Written by Tim Bednall.
The Full Federal Court has delivered a 2:1 split decision denying an appeal by Mr and Mrs Cassimatis, executive directors and owners of the failed Storm Financial Limited ("Storm Financial"), and upholding findings that they had breached their obligations of care and diligence under s180(1) of the Corporations Act.
Storm Financial collapsed in the wake of the GFC. ASIC commenced proceedings against Mr and Mrs Cassimatis, but not the non-executive directors of Storm Financial, alleging that they had breached their obligation of care and diligence to the company (which they owned) by managing the business of the company in a manner that caused or permitted inappropriate financial advice to be given to financially vulnerable clients in contravention of Storm Financial's statutory obligations under the former s945A(1)(b) and (c) of the Corporations Act.
ASIC argued the case as a "pure" stepping stones case. The only allegation against Mr and Mrs Cassimatis was a breach of s180(1), and ASIC proceeded on the basis that it must prove that Storm Financial contravened s945A in order to prove the breach of s180(1) by the directors. ASIC claimed that a reasonable director in the Cassimatis's position would have realised that the application of the "Storm model" of highly geared investments to financially vulnerable clients would have been inappropriate, and taken steps to prevent it. Although a breach of s945A was an offence, requiring proof beyond reasonable doubt, in this case (as in others) it was accepted that ASIC need only establish on the balance of probabilities that Storm had breached s945A. ASIC did so in relation to 11 clients, in only 6 statements of advice, out of a total book of several thousand clients. (ASIC never took action against Storm Financial for these breaches.)
In order to establish a breach of s180(1), it is necessary to establish that at the relevant time, there was a reasonably foreseeable risk of harm to the company, and that a reasonable director could and would have taken steps to prevent the harm. Edelman J, at first instance, accepted ASIC's arguments and found that the foreseeable consequences of non-compliance could have been "catastrophic" for Storm Financial: being guilty of an offence, cancellation or suspension of its AFSL, banning orders, and damages claims by clients, which could ultimately have threatened "its very existence".
The majority of the Full Federal Court agreed: "In failing to guard against the foreseeable harm flowing from contraventions by Storm, the directors failed to discharge the degree of care and diligence required of them by s180(1)." This is the essence of the stepping stones approach to directors' liability under s180(1).
The majority also endorsed observations by the trial judge that the obligation of care was owed to the company, but that was not limited to the interests of shareholders – that is, it was not necessary to prove actual loss to the company and "harm" included harm to reputation and other non-pecuniary consequences, not just financial harm.
However, Rares J dissented, and provided an alternative analysis of the facts that raise a number of issues in relation to ASIC's use of the "stepping stones" technique to seek civil penalties and disqualification orders against directors when companies breach the law.
The issues raised by Rares J included the following:
- Section 180(1) is being used as a back-door method of imposing accessorial liability on directors [where the established elements of accessorial liability cannot be proven]. The courts have long been concerned about this issue, but it has rarely been influential in decisions on s180(1). His Honour observed that "it is unlikely that Parliament intended that s180(1) … would displace, modify or affect a specific statutory duty ... including a duty not to be involved in a contravention of a provision of the Act" (i.e. accessorial liability under s79).
- When making "stepping stones" allegations, ASIC alleges that directors breach their obligations under s180(1) by causing or permitting a company to breach other legal obligations for which it was likely that ASIC itself would invoke remedies against the company. In other words, ASIC alleges that s180(1) is breached because it was foreseeable that ASIC would enforce other provisions against the company, whether or not it did so.
- In this case, while a breach of s945A could have led to the cancellation of Storm Financial's AFSL and other actions by ASIC, Rares J was concerned that ASIC led no evidence that it would have done so. Because ASIC was the only party capable of providing that evidence, and did not do so, the court should have concluded that any evidence would not have assisted ASIC. He concluded that in the circumstances of the particular contraventions, at the time those contraventions took place, a reasonable director would not have foreseen any material harm arising from the breach, let alone catastrophic consequences. He found that the most likely consequence of ASIC discovering these breaches at the time would have been prompt remedial action by the directors, not banning orders and cancellation or suspension of Storm Financial's AFSL.
This issue is important: ASIC has been criticised for not taking appropriate enforcement action in the period prior to the Financial Services Royal Commission in 2018. It cannot be sufficient for ASIC to simply assert that it would have taken action that harmed a company if it did not actually do so, and had no record of doing so in similar circumstances. If directors are going to be fined up to $1,110,000 per breach and disqualified based on harm that is reasonably foreseeable, ASIC should prove that was so.
The conclusion in Rares J's dissent sounds a warning for ASIC, and hopefully provides a guide that will be taken by ASIC in the conduct by ASIC of future stepping stones cases:
"It is important to appreciate that the result at which I have arrived is the consequence of the artificial way in which ASIC sought to establish its case, by inference and not direct evidence, as to what it would have done. That case employed s 180(1) in an arcane and backdoor fashion. ASIC did not seek to prove directly that merely because of Mr and Mrs Cassimatis' roles, as principals or accessories, in Storm's actual contraventions of s 945A(1)(b) and (c), they had breached a duty under s 180(1). Instead, ASIC deliberately eschewed such a case and relied on the arcane argument that an indirect consequence of the contraventions was that it was likely that ASIC would have pursued a severe regulatory outcome, when it was unwilling to prove that it would have so acted."
This case stands as the most recent in a long line of cases (including James Hardie and AWB) in which notorious behaviour by a company has resulted only in findings against directors for breaching s180(1). The time must come, encouraged by the dissenting judgment in the Cassimatis appeal, for rethinking the public policy behind a section that allows the regulator to extract civil penalties for mere negligence by directors who failed to prevent a contravention by their company that was not prosecuted, that may never have been prosecuted, and for which the directors were not accessories under the law.