limited resources and usually only bring cases they believe they can win. As an example of these challenges, in January 2021, a federal appeals court overturned the convictions of four former executives of Wilmington Trust, which was the only financial institution criminally charged in connection with the federal bank bailout program following the 2008 financial crisis. More recently, in June 2024, a California federal jury acquitted the former CEO and the former finance Vice President of Autonomy of criminal charges that they deceived HP about the software company’s business and financial health prior to HP’s purchase of the company for $11.7 billion.
The Trump administration will likely de-emphasize the criminal prosecution of directors and officers at least for certain targeted offenses. For example, on June 9, 2025, Deputy Attorney General Todd Blanche published a memorandum establishing guidelines for DOJ investigations and enforcement proceedings under the federal Foreign Corrupt Practices Act, which is a common source of criminal prosecutions of directors and officers. The guidelines were in response to President Trump’s February 10, 2025 Executive Order which paused enforcement of the FCPA and directed the DOJ to issue updated policies governing FCPA investigations and proceedings.
Under the new guidelines, the DOJ will focus its FCPA activities on matters involving criminal misconduct carried out by individuals rather than attributed to nonspecific malfeasance by corporate structures or where the alleged corruption is vague or merely involves compliance lapses. The DOJ must also now consider the “collateral consequences” resulting from the prosecution or resolution of the investigation or proceeding, such as “the potential disruption to lawful business and the impact on a company’s employees.” It is apparent from these new guidelines that the DOJ’s criminal enforcement of the FCPA will continue but will be much narrower and more focused on egregious wrongdoing.
Despite these challenges for prosecutors, numerous recent examples demonstrate that criminal exposure for executives is very real in several circumstances.
First, even in a large public company, senior executives who have direct responsibility for matters which create spectacular losses can be incarcerated. For example, in the last few years the former CEO and COO of SCANA pled guilty to defrauding customers and others with respect to a failed $9 billion nuclear construction project; the former CEO of SAExploration and the former CFO of Roadrunner Transportation Systems were sentenced to three years and two years in prison, respectively, for their roles in fraudulent accounting schemes at their companies; the former CEO (Elizabeth Holmes) and former COO of Theranos were convicted of securities fraud and sentenced to 11 years and 13 years in prison, respectively; the former CEO of cryptocurrency company FTX (Sam Bankman-Fried) was convicted in 2023 of multiple counts of fraud and sentenced to 25 years in prison; and the former CEO of cryptocurrency company Biance Holdings pled guilty to violation of the Bank Secrecy Act by failing to adopt anti-money laundering policies and was sentenced to four months in prison.
Second, lower-level executives who more easily can be shown to have knowingly participated in criminal wrongdoing are more frequently prosecuted than senior executives. Recent examples of charges against mid-level executives include: (i) six mid-level executives of Citigo were convicted in Venezuela of corruption charges, (ii) the Senior Vice President of Governmental Affairs of Com Ed pled guilty to charges involving the bribery of governmental officials, (iii) an executive of Sandoz, Inc. pled guilty to price-fixing charges involving generic drugs, (iv) a former executive of Netflix was convicted of money laundering and bribery for accepting stock options, cash and gifts from third-party vendors in exchange for lucrative contracts with the company, (v) an Assistant Vice President of an insurance company pled guilty to fraud in connection with a $3.9 million scheme to scam the company for phony construction work and kickbacks from vendors, and (vi) a former mid-level executive of GE Power was sentenced to seven years in prison after being convicted of forgery and taking a $5 million kickback in connection with a $1.1 billion transaction in his native Angola.
Third, individuals who are senior executives (and also large owners) of smaller companies are easier targets of criminal charges because of their more intimate knowledge of company operations. For example, in 2024, (i) the CEO and founder of a software company was sentenced to 18 months in prison and assessed a $1 million fine for inflating the company’s financial statements in connection with a securities offering that raised $60 million, (ii) the CEO of a clean energy company was sentenced to six years in prison following his conviction for defrauding investors out of $1.1 million, (iii) the former CEO of a dental device company pled guilty to defrauding investors out of $10.7 million, (iv) the CEO of a cryptocurrency company plead guilty to violating the Bank Secrecy Act by not adopting policies to prevent money laundering, (v) the former CEO of a medical device company was sentenced to six years in prison for healthcare fraud in connection with the company selling non-functional pain management device components, (vi) the former CEO of a management software company was sentenced to 20 years in prison for using company assets for personal benefits; (vii) the former CEO of a health advertising company was sentenced to seven and one-half years in prison for misrepresenting to investors, lenders and customers the company’s value and capabilities; and (viii) the former CEO of a healthcare software company was convicted of securities fraud for falsely declaring the company had a multimillion dollar deal to buy and resell COVID test kits. Likewise, in 2025, (i) the former CEO of Kubient Inc. was sentenced to one year in prison for inflating the company’s revenue by $1.3 million and lying about an artificial intelligence-powered tool developed by the company to detect digital ad fraud, (ii) the former CEO of Plus Inc. was sentenced to two and one-half years in prison for securities fraud regarding the company’s revenue from purported artificial intelligence technology developed by the company, (iii) the former CEO of Celsius Network was sentenced to twelve years in prison for deceiving customers about the crypto lender’s business practices and falsely inflating the company’s token price; (iv) the former CEO of SCWorx Corp. was convicted of securities fraud for publicizing a $670 million COVID-19 test kit contract that never materialized ; and (v) the former CEO of crypto company NAC Foundation was sentenced to seven years in prison for stealing more than $10 million from tens of thousands of investors.
These criminal prosecutions are based on an increasing number of legal theories. For example, in 2023 a jury convicted two executives of an appliance sales and distribution company for failing to report to the federal Consumer Product Safety Commission defects in dehumidifiers sold by their company. The case reportedly was the first time executives were prosecuted under the Consumer Product Safety Act.
- Cyber Claims. Unquestionably, cyber-related losses and claims are one of the most troubling future exposures for companies. It is virtually impossible for companies to prevent cyber attacks. Loss mitigation, rather than loss prevention, seems to be the only strategy available for most companies.
Surprisingly to some, the liability exposure of directors and officers for cyber-related claims is less predictable. Prior to 2017, no cyber-related securities class action lawsuits were filed even with respect to very large and highly-publicized cyber intrusions at large companies. More recently, plaintiff lawyers have filed a growing number of such securities class actions, including cases against Marriott, Chegg, Google/Alphabet, FedEx, Capital One, First American Financial Corp., Solar Wind, Yahoo!, Equifax, Telos, Octa and their D&Os. These cases are still somewhat uncommon despite the large number of companies which experience data breaches because in most cyber attack situations, the company’s stock price does not materially drop following disclosure of the attack. But, if there is a material stock drop following disclosure of the cyber breach, a securities class action is likely, and those securities class actions can be expensive, particularly if the company failed to promptly disclose the breach. For example, the Alphabet (Google) securities class action litigation which was related to a software flaw that allowed outside developers to access personal data of 500,000 users of the Google Plus social media site was settled in February 2024 for $350 million, the Yahoo! cyber-related securities class action litigation was settled in March 2018 for $80 million while a motion to dismiss was pending, the Equifax data breach securities class action litigation was settled in 2020 for $149 million, and the Solar Winds data breach securities class action was settled in 2022 for $26 million.
It is far from clear whether these cases will ultimately be successful on a widespread basis. Most of these securities class action lawsuits have been dismissed, primarily because the plaintiffs failed to sufficiently allege (i) the defendants acted with the requisite scienter (i.e., plaintiffs did not allege facts showing the defendants knew the size or impact of the breach at the time of the allegedly incorrect disclosures) , (ii) either a misstatement or omission of material facts, or (iii) loss causation (i.e., the misstatement or omission caused the company’s stock to be artificially inflated). The likelihood of these cases being dismissed increases if the company’s disclosures include detailed and specific cautionary statements about cyber risks and do not characterize the quality of the company’s cybersecurity. Despite plaintiffs’ limited successes in cyber-related securities claims, the general trend of courts dismissing these cases continues to exist as evidenced by (i) the Ninth Circuit affirming on March 2, 2022 a District Court dismissal of a data breach-related securities class action against Zendesk, (ii) the Fourth Circuit affirming in April 2022 a District Court dismissal of a data breach-related securities class action against Marriott and its D&Os, (iii) a District Court in Virginia dismissing a cyber-related securities class action against Capital One in September 2022, (iv) District Courts in California dismissing cyber-related securities class actions against First American and Okta in September 2021 and March 2023, and (v) a New York District Court dismissing most of the SEC’s cyber-related claims against SolarWinds Corp. in July 2024.
In a bizarre development which may signal heightened exposure for cyber-related claims by the SEC against D&Os, a cyber ransom gang filed in 2023 a whistleblower complaint with the SEC alleging a company that was hacked by the gang failed to disclose to the SEC the security breach and its impact on the company. The gang apparently intended to enhance its future negotiation leverage over other companies hacked by the gang.
Shareholder derivative lawsuits against directors and officers are another litigation response when a company suffers large cyber-related losses. However, this type of derivative litigation is also challenging for plaintiffs in light of the business judgment rule, the applicable state exculpatory statute for directors, and other state law defenses for the defendant directors and officers. But, a few cyber-related derivative lawsuits have recently settled or survived a motion to dismiss. Most notably, the Yahoo! derivative suit settled for $29 million, due in large part to the extraordinary number of people impacted by the breach (i.e., as many as 1.5 billion users) and the two-year delay in disclosing the breach. Other cyber derivative settlements are far smaller, often including a modest plaintiff fee award and the company agreeing to certain governance reforms. In October 2021, the Delaware Chancery Court dismissed a cyber-related derivative lawsuit involving the Marriott data breach.
The area of greatest potential exposure for directors and officers regarding cyber matters does not arise from acts or omissions by directors and officers prior to the attack, but rather from conduct of directors and officers once the attack is identified. Disclosures regarding the scope, effect and cause of the attack, and the response by management immediately following the attack, can potentially create either securities class action or shareholder derivative litigation. Therefore, companies should develop and implement long before a cyber attack actually occurs effective protocols and action plans that should and should not be done if a cyber attack against the company occurs. Careful advanced planning in this area can provide a unique opportunity to minimize the potential personal liability of directors and officers for post-attack conduct.
Another related D&O exposure in this context is the potential for criminal charges. For example, in October 2022, the former chief security officer of Uber was convicted of obstructing the FTC’s investigation of a cyber breach involving private personal information about the company’s customers. The company initially disclosed to the FTC the breach involved 50,000 customers. The defendant officer subsequently learned from the hackers in the context of a ransomware demand that the breach involved 57 million customers, but the officer failed to report that updated information to the FTC. In another case, the former chief information officer of Equifax was convicted of insider trading and sentenced to four months in prison based on his sale of $950,000 of company stock before the company’s massive data breach was publicly disclosed.
- ESG/DEI Claims. In the last several years, an unprecedented number of so-called ESG and DEI claims were filed against companies and their directors and officers. The legal theories asserted in these claims are not new or unusual, but the factors which are causing the claims to be prosecuted are recent. Ironically, most of these claims are asserted against companies who are proactive in addressing ESG/DEI concerns as opposed to companies who seemingly ignore the issues (often called “greenhushing”). Those proactive companies are often in a no-win situation because they are criticized for not doing enough (or misrepresenting the impact of what they are doing) or for doing too much. Recent DEI-related lawsuits typically criticize a company and its directors and officers for implementing DEI initiatives that harmed the company’s financial performance or reputation. For example, American Airlines and certain of its fiduciaries were sued in June 2023 for pursuing “leftist political agendas” through DEI strategies which fail to maximize profits. Deutsche Bank paid a $19 million penalty to the SEC for making allegedly misleading statements about its use of ESG factors in connection with its research and investment recommendations. Other similar securities class action or derivative lawsuits have been brought against directors and officers of Disney, Starbucks, Target, Gap, Blackrock, the parent of Ben & Jerry’s (Unilever), McDonalds and Lululemon. These lawsuits have received mixed reactions from courts. Some have been dismissed (e.g., Starbucks, Disney and Gap), some have survived a motion to dismiss (e.g., Target securities suits), and, in one case the defendants were found to have breached their fiduciary duties based on an evidentiary hearing (e.g., American Airlines).
The future of DEI-related investigations and litigation is very much in doubt under the Trump administration. On January20 and 21, 2025, President Trump issue Executive Orders which terminated DEI policies and programs within the federal government and “encouraged” private sector companies to do the same, contending those policies and programs constitute illegal reverse discrimination. Numerous companies have announced their elimination of DEI initiatives both before and after those Executive Orders. For companies that continue DEI policies, the DOJ’s Civil Division announced in June 2025 one of its top priorities is to combat illegal discriminatory practices and policies by bringing DEI-related False Claims Act claims against companies that receive federal funding (in addition to criminal charges by the DOJ).
a. Climate Change Claims. Although climate change issues permeate many industries and generate a variety of legal concerns, D&O litigation has been largely immune to those issues.
On March 6, 2024, the SEC adopted highly controversial new rules requiring larger registered public companies to disclose a wide range of information related to climate change and greenhouse gas emissions information and risks. But in June 2025, the new Trump Administration withdrew those rules, creating uncertainty as to the type an extent of climate change disclosures required by public companies.
In part because of this uncertainty, directors and officers face challenging disclosure obligations and potential liability exposures under both the federal securities laws and some newly enacted state laws. For example, in October 2023, California enacted two far-reaching statutes requiring climate-related disclosures. The Climate Corporate Data Accountability Act requires greenhouse gas emissions data disclosure by all public or private entities doing business in California with gross annual revenues in excess of $1 billion. A second related statute requires companies with more than $500 million of gross annual revenues to develop a biennial report on its climate-related financial risks. Other states are reportedly also considering climate change disclosure laws, such as Illinois, Minnesota, New York and Washington. If and to the extent additional new laws and regulations are enacted by the federal government and other states relating to climate change disclosures, companies and the D&Os may soon be faced with nearly impossible and conflicting climate-related legal requirements which dramatically increase their liability exposures.
The lack of current D&O litigation relating to climate change issues does not mean climate change litigation does not exist. An estimated 1,000 climate change lawsuits have been filed globally in recent years against companies and governmental authorities, with the large majority of those cases being filed outside the U.S. against non-U.S. entities. One well-publicized example is litigation involving Shell plc, a U.K. company. In May 2021, a Dutch court ordered Shell to reduce its emissions by 45% by 2030. On February 9, 2023, an environmental advocacy group filed a shareholder derivative lawsuit in the High Court of England and Wales against Shell’s directors alleging the board is not taking sufficient steps to address the future impacts of climate change and to comply with the court-ordered reduction in emissions.
- Executive Compensation. Although a board’s executive compensation decisions have typically not been overturned by courts consistent with the business judgment rule, the increasingly enormous size of some executive compensation arrangements have been reviewed by courts, with mixed results. On January 30, 2024 and again on December 2, 2024, the Delaware Chancery Court rescinded Elon Musk’s $55.8 billion compensation package following a 2022 trial in a derivative lawsuit on behalf of Tesla against Musk and the Tesla board. The Court concluded Musk’s personal relationships with the directors removed the board’s compensation decision from the business judgment rule. As a result, the defendant directors were required, but failed, to prove the “entire fairness” of the compensation package, even though 74% of the Tesla shares not held by Musk or his brother approved the compensation package. Following Tesla’s subsequent reincorporation in Texas (see discussion below), Tesla shareholders again approved the compensation package under Texas law. The Chancery Court’s ruling is now on appeal to the Delaware Supreme Court.
In contrast, a Federal District Court in New York in February 2024 dismissed a securities class action lawsuit against Apple and its directors and officers alleging the defendants misrepresented information about very large performance-based stock compensation awards to Tim Cook (Apple’s CEO) and other senior executives. The Court concluded the plaintiffs did not plausibly allege any actionable misrepresentations regarding the value of the awards.
- Reincorporation Outside of Delaware. For decades, a large majority of public companies in the U.S. have been incorporated in Delaware, which has a highly regarded business court system and the largest body of governance case law in the nation. Delaware’s dominance as the preferred domicile for public companies was not seriously questioned or challenged until 2024 when, in response to the Delaware Chancery Court rescinding Elon Musk’s $55.8 billion compensation package with Tesla, Musk sought and obtained approval from both Tesla and Space X shareholders to reincorporate those companies from Delaware to Texas. As a further rebuke of Delaware, Musk also reincorporated his brain implant company Neuralink from Delaware to Nevada. That strategy to leave Delaware as the state of incorporation was highly publicized, resulting in several other companies moving out of Delaware to either Texas or Nevada, including Meta, TripAdvisor, The Trade Desk, Tempus AI, Robolox, Sphere Entertainment, Zio Oil and Gas, and Dropbox. In July 2025, the reportedly largest venture capital firm in the U.S. (Andreesen Horowit) announced it was reincorporating in Nevada from Delaware and encouraged all its current and prospective portfolio companies to do likewise. The VC firm observed that the Delaware Chancery Court was losing its “reputation for unbiased expertise,” had “injected an unprecedented level of subjectivity into judicial decisions,” and “introduced legal uncertainty into what was widely considered the gold standard of U.S. corporate law,” in contrast to Nevada, which is building a “technical, non-ideological forum for resolving business disputes.”
There are numerous legal and financial implications to such a reincorporation. But Texas and Nevada statutory laws are clearly more protective of directors and officers than Delaware. For example, the Nevada liability exculpation statute applies to breach of any fiduciary duty, including the duty of loyalty (unlike Delaware law). Under Texas law, shareholder derivative suits are prohibited if independent directors decide prosecuting the lawsuit is not in the company’s best interest, unlike Delaware law which allows shareholders to avoid or circumvent the directors’ decision under certain circumstances. In addition, both Texas and Nevada permit a company to indemnify settlements in derivative lawsuits against directors and officers, unlike Delaware. These differences in state laws may result in D&O insurers treating companies who reincorporate out of Delaware to these or other comparable states more favorably when underwriting their D&O insurance.
Efforts to reincorporate outside Delaware have been criticized by shareholders who contend the reincorporation is motivated by the company’s directors’ attempt to insulate themselves from litigation. For example, in February 2024, the Delaware Chancery Court denied a motion to dismiss such a lawsuit against directors of Trip Advisor who approved the company’s reincorporation from Delaware to Nevada. But the Delaware Supreme Court reversed that decision on February 4, 2025, ruling that the directors’ decision to reincorporate outside of Delaware is protected by the business judgment rule. Perhaps in anticipation of that ruling, the Delaware Chancery Court in November 2024 dismissed claims against directors of The Trade Desk, Inc. related to the company’s reincorporation in Nevada. The dismissal was in large part due to a majority of company shareholders approving the reincorporation.
This exodus from Delaware, which has become known as “DExit,” prompted Delaware to enact new legislation (Senate Bill 21) in March 2025 intended to dissuade companies from leaving Delaware. Among other things, the new legislation adopts new safe harbor procedures for approving transactions with directors, officers or controlling shareholders, establishes criteria for determining the independence and disinterestedness of directors and shareholders, and limits the materials a stockholder may inspect pursuant to a books and records demand. Several lawsuits are now pending challenging the constitutionality of the new legislation under unique provisions in the Delaware constitution.
Both Texas and Nevada enacted new legislation in May 2025 for the express purpose of rebutting Delaware’s new legislature. This bidding war among states for the most protective corporate laws has introduced creative new concepts that other states may follow. For example, Texas’ Senate Bill No. 29, which was signed into law on May 14, 2025, and Senate Bill No. 1057, which was signed into law on May 19, 2025, among other things, codifies the business judgment rule (including specific requirements for rebutting the business judgment presumption), allows corporations to impose a minimum ownership requirement for shareholders to bring a derivative lawsuit, allows corporations to waive jury trials in shareholder lawsuits, restricts the type of materials that must be produced in response to a books and records demand by shareholders (including the exclusion of emails and other electronic communications from “records” that must be produced), and allows any nationally listed corporation based in Texas to impose a minimum stock ownership requirement for a shareholder to submit proposals for adoption at a shareholders meeting. Similarly, the new Nevada legislation allows corporations to waive jury trials in shareholder lawsuits, narrowly defines fiduciary duties owed by controlling shareholders, limits the liability of controlling shareholders, allows disinterested directors to approve a transaction with a controlling shareholder, and affords controlling shareholders liability protection similar to the Nevada business judgment rule for directors and officers.
- Artificial Intelligence. Artificial intelligence (AI) will likely have a profound impact on the liability exposure of directors and officers in future years, not unlike AI’s impact on businesses and society in general. In the D&O context, AI-related exposures will likely arise most frequently in securities class actions which focus on a company’s AI-related disclosures. Investors appear to have “irrational exuberance” for AI-related companies, much like the .com bubble in the late 1990s for internet-related companies. History has repeatedly shown that environment produces not only some wildly successful companies, but also many disappointing or failed companies which become targets of expensive D&O claims.
Examples of AI-related misrepresentations that may result in an artificial inflation of a company’s stock price and an eventual securities class action include:
- A company may falsely promote itself as an AI company or having unique AI capabilities when in fact the company simply processes data.
- A company may overstate or exaggerate its AI capabilities or its ability to successfully commercialize those capabilities (i.e., “AI-washing”).
- A company may fail to fully disclose the material risks associated with its AI strategies and business, including risks from competitors, changing technology, rapid industry evolution, and claims by customers.
These types of lawsuits against companies and their directors and officers are already being filed, albeit in limited numbers so far. For example, fifteen AI-related securities class actions were filed in 2024, which is about double the number of such cases in 2023. Twelve such cases have already been filed in the first half of 2025. These lawsuits allege the defendants overstated the use or effectiveness of AI technology in their business (i.e., “AI-washing”), and target a wide variety of companies, including Upstart (an AI lending platform), Zillow (developer of the Zillow Offers AI tool which provides predictive pricing information for buyers and sellers of houses), Innodata (an AI-enabled software platform company), Evolv Technologies Holdings (developer of AI-based weapons detection products for security screenings), UiPath (robotic process automation tool manufacturer with supplemental AI-powered products), Oddity Tech Ltd. (cosmetics internet platform which purportedly uses AI-based technologies to target consumer needs), and GitLab (an AI developer).
Potential AI-related shareholder derivative lawsuits may also be filed against directors and officers alleging breach of the defendants’ fiduciary duties in connection with AI matters. Examples of this type of claim may include:
- Directors or officers may rely on AI in making a business decision that is harmful to the company, prompting shareholder allegations that such reliance was unreasonable without further investigation into the reliability, capability and accuracy of the AI systems used.
- Directors or officers may fail to use commonly accepted and uniquely applicable AI systems to assist in their decision process, resulting in less informed decisions when compared with other companies under similar circumstances.
- Directors and officers may authorize an expensive, resource-intensive but ineffective strategy to implement, use or market AI, resulting in significant losses and jeopardizing the company’s financial health and reputation.
- Directors and officers may implement inadequate internal controls regarding AI issues resulting in significant claims against the company, including intellectual property infringement, invasion of privacy, defamation and similar tort claims.
- Directors and officers may fail to identify or respond to company risks created by advisors, vendors, suppliers or competitors using (or misusing) AI technology.
- Directors and officers may fail to stay abreast of rapidly changing AI technologies or recognized AI best practices.
In addition, the SEC has been clear that it intends to carefully monitor AI-related disclosures by companies. This oversight has already resulted in several enforcement actions against companies and their executives for misrepresenting AI-related matters, including the April 2025 indictment and parallel SEC lawsuit against the founder and CEO of Nate, Inc. for raising $42 million from investors by misrepresenting the company’s app used AI technology to complete online shopping purchases when in fact the purchases were completed manually by overseas workers.
The number of companies potentially impacted by AI risks is very large and growing. According to Bloomberg Law’s review of 2023 annual reports filed by S&P 500 companies with the SEC, over 40% of the reports mentioned AI. Similarly, a 2023 survey by the National Association of Corporate Directors found that 95% of the responding corporate directors believed AI tools would affect their companies, although 28% said AI issues were not regularly discussed at board meetings. When AI impacts that many companies, the likelihood of at least some of the D&Os liability risks summarized above occurring seems inevitable. Although the legal theories underlying those claims will probably not be new, the frequency and severity of those claims may be alarming for companies in virtually any industry.
To address these concerns, directors should be very proactive in understanding and responding to AI-related risks and opportunities. For example, directors should regularly consider basic AI-related questions such as which senior executive focuses on AI issues; how is AI used within the company; how are AI risks and opportunities identified, evaluated and monitored; how are competitors using AI; should one or more directors with AI expertise be added to the board; and how can the board best stay informed regarding this complex and rapidly changing topic? A 2024 report by ISS-Corporate found that about one-third of S&P companies disclosed in their SEC filings some level of board oversight on AI competency, which is a 150% increase from 2022. In most instances, the full board is performing the oversight function rather than delegating that role to the audit or risk committee.