Q1 2025 FINPRO Management Liability: Need to Know

Every quarter, our management liability team shares noteworthy trends and emerging issues to help US-based companies make decisions to manage their risks. In this issue, we look ahead to the directors and officers (D&O) liability, employment practices/wage and hour liability, fiduciary liability, and kidnap, ransom, and extortion risks that organizations are expected to face in 2025.

Our Q1 2025 issue focuses on:

• Despite a drop in enforcement actions by the Securities and Exchange Commission (SEC), it is important for organizations to be prepared, including by establishing robust internal controls over financial reporting and confirming they have the right coverage in place.
• The SEC established the Cyber and Emerging Technologies Unit to combat cyber-related misconduct and protect retail investors. It is important for organizations to review their D&O program to determine whether it provides adequate coverage for investigations amid a focus on fraud.
• The Equal Employment Opportunity Commission could see a shift in its focus and priorities under new leadership, requiring employers to be mindful of potential developments and expect more questions from carriers.
• Recent lawsuits alleging fiduciary breaches in healthcare plan administration underscore the increasing scrutiny of fiduciary responsibilities and the potential financial implications for plan participants.
• The Supreme Court’s consideration of a key ERISA case aims to clarify conflicting circuit interpretations. The outcome could have implications for fiduciaries.
• Recent court rulings regarding ESG investments in retirement plans underscore the need for fiduciaries to carefully navigate their duties of loyalty and prudence while adapting to evolving regulatory standards and monitoring investment managers’ activities.

D&O Liability

Show us the money: Unpacking the SEC's 2024 enforcement report

The Securities and Exchange Commission’s (SEC) recently published enforcement activity report for fiscal year 2024 reveals a significant decline in enforcement actions. The 583 actions filed in 2024 mark a 26% decrease from 784 in fiscal year 2023. This decline reflects some of the lowest activity levels in nearly a decade, particularly in standalone enforcement actions, which dropped to 431 cases.

While enforcement actions against public companies and their subsidiaries fell by 12%, the 80 actions during the period were slightly above the nine-year average. Notably, 22 of these actions were related to record-keeping violations due to off-channel communications (for example, using texts or other communication technologies that do not always preserve a communication that may be a business record).

Financial remedies obtained by the SEC reached a historic high of $8.2 billion, driven largely by a single case that accounted for approximately 56% of this total. Because of that, these numbers may not accurately reflect overall enforcement trends.

Other notable findings include:

• Despite a rise in monetary amounts, the number of actual SEC enforcement actions decreased in 2024.
• Mark Uyeda has been named as acting chairman of the SEC. This change at the helm may lead to a shift of enforcement goals. 
• Traditionally, enforcement activities tend to be lower in the year a new chair is appointed, as it takes time for the chair to establish their enforcement priorities. Consequently, 2025 may experience another year of diminished enforcement levels.
• To reduce the risk of a potential investigation, companies should establish robust internal controls over financial reporting to prevent inaccuracies and fraud. This approach includes conducting regular audits and assessments of financial processes.
• In the event that any compliance issues are identified, companies should take prompt action to address them and maintain transparent communication with the SEC if required.
• Companies should also review D&O coverage to confirm that there is investigation coverage for individuals, which is a common coverage.
• Many carriers are also offering investigation coverage for the entity. We recommend discussing adding this coverage with your broker or insurance advisor.

Navigating the cyber frontier: SEC launches new unit to tackle tech fraud

In February 2025, the SEC announced the creation of a new Cyber and Emerging Technologies Unit (CETU), which will replace the existing Crypto Assets and Cyber Unit. This unit aims to combat cyber-related misconduct and protect retail investors from bad actors in emerging technologies.

Acting SEC Chair Mark Uyeda emphasized that the CETU will safeguard investors and “facilitate capital formation and market efficiency by clearing the way for innovation to grow”.

The unit will focus on various priority areas, including fraud involving artificial intelligence, crypto, social media, and blockchain technology. It is worth noting that the SEC has always focused on fraud prevention so this is not a new enforcement priority.

In view of this development, companies should confirm that their D&O insurance covers investigations against individuals. Many carriers now offer investigation coverage for the entity. It is prudent to talk to your broker or insurance advisor to determine whether your existing coverage provides you with adequate coverage.

[back to top]

Employment Practices Liability

EEOC: A historic year of recovery, new leadership, and changing priorities

In fiscal year 2024, the U.S. Equal Employment Opportunity Commission (EEOC) achieved a milestone, recovering a record $700 million for workers. This substantial recovery exceeded the previous high of $665 million, from FY 2023, and marked a notable success in the agency’s ongoing efforts to combat workplace discrimination. The bulk of this recovery — $470 million — came through mediation, conciliation, and administrative settlements. Approximately $200 million was secured for federal employees, while litigation efforts resulted in an additional $40 million for workers across various sectors.

The fiscal year also saw an alarming increase in workplace discrimination complaints, with nearly 90,000 new charges filed. This represents a nearly 10% increase from the previous year, highlighting a growing concern about workplace discrimination across the US.

New leadership and strategic shifts

In January 2025, President Trump appointed Andrea Lucas acting chair of the EEOC, ushering in a new era of leadership and signaling significant shifts in the agency’s focus and priorities. Under Lucas’s leadership, the EEOC has moved away from some of the initiatives prioritized by the previous administration and is pursuing a direction that aligns more closely with the new administration’s broader policies.

Lucas has outlined her vision for the agency, which includes a focus on eliminating unlawful discrimination motivated by diversity, equity, and inclusion (DEI) initiatives, protecting workers from national origin discrimination, and affirming biological distinctions between the sexes in workplace policies. She has emphasized the need to address religious bias, including rising concerns over antisemitism, and has committed to rescinding previous guidance on issues such as misgendering and gender-aligned bathroom access. This marks a stark contrast to the more expansive view of gender identity and sexual orientation protection championed during the prior administration.

Policy changes: A focus on biological sex and national origin discrimination

A key area of focus for Lucas has been reversing policies that she believes overreach in the realm of gender identity and sexual orientation. Under her leadership, the EEOC is expected to rescind guidance that prohibited misgendering and restricted access to gender-aligned bathrooms, advocating instead for the protection of single-sex facilities based on biological sex. The agency has already begun dismissing cases that involve claims of discrimination based on sexual orientation and gender identity.

Lucas has also placed a strong emphasis on national origin discrimination. As part of the new agenda, the EEOC is scrutinizing employer practices that potentially discriminate against American workers in favor of foreign nationals. This is in line with the president’s executive orders addressing immigration concerns and prioritizing the protection of American workers. The EEOC’s focus on ensuring that all workers, including US citizens, are treated equitably in the workplace has led to an increase in enforcement actions related to national origin bias.

Along these lines, the EEOC recently entered into a settlement agreement with a hotel chain accused of discriminating against non-Japanese employees, including American nationals, in violation of Title VII of the Civil Rights Act. The settlement, which totaled more than $1.4 million, was the first seven-figure settlement under the new administration and highlights the EEOC’s commitment to addressing national origin discrimination. Acting Chair Lucas underscored that the agency’s focus on national origin bias would be a top priority moving forward, especially in industries that employ large numbers of foreign workers.

Future priorities and enforcement of new policies

As the EEOC evolves under Lucas’s leadership, employers must stay vigilant regarding changes in enforcement priorities. While Lucas has been critical of certain aspects of the prior administration’s approach, including policies on abortion accommodations and LGBTQ+ protections, the agency’s commitment to upholding civil rights and ensuring fair treatment for all workers remains unchanged.

One area where the EEOC’s focus is likely to expand is the scrutiny of employer practices related to DEI programs. In industries such as agriculture, construction, healthcare, and hospitality, which often rely on immigrant labor, the EEOC’s renewed focus on national origin discrimination may have significant implications for hiring practices.

Considerations for employers

Employers should be aware that while the EEOC’s new leadership is reshaping enforcement priorities, they must still comply with existing federal, state, and local anti-discrimination laws. In particular, employers should review their policies on DEI initiatives, hiring practices, and accommodations for pregnant workers, as these are likely to come under increased scrutiny under Lucas’s leadership.

For example, the EEOC’s stance on the Pregnant Workers Fairness Act (PWFA) is evolving. Lucas has expressed concerns over the current regulations, particularly those related to abortion accommodations, and has signaled that the agency will revisit its approach to the PWFA. Employers should keep track of potential regulatory changes in this area to ensure ongoing compliance.

Moreover, it is expected the EEOC’s position on artificial intelligence may change. In May 2023, the EEOC issued guidance on how AI algorithms in employment tools could violate Title VII protections against bias, but this guidance has since been removed from the EEOC website. However, employers should remain mindful of potential future regulatory developments regarding the use of artificial intelligence in hiring and employment practices.

Companies can anticipate carriers asking questions regarding these issues.

[back to top]

Fiduciary Liability

A dismissal isn’t always a dismissal

The first large case alleging excessive fees for health plans — in violation of the Employee Retirement Income Security Act (ERISA) — is moving forward after plaintiff arguments were amended.

The plaintiff had initially failed to overcome a motion to dismiss, with the judge ruling a lack of standing due to insufficient personal harm, despite claims of economic damages stemming from higher premiums and out-of-pocket costs.

The amended suit now adds a second plaintiff and asserts that the plaintiffs were indeed harmed by the defendants' fiduciary breaches, which allegedly inflated drug costs and subsequently raised COBRA premiums.

This case raises critical questions about the adequacy of fiduciary practices in healthcare plan administration and whether these modifications to the complaint will be sufficient to persuade the court to allow the lawsuit to proceed.

While industry observers thought that the dismissal of the first case would dissuade other potential plaintiffs, a new lawsuit has been filed against a large bank, alleging breaches of fiduciary duties in the administration of their health plan. Plaintiffs claim that the defendants mismanaged the prescription drug benefits program, resulting in inflated drug prices that have cost participants millions of dollars. They contend that the defendants failed to negotiate better rates with their pharmacy benefits manager (PBM) and neglected to monitor drug pricing or address conflicts of interest. The plaintiffs also assert that the defendants' failure to disclose required compensation information under the 2021 Consolidated Appropriations Act constitutes a prohibited transaction.

As these cases unfold, they underscore the increasing scrutiny of fiduciary responsibilities in managing healthcare plans and the potential financial implications for plan participants. Fiduciary insurance underwriters continue to struggle with determining what questions to ask as they consider the risk of healthcare ERISA litigation. Additional cases could have significant impact on the fiduciary insurance market.

What constitutes a prohibited transaction?

This January, the US Supreme Court heard oral arguments in a pivotal case that aims to clarify the pleading standards for prohibited transaction and excess fee claims against fiduciaries under ERISA. This case addresses a significant split in appellate court decisions regarding whether plaintiffs need only demonstrate that a plan paid a third party for services, or if they must also show harm or plead that no exceptions exist.

The core issue revolves around the interpretation of ERISA's provisions, particularly Section 406, which outlines prohibited transactions, and Section 408, which details exceptions. The Eighth and Ninth Circuits have ruled that a plaintiff can initiate a claim by simply alleging a prohibited transaction, without a requirement that plaintiffs show that an exception does not apply. This would shift the burden to fiduciary defendants to prove that an exception to the prohibited transaction exclusion applies. The Second Circuit's ruling requires plaintiffs to not only allege the occurrence of a prohibited transaction, but also to demonstrate that the services were unnecessary or overpriced.

This divergence in judicial interpretation raises concerns for fiduciaries, especially since it could lead to increased litigation costs and discovery burdens. The Third, Seventh, and Tenth Circuits have also added layers of complexity by requiring additional allegations, such as fraud or self-dealing. The outcome could have far-reaching implications for fiduciaries, as nearly all retirement plans engage third-party service providers, exposing them to potential litigation.

If the court decides that the simple allegation of a prohibited transaction is sufficient to make it through motion to dismiss, fiduciary insurers will likely be concerned about the potential of similar cases, especially since almost all plans use service providers. Associated defense costs could lead to a continuation of the current trend of rising insurance retentions.

Understanding fiduciary responsibilities amidst evolving ESG regulations

In late January, a US District Court in Texas issued a significant ruling concerning an airline’s consideration of environmental, social, and governance (ESG) investments within its retirement plans. The court determined that while the company did not violate its duty of prudence, it did breach its duty of loyalty by allowing ESG factors to influence the management of its 401(k) plan.

The court noted that the defendant’s primary investment manager pursued non-pecuniary ESG policy objectives through proxy voting, thereby prioritizing factors beyond the best financial interests of plan participants. This ruling indicates that plan fiduciaries may need to closely monitor their investment managers’ voting activities and carefully assess any potential conflicts of interest. Although damages have yet to be awarded, the ambiguous outcome has prompted state officials to advocate for clearer federal regulations regarding ESG investments and fiduciary duties.

In 2020, the Department of Labor issued an investment rule — Financial Factors in Selecting Plan Investments — that prohibited fiduciaries from considering non-pecuniary factors, such as ESG, in their investment decisions. However, the rule did not clarify whether such non-pecuniary factors could serve as tiebreaks between two or more investment options that would presumably equally benefit participants. In 2022 the Labor Department enacted a new rule — Prudence and Loyalty in Selecting Plan Investments and Exercising Shareholder Rights ­— which overturned the 2020 rule, allowing fiduciaries to consider collateral benefits when multiple investment options equally serve the plan’s best interests.

Subsequently, 25 states filed a lawsuit against the Department of Labor challenging the 2022 rule. In February 2025, the District Court in State of Utah v. Micone upheld the 2022 regulation. However, this decision still lacks clear guidance for the future. While the ruling asserts that fiduciaries considering ESG and other non-pecuniary factors are not in violation of ERISA, it does not explain how fiduciaries might justify ESG investments under the tiebreak rule or clarify the appropriate intent behind such investments.

While court guidance remains somewhat ambiguous in both cases, the fundamental principle remains unchanged — fiduciaries must act solely in the financial interest of plan participants. In view of these developments, we anticipate that fiduciary insurers will begin to inquire about insureds’ practices regarding active monitoring of investment managers and ESG investment strategies. Insureds should prepare by regularly reviewing plan investment options and their subsequent performance and take time to examine any qualitative reasoning behind investment choices.

[back to top]