ML Covered - September 2025

We are pleased to share our latest instalment of ML Covered, our monthly round-up of key events relevant to those dealing with Management Liability Policies covering D&O, EPL and PTL-type risks.

140-year-old shareholder rule abolished by the Privy Council

In Jardine Strategic Ltd v Oasis Investments II Master Fund Ltd & Others [2025] UKPC 34, the Privy Council determined that the longstanding "Shareholder Rule", which previously was thought to allow shareholders to inspect a company’s legally privileged documents by virtue of their status as shareholders, should no longer apply in England and Wales.

Background

On 14 April 2021, two companies within the Jardine Matheson corporate group - Jardine Strategic Holdings Ltd (Jardine Strategic) and JMH Bermuda Ltd – were amalgamated to form Jardine Strategic Limited (the Company). A consequence of the amalgamation was that the shares in Jardine Strategic were cancelled. The Company was required to pay fair value for those cancelled shares to shareholders who voted against the proposed transaction. Some shareholders (the Respondents) were not satisfied that the figure that the Company offered them was the fair value for their shares and invoked a statutory process under Bermuda’s Companies Act 1981 for the court to determine fair value.

During proceedings, the Company claimed legal advice privilege over the legal advice received by the group regarding the valuation of the shares in Jardine Strategic. The Respondents argued that this violated the Shareholder Rule that existed in English law, and which should also apply to Bermudian law. The Shareholder Rule means a company cannot, during litigation between it and shareholders or former shareholders, withhold documents from inspection on the ground that the documents are covered by legal advice privilege.

The Company argued that the Shareholder Rule was outdated and was not consistent with modern legal professional privilege, given that shareholders do not have sufficient proprietary or joint interest to justify an exception. The Respondents argued that shareholders and companies share a joint interest in legal advice that affects the rights of shareholders, and that the Shareholder Rule was well established in English law.

Both the Chief Justice and the Court of Appeal ruled in favour of the Respondents. The Company appealed to the Privy Council.

Decision

The Privy Council allowed the Company’s appeal, holding that the Shareholder Rule is not part of Bermudian law and should no longer apply in England and Wales.  It was decided that the Shareholder Rule had originally come about on the basis that shareholders had their own proprietary interest in the company's money. However, this proprietary rationale for the Shareholder Rule had faded away and is incompatible with the modern understanding of companies as separate legal entities.

It was also decided that an exception from legal advice privilege between a company and shareholders, based on a supposed joint interest, ignores the separate personality of the company and would discourage companies from obtaining candid legal advice in confidence. Therefore, the Shareholder Rule did not justify its application to override legal professional privilege. It was also noted that exceptions to legal professional privilege are narrowly construed and must be compelling.

Key takeaways

The Privy Council's decision provides clarity to companies in respect of whether legal advice is privileged. The decision will also help encourage companies to obtain confidential legal advice without fear of having to disclose it to shareholders at a later date. This will be particularly beneficial to directors engaging in governance matters or corporate transactions where there may be a divergence between the company's interests and that of shareholders, or even between different classes of shareholders.

To read the decision, please click here.

Insolvency Service publishes its latest enforcement actions against directors and its accompanying insolvency statistics

The Insolvency Service has published its enforcement outcomes for 2025-26, detailing the enforcement actions taken against directors. The information covers the period from April 2025 to July 2025.

Director disqualifications and bankruptcy restrictions

During the period, there were 363 director disqualifications resulting from enforcement activity under sections 2, 6 and 8 of the Company Directors Disqualifications Act 1986 (the CDDA), with the mean length of disqualifications being 8 years. The number of disqualifications is lower than 2024/25 to the same date, where 397 directors were disqualified.

There were 334 director disqualifications under section 6 of the CDDA from April 2024 to December 2024. Section 6 relates to unfit conduct in relation to an insolvent or dissolved company. This is a decrease on last year's figure to the same date of 371. Similar to the previous year, the majority of these disqualifications remain related to allegations of Covid-19 financial support scheme abuse, with a mean disqualification of 9.2 years. Of the 334 disqualifications, only 1 related to dissolved companies. The Insolvency Service has had the power to investigate directors of dissolved companies as well as insolvent companies since 2021.

The Insolvency Service imposed 35 bankruptcy and debt relief restrictions during the period, a decrease on the 50 imposed over the same period in the previous year. As with the section 6 director disqualifications, the majority of the restrictions relate to allegations of abuse of the Covid-19 financial support scheme.

During the period, the Insolvency Service also convicted 28 individuals, of which half related to Covid-19 financial support scheme abuse. In terms of civil investigations, the Insolvency Service obtained 37 civil compensation orders and undertakings, totalling £2,050,779.

Insolvency statistics

The Insolvency Service's company insolvency statistics for July 2025 showed 2,081 insolvencies in that month, the majority being creditors' voluntary liquidations. This compares with 2,053 insolvencies in the previous month and 2,078 insolvencies in July 2024.

Key takeaways

Although the number of disqualifications has trended slightly downwards from the previous year to the same date, the number of enforcement actions taken by the Insolvency Service remains high. Many of these are a legacy of abuses of the Covid financial support scheme. With the number of corporate insolvencies reaching a 30 year high in 2023 and remaining high across 2024 and 2025, it can be expected that the Insolvency Service will be investigating the conduct of a larger number of directors, potentially resulting in larger number of disqualifications, particularly under section 6 of the CDDA.

To read more about the Insolvency Service's enforcement actions, please click here and for their company insolvency statistics please click here. 

Employment Rights Bill – NDAs update

As you will recall from our August edition of ML Covered, the Employment Rights Bill (ERB) has been with the House of Lords for review as part of the Report Stage which ran from 14 July to 23 July 2025. On 17 July 2025, the Government published an impact assessment entitled "contractual duties of confidentiality relating to harassment and discrimination" which proposes significant changes to non-disclosure agreements (NDAs) and how they should, or, more significantly, should not, interact with disclosures of incidents of harassment and discrimination.

What are NDAs?

A non-disclosure agreement is a legally binding contract that establishes a confidential relationship between two parties. NDAs are often used in an employment setting to prevent business-sensitive information being disclosed.

While NDAs initially were intended to protect commercially sensitive information or data (such as intellectual property rights) there have been findings of these agreements being used to include clauses which prevent people speaking out on other parts of their employment, which do not concern sensitive data, such as experiences of harassment.

What the ERB says?

On 7 July 2025, the Government published an amendment to the ERB which restricted the use of NDAs/ confidentiality clauses in respect of claims of harassment and discrimination. The proposed change would make any provision in an agreement between a worker and employer void in so far as it purports to preclude the worker from making an allegation of or a disclosure of information relating to harassment or discrimination, or an employer's response to allegations of harassment or discrimination. Practically, this means that individuals subject to any of the behaviours, or who witness discrimination or harassment in the workplace, can call out such behaviour without the risk of being sued for breach of contract. Disclosures about the response of the employer to complaints of harassment are also covered by the new provision. Complaints about the harassment itself, as well as any action taken and/or not taken (such as investigations, disciplinaries etc) by the employer would also be covered by the protection.

It is worth noting that an NDA is a catch-all/ umbrella term for any agreement which contains confidentiality or non-disparaging clauses that limit what a signatory can say or who they can tell. In other words, an agreement does not necessarily need to be labelled as an NDA or confidentiality agreement for it to be considered void under the new proposal. If there is a clause which breaches the amendment by seeking to silence an employee, for example within an employment contract, the whole agreement would remain valid, but the clause would be void.

The Government's intention

The Government cites the motivation for this change as a desire to instil confidence in workers that inappropriate behaviour will be dealt with, and not hidden, despite attempts by employers to do so. Additionally, the ban on the use of NDAs to prevent employees from reporting experiences of sexual harassment or discrimination, aligns with the Government's impetus for introducing a proactive duty on employers to take "reasonable steps", which seeks to encourage workers to call out inappropriate and unsafe behaviour in the workplace.

Excepted agreements

It is expected that there will be certain "excepted agreements" which will fall outside of the provision. However, it is currently unclear which agreements will be "excepted". It has been suggested that an NDA requested by an employee, where an employee has received independent legal advice, could constitute an excepted agreement. 

Settlement agreements

It is important to note the proposed change in confidentiality clauses in the context of settlement agreements. With settlement agreements, the employer typically commits to paying a monetary amount to an employee in exchange for the employee waiving any future claims against the employer. The current position is that confidentiality clauses in settlement agreements cannot prevent an individual from making a protected disclosure of matters of public interest under section 43A of the Employment Rights Act 1996 and whistleblowing legislation (the Public Interest Disclosure Act 1998). Any provision to do so will continue to be legally unenforceable. Protected disclosures however do not necessarily encompass all allegations of harassment or discrimination as they need to have a wide application beyond just the individual. Therefore, settlement discussions are often carried out on a "without prejudice" basis and the agreements themselves are confidential.

One of the incentives for an employer to settle a claim is to reduce the likelihood of the claim details being on public record, which could lead to reputational damage and/or other employees bringing claims of the same kind. However, with the proposed change, the confidentiality clauses in settlement agreements would be void. This means that while the settlement payment would not be affected, an employee cannot be prevented from making a disclosure (in exchange for payment). In turn, this could mean that employers are less likely to settle claims (resulting in more claims proceeding via formal dispute resolution channels), since they may feel that they lose the benefit of the allegations and/or claim details being confidential.

Settlement agreements offer many benefits to employees (depending on the circumstances). However, there may be a reduction in these agreements if an employer does not feel adequately protected, and so this may not always benefit the employees as the Government intended. Additionally, if employers are less willing to settle claims, employees are more likely to bring claims via the tribunal process, which has historically been criticised as an arena which promotes an imbalance between the parties due to the stark differences in financial circumstances.

Takeaways

NDAs will not disappear in their entirety. NDAs will continue to exist for the purposes of protecting commercially sensitive information and data. The change will solely concern allegations of harassment or discrimination. For employers who intend to request that an employee sign an NDA, for example during the onboarding process, it would be advisable to remove any wording or clauses which prohibit the disclosure of harassment or discrimination.

As with all changes proposed in the ERB, we are yet to see the full effect. It could be said, however, that removing the ability of employers to silence individual claims of harassment and discrimination may lead to more employees feeling empowered to raise complaints and employers being less willing to settle those claims. This in turn could increase the number of overall claims in tribunals, and which proceed to a final hearing.

Pension scheme secures return of £2.55m after TPR action and Tribunal ruling

Over £2.5 million will be paid into the Danapak Flexibles Retirement Benefits Scheme (DFRBS) following enforcement action by the Pensions Regulator (TPR) and a recent ruling by the Upper Tribunal in Pelgrave v TPR [2025] UKUT 00257. This marks the conclusion of a long-running case involving Dundee-based Discovery Flexibles Limited (DFL), which supplied packaging to major household brands.

TPR launched an investigation after the scheme’s independent trustee reported that funds had been extracted from DFL between 2008 and 2019 while its pension scheme remained in deficit. DFL was owned during this period by Chris Wrigley and his wife Elizabeth, having been bought for £1 in 2008 and sold in 2019 for the same amount. TPR found that these actions caused material detriment to the scheme and pursued contribution notices against four individuals: Chris and Elizabeth Wrigley, and Chris’ siblings, Paul Wrigley and Ann Pelgrave.

In October 2023, the Wrigleys agreed to a £2 million settlement, with Paul Wrigley later paying £222,482.83 in line with TPR’s determination. Ann Pelgrave contested her notice, but on 4 August 2025, the Upper Tribunal upheld TPR’s decision, ordering her to pay £245,749 plus around £85,000 in interest. This brings the total recovery to approximately £2.55 million. Despite this, DFRBS remains in deficit, with a £10.5 million shortfall on a technical provisions basis as of March 2023.

TPR’s Executive Director of Regulatory Compliance, Gaucho Rasmussen, said the case reinforces the regulator’s determination to protect savers and to act when employers neglect their responsibilities, noting that “even when a business is still trading, we will intervene where necessary to safeguard pension benefits". Notably, Chris Wrigley had previously been banned as a trustee in 2017 and was convicted in 2018 for failing to provide information to TPR.

The steps taken by TPR will be of interest to PTL insurers given that PTL policies usually cover the defence costs of defending a contribution notice albeit not the sums due in respect of a contribution notice itself.

To read more, please click here.

Pensions Ombudsman limits trustee recoupment of longstanding overpayments

The Pension Ombudsman (TPO) has partially upheld a complaint against the BIC UK Pension Scheme’s trustees, ruling it was not equitable to recover overpayments accrued before 1 April 2020. This decision follows the Ombudsman's lead case approach in Mr E (CAS-55100-G3W9) and highlights how delay and poor communication can undermine trustees’ ability to recoup historic overpayments.

The background

Mr and Mrs D were members of the BIC UK Pension Scheme. They had been overpaid £31,413 and £16,408 respectively over a 21-year period, due to discretionary pension increases made under invalid scheme amendments affecting pre-6 April 1997 service. These increases were later ruled invalid by the Court of Appeal in BIC UK Ltd v Burgess [2019].

Although the trustees suspended future increases in 2013, they did not warn members that previous payments might be subject to recovery. It was only seven years later, in March 2020, that Mr and Mrs D were notified that not only would their pensions be reduced, but the historic overpayments would be recouped over more than 20 years.  Mr and Mrs D accepted their pensions should be adjusted going forward but challenged the attempt to claw back past payments, citing financial hardship, deteriorating health and lack of clear notification.

The decision

TPO held that it was not equitable for the trustees to recoup the overpayments that had accrued up to 1 April 2020. TPO accepted that Mr and Mrs D had acted in good faith, had not been clearly or informed in a timely way of the overpayments, and had suffered financial detriment by relying on the inflated pension figures over a prolonged period.

Although a February 2013 announcement alluded to possible deductions, TPO found it poorly drafted and lacking sufficient clarity to put the couple on notice. Payslips continued to show the higher pension amounts, and no further warnings were issued. Consequently, the principles of change of position and laches applied, limiting the trustees’ right to recoup. The only recoverable amounts were those overpayments made after 31 March 2020 – £542.69 for Mr D and £313.34 for Mrs D.

In addition, both complainants were awarded £1,000 for serious distress and inconvenience. After offsetting these awards, the trustees were directed to make net payments of £457.31 to Mr D and £686.66 to Mrs D.

Key takeaways

This case reinforces the principle that trustees may not always be entitled to recoup pension overpayments, even when legally permitted. Equitable defences such as change of position and laches can apply where members have spent overpayments in good faith and without clear notice that the sums were incorrect.

The decision underlines the importance of transparent, timely and sufficiently detailed communications by trustees – particularly where members’ long-term financial arrangements are affected. Ultimately, while trustees have a duty to correct overpayments, this duty must be balanced against fairness to members, particularly where the error spans decades and the members are financially vulnerable.

Court of Appeal clarifies rules on non-material damage in data breach claims

On 22 August 2022, the Court of Appeal handed down its judgment in the case of Farley v Paymaster (1836) Ltd, providing clarification on the scope of compensation for “non-material” damage under the General Data Protection Regulation (GDPR). The decision overturns a High Court ruling that had struck out most of the claims brought by 432 pension scheme members whose annual benefit statements (ABS) were mistakenly sent to outdated addresses. The Court confirmed that compensation for fear of data misuse can, in principle, be recoverable (even if the data has not been proven to be accessed by a third party) provided the fear is objectively well-founded.

The background

The claimants were members of a police pension scheme administered by Equiniti. In August 2019, due to a systems error, their ABS, which contained personal data, were posted to old addresses. Although there was no evidence that the statements were seen by unintended recipients in most cases, the claimants alleged that their data protection rights had been breached, and claimed for anxiety, distress, and in some cases, psychiatric injury. They argued that the prospect of their data falling into the wrong hands caused significant fear and emotional harm.

The High Court struck out most of the claims, reasoning that since the claimants could not show the data had come to anyone’s attention, the alleged breaches could not give rise to compensation. The claimants appealed this decision, arguing that disclosure is not a necessary precondition for a data breach claim under the GDPR.

The decision

The Court of Appeal allowed the appeal, clarifying several key points:

1. Disclosure is not required: the Court confirmed that under GDPR, it is not necessary to show that personal data was disclosed to a third party to establish an infringement. Sending data to the wrong address could, by itself, amount to unlawful “processing”.

2. No seriousness threshold: there is no minimum threshold of seriousness required for compensation under EU data law. Courts must instead assess whether the claimant suffered actual non-material damage.

3. Fears must be well-founded: compensation is available for anxiety or distress caused by fear of data misuse, if that fear is objectively reasonable. Purely speculative fears are insufficient. Of the 432 claims, only 14 were supported by evidence that a third party had opened the ABS.

4. Not an abuse of process: the Court rejected the idea that the modest value of these claims made them an abuse of process (known as a “Jameel” abuse). It affirmed that collective actions can be an efficient way to resolve small but legitimate claims.

The case was remitted to the High Court to determine, on a case-by-case basis, whether each individual had a reasonable basis for fearing misuse.

Key takeaways

The Court of Appeal's decision makes it clear that compensation for non-material damages, such as anxiety or fear resulting from a data breach, is recoverable under data protection law. Importantly, claimants are not required to prove that their personal data was accessed or viewed by a third party.

However, they must demonstrate that their fear of potential misuse is objectively well-founded rather than purely speculative.

The Court reinforced the broad definition of “processing” under the GDPR, confirming that even mistaken handling of personal data can constitute an infringement. Moreover, it rejected the notion of imposing a minimum threshold of seriousness for claims, ensuring that individuals can seek redress for less tangible, emotional harms. Finally, by upholding the legitimacy of collective actions for relatively modest claims, underscoring the need for pension schemes to prioritise data accuracy and security to avoid costly and reputational risks.

This is an important decision in the pensions context given the fact that trustees hold a large amount of personal data and as a result there is a risk to them of these types of actions if statements or other documents end up being sent to the wrong address.  For PTL insurers this is a case to note given that PTL policies are likely to cover the cost of these actions and the damages as well

To read the case, please click here.