Article

Stepping stone liability: When business gets personal

WRITTEN BY Lauren Babic

Companies are traditionally chosen as the vehicle of choice for operating a business; it is a separate legal entity, with the same rights as a natural person and can incur debt, sue and be sued. It has a ‘corporate veil’ that is designed to limit a shareholder’s and director’s liability – the people are not generally liable for the company’s debts.

Despite the ‘corporate veil’ enabling people to pursue social and commercial ventures without significant fear of personal liability, company directors nonetheless remain subject to a vast array of duties in their individual capacities; these duties tend to expose the director to a form of personal liability.  The Corporations Act 2001 (Cth) requires directors to comply with fundamental duties of care, and at all times to act in the best interests of their companies.

Breaches of these directors’ duties can arise in the context of breaches of the law by the company itself giving rise to the notion of ‘stepping stone’ liability where a company contravention leads to the establishment of a director’s individual liability for failing to prevent that contravention.

Stepping stone liability in practice

The earlier approaches to stepping stone liability were dealt with in a series of proceedings brought by ASIC against the directors of the James Hardie group of companies (JHIL) where those directors approved the separation of two subsidiaries facing asbestos related liabilities from the group. As part of the separation, JHIL announced on the ASX that there would be funds available to meet present and future asbestos related claims made against the separated companies.

It was subsequently discovered that this ASX announcement contained misleading statements about the sufficiency of the funds available, thus breaching the ongoing disclosure requirements of the ASX and constituting the first stepping stone. ASIC argued (and the Court subsequently found) that it followed that the directors had breached their duty to act with care and diligence by approving the announcement.

While this is a straightforward example of stepping stone liability, it is not always this simple.

Skipping steps: shedding light on the nuances of stepping stone liability

As the recent case of ASIC v Cassimatis (No 8) [2016] FCA 1023 made clear, it is entirely possible to have one step without the other. For example:

  • the company does not need to have been found to have breached a provision of the Corporations Act or any other law in order for directors to be found liable for a breach of their duties; and
  • even if the company has breached the law, a breach of duty is not presumed. Rather, it requires a consideration as to whether the director has exercised reasonable care, to “prevent a foreseeable risk of harm to the interests of the company”.

The Cassimatis case concerned the directors of a financial advice company (the defunct Storm Financial Ltd) who had allowed the company to provide inappropriate financial advice to clients without having a reasonable basis to do so in breach of the Corporations Act.

The Federal Court found Mr and Mrs Cassimatis breached their directors’ duties by permitting, or failing to prevent Storm from providing inappropriate investment advice. In particular the Court found that a reasonable director with the responsibilities of the Cassimatises would have been aware of a strong likelihood of contravention of the law and would have taken precautions to prevent it.

Then what is required of directors?

Cassimatis established a ‘balancing act’. Justice Edelman confirmed that the relevant test of whether a director has exercised their duties will require ‘balancing the foreseeable risk of harm against the potential benefits that could reasonably have been expected to accrue to the company from the conduct in question’.[1] Edelman J further clarified that harm encompassed ‘any of the interests of the corporation’ and that the task of risk-benefit balancing required consideration of what a reasonable person would have done in response to the risk in light of the particular circumstances.[2]

The Cassimatis case is a helpful reminder to company directors that strict compliance with a company’s legal obligations may not always be enough to shield themselves from personal liability, and that they must always exercise their duties honestly, and in the bests interests of the company.

If you have any questions or concerns about your obligations as a company director, get in touch with our Business & Commercial team.

Written by Lauren Babic with thanks to Bryce Robinson


[1]ASIC v Cassimatis (No 8) [2016] FCA 1023, [465]-[486].

[2] ASIC v Cassimatis (No 8) [2016] FCA 1023, [480]-[483].

Join our mailing list

Get in touch