Trinidad and Tobago: Directors’ Duty To Ensure Y2K Contingency Plans

This is the sixth in a series of articles in which Christopher Hamel-Smith addresses some of the key legal issues arising out of the Y2K challenge. They were written in order to make a contribution to the Trinidad & Tobago business community’s efforts to prepare for the transition into the Year 2000 and to manage the associated risks. Forming part of a broader series on "Information Technology and the Law" by the same author, these articles were first published in the "Business Guardian" over the period June 10, 1999 to September 9, 1999.

It is the responsibility of senior management to lead their company’s response to the Y2K challenge. I have therefore reminded directors and officers that their legal duty to "exercise the care, diligence and skill that a reasonably prudent person would exercise" applies to managing Y2K risks. If they fail to live up to this standard, they are exposed to personal liability. I have also stressed that, even now, we can still significantly reduce the risk of Y2K-related losses with leadership and focused action.

However, because of the multifaceted nature of the Y2K challenge, while you can manage and mitigate the risks, they cannot be eliminated. In modern businesses microprocessors and computer technology are everywhere. We also all have to depend on our critical suppliers of goods and services, including the electricity and water utilities. The very nature of the Y2K challenge makes it critical to develop contingency plans for responding to both internal and external disruptions.

It is quite clear that "a reasonably prudent person" would include contingency planning as an integral part of his company’s Y2K strategy. Accordingly, directors and officers are under a legal duty to ensure that their companies develop appropriate contingency plans for Y2K. They should appreciate that they are exposed to potential personal liability for any losses that are caused by their failure to do so.

What is Plan B?

While the absolute need for contingency planning is clear, the nature of the contingency plans which are appropriate to your own business environment is a matter for senior management’s judgement. Unfortunately, once again there is no one-size-fits-all solution.

With contingency planning as with your other Y2K activities, it is important to make the best use of your scarce resources, particularly time. This means ensuring a tight focus, perhaps again utilising a definition of "Y2K mission-critical failure".

However, at this late stage in the countdown to the Year 2000, you should place significant emphasis on the contingency planning element of your overall Y2K effort. Indeed, you should probably err on the side of over-resourcing your contingency planning exercise.

Your business can obtain real value from the development of contingency plans for Y2K even if, as we hope, there are no major failures or disruptions. This is so since these plans can be adapted to address a wide variety of non-Y2K risks. A significant investment in contingency planning will meet the immediate needs of your company, by preparing it to weather any storms which may be experienced in the transition into the Year 2000. However, it will also result in the creation of useful business assets that add value to your business over the long-term.

For example, some months ago, the disruptions to businesses in the Point Lisas area that were caused by a break in a major water pipeline received widespread publicity. This was hardly a "high tech" problem. Nevertheless, it provided businesses that were dependent on the water supply to continue production with a realistic (if expensive) Y2K "dry run". For the same reason, Y2K contingency plans provide an excellent starting point for businesses to plan how to manage many types of potential disruptions that have nothing to do with Y2K.

Companies whose production was affected by the loss of their water supply would have immediately scrambled to examine their important contracts. Their objective would have been to identify options to manage their exposure to claims by parties further down the supply-chain. Urgent decisions had to be made about what and how to communicate to them, including whether to issue force majeure notices. This is precisely the type of exercise you will find yourself engaged in if your business experiences any serious Y2K disruptions.

Now is the time to develop legal contingency plans for Y2K. To the extent that you have examined your legal options in advance of a major disruption, you may be able to head off potential exposures to liability. In these matters, as always, an ounce of prevention is worth much more than a pound of cure! Even where you cannot eliminate exposure, your advanced planning will help you to be more effective in responding to any threats of liability presented. It is for this reason that, in an earlier article, I had suggested that companies should already be carrying out this type of contractual analysis for each of its "mission-critical" business relationships.

In doing your legal contingency planning, you should also consider a number of other matters such as:

• Your systems and procedures for documenting and maintaining records relevant to your company’s Y2K status and efforts;
• The steps that can be taken to protect directors and officers from personal liabilities, including indemnities, directors and officers’ insurance and unanimous shareholders' agreements; and
• The extent of your cover (if any) under your other policies of insurance and any exceptions and limitations which may apply.

In my next article, we shall examine some of these aspects of a Y2K contingency plan in greater detail.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.