Sarkar's Theorem posits that with increased regulation comes increased litigation. A corollary is also true, when regulatory issues are brought to light, tag-along lawsuits will threaten to block out the sun. A case in point is the almost year-old derivative suit filed against JPMorgan Chase while it was going through the fallout of various compliance issues.
Per the Complaint's homepage,
"This is a shareholder derivative lawsuit brought against the board of directors of JPMorgan Chase. It alleges that the board systemically failed in its role to oversee the bank’s operations leading to billions of dollars in government fines and settlement payments in civil actions."
The most recent "proof" of this corollary may be HSBC. Over the past week, HSBC has admitted that its Swiss private bank may have allowed some customers to dodge taxes. Not surprisingly, this has caused numerous governments, including the U.S., to investigate these actions and has caused the Justice Department to consider reopening a 2012 deferred prosecution agreement that allowed the bank to avoid criminal charges over money-laundering allegations. This situation may also be having an adverse effect on HSBC's stock price in multiple markets. If Sarkar's Theorem and corollary hold, these regulatory compliance issues will likely spawn a wave of litigation based upon such alleged failures as some may now accuse HSBC and its governing bodies of failing to properly oversee its operations causing injury to the company, its stock, and its shareholders.
Businesses, public and private, should not view these instances as outliers, but cautionary tales. Almost every business is involved in some type of regulated industry and failing to identify and mitigate compliance risk – often coming from the alphabet soup of RICO, FCPA, FCA, TCPA, AML/BSA, UDAP, UDAAP and, increasingly, cyber security and data privacy statutes and standards – can provide the basis for shareholder actions, regulatory investigations, whistle blower cases, and private Attorney General actions. Many of these could also be preceded by FTC, SEC, CFPB, DOJ, or other state and federal investigations.
As with most risk management issues, education and preparation is critical. To help mitigate and avoid litigation and enforcement actions, business and board members should retain counsel that understands their business's environment so they can properly evaluate compliance and litigation risks. Compliance audits and training are also critical tools in this process and may allow a company to lessen or avoid regulatory penalties (see, for example, the FCPA). Taking these steps in a deliberate and analytical manner will help on-going compliance (it is a process not an event), reduce litigation and reputational risk, and will help ensure that businesses do not test the Law of Large Numbers (either in number of suits or potential damages).