How can we ensure corporations play by the “rules of the game”—that is, laws encouraging firms to avoid socially harmful conduct? Corporate compliance programs play a central role in society’s current response. Prosecutors give firms incentives—through discounts to penalties—to implement compliance programs that guide and monitor employees’ behavior. However, focusing on the incentives of firms overlooks the perspective of managers, who decide how much firms invest in compliance. We show that stock-based pay, ubiquitous for corporate executives, creates systematic incentives to short-change compliance. Compliance is a long-term investment for firms, whereas managers’ time horizon is truncated to the date they expect to liquidate stock. Moreover, investors find it hard to value compliance programs because firms routinely disclose little or nothing about their compliance activities. We show that stock-compensated managers prefer not to disclose compliance because such disclosure can reveal private information about a firm’s propensity to misconduct. As a result, both managers and markets are likely myopic about compliance. How can this problem be resolved for the benefit of society and shareholders? Boards of directors are supposed to act as monitors to control managerial agency costs. We show that the increasing use of stock-based compensation for directors, justified as a means of encouraging more vigorous oversight of business decisions, also has a corrosive effect on boards’ monitoring incentives for compliance. Directors in theory face liability for compliance oversight failures, but only if so egregious as to amount to bad faith. We argue that this standard of liability, established in an era before ubiquitous stock-based compensation for both managers and directors, has now become too lax. We propose more assertive directors’ liability for compliance failures, limited in quantum to a proportionate clawback of stock-based pay. This would add power to the alignment of directors’ interests with those of shareholders—directors would stand to lose more than just a decrease in the value of their stock in the event of a compliance failure—but limiting liability in this way would avoid pushing boards to overinvest in compliance. We outline ways in which this proposal could be implemented either by shareholder proposals or judicial innovation.
What role do corporate boards play in compliance? Compliance programs are internal enforcement programs, whereby firms train, monitor and discipline employees with respect to applicable laws and regulation. Corporate enforcement and compliance failures could not be more high-profile, and have placed boards in the position of responding to systemic problems. Both case law on boards’ fiduciary duties and guidance from prosecutors suggest that the board should have a continuing role in overseeing compliance activity. Yet very little is actually known about the role of boards in compliance. This paper offers the first empirical account of public companies’ engagement with compliance at the board level, drawing on director-level data from BoardEx and data on federal organizational prosecutions from the Duke University and University of Virginia Corporate Prosecution Registry. We find that, despite a standard account that compliance has boomed, few boards actually adopt compliance committees. Less than five per cent of U.S. public companies have done so, although the proportion has grown steadily over time. We use our data to explore why boards establish compliance committees. Our results suggest that there is room for more constructive engagement with compliance by many boards. We conclude by recommending ways in which board compliance might be facilitated or encouraged: reconsidering norms about board size and independence, enhancing accountability of directors to regulators, and tightening state law fiduciary duties regarding oversight.
What are the implications of artificial intelligence (AI) for corporate law? In this essay, we consider the trajectory of AI’s evolution, analyze the effects of its application on business practice, and investigate the impact of these developments for corporate law. Overall, we claim that the increasing use of AI in corporations implies a shift from viewing the enterprise as primarily private and facilitative, towards a more public, and regulatory, conception of the law governing corporate activity. Today’s AI is dominated by machine learning applications which assist and augment human decision-making. These raise multiple challenges for business organization, the management of which we collectively term “data governance.” The impact of today’s AI on corporate law is coming to be felt along two margins. First, we expect a reduction across many standard dimensions of internal agency and coordination costs. Second, the oversight challenges—and liability risks—at the top of the firm will rise significantly. Tomorrow’s AI may permit humans to be replaced even at the apex of corporate decision-making. This is likely to happen first in what we call “self-driving subsidiaries” performing very limited corporate functions. Replacing humans on corporate boards with machines implies a fundamental shift in focus: from controlling internal costs to the design of appropriate strategies for controlling “algorithmic failure,” that is, unlawful acts by an algorithm with potentially severe negative effects (physical or financial harm) on external third parties. We discuss corporate goal-setting, which in the medium term is likely to become the center of gravity for debate on AI and corporate law. This will only intensify as technical progress moves toward the possibility of fully self-driving corporations. We outline potential regulatory strategies for their control. The potential for regulatory competition weakens lawmakers’ ability to respond, and so even though the self-driving corporation is not yet a reality, we believe the regulatory issues deserve attention well before tomorrow’s AI becomes today’s.