This is a round-up of the most interesting finance litigation and contractual developments in 2020. The selection is necessarily subjective and draws from a wide range of cases and developments that are of direct relevance to finance parties.
Contract and Covid-19
Business interruption insurance policies cover pandemic
The High Court held that losses caused by the Covid-19 disruption are recoverable under business interruption insurance policies pursuant to most disease clauses (ie the business interruption is due to a notifiable disease within a specified radius of the premises), and certain denial of access clauses (ie prevention or hindrance of access to or use of the premises due to Government or other authority action or restrictions) for certain types of policyholder. On the latter, relevant considerations include the detailed wording of the clause and how the business was affected by the Government response to Covid-19.
The court also held that the Covid-19 pandemic and the Government response are a single cause of loss and are not part of the “but for” scenario for the purpose of reducing quantum.
The Supreme Court dismissed the insurers’ appeals (albeit accepting some of their arguments) and allowed the Financial Conduct Authority (FCA) and Hiscox Action Group appeals either fully or on a qualified basis. However in doing so the Supreme Court disapproved the High Court’s single cause of loss approach. It instead held that, whilst the other consequences of the Covid-19 pandemic beyond the insured peril were part of the “but for” scenario, they constitute a concurrent proximate cause with the insured peril. The Supreme Court extended existing case law on concurrent proximate causes to find that quantum was not to be reduced by the effects of the uninsured concurrent proximate cause(s).
Material Adverse Effect clauses
The importance of a textual analysis of the contractual language in ascertaining the meaning and effect of Material Adverse Effect (MAE) clauses was emphasised in Travelport Ltd & ors v WEX Inc  EWHC 2670 (Comm), 12 October 2020.
WEX entered into a share purchase agreement with Travelport to acquire two companies that provided virtual credit and payment services to the travel payments market. Under the MAE clause, conditions resulting from a pandemic could only be taken into account if they had a disproportionate effect on the target companies as compared to other participants in the industries in which the target companies operated.
Travelport sought to avoid the transaction by invoking the MAE clause and argued that the relevant industry for comparison was the “travel payments industry”. The court disagreed, holding that the word “industry” suggested a broad pool of participants. It also found that the “travel payments industry” was not a term in established use, but rather referred to informally and with varying meaning. Instead, the relevant industry was the “B2B payments industry”.
The parties have since settled. This litigation shows the tension between greater specificity, which, with the benefit of hindsight, may have worked in Travelport’s favour, and ambiguity, which can help provide fuel for renegotiation if the unexpected happens between signing and completion.
The most significant decision to date as regards the enforcement of EU and UK competition laws relating to anti-competitive agreements and practices between independent businesses, Sainsbury’s & ors v Mastercard & ors  UKSC 24, 17 June 2020, held that the multilateral interchange fees (MIFs) that retailers, such as Sainsbury’s, paid on Mastercard and Visa card payments restricted competition.
On the competition law issues, the Supreme Court confirmed that it was bound by the 2014 decision of the Court of Justice of the European Union1 (CJEU). The MIFs in this case were materially indistinguishable from the MIFs charged by Mastercard in the European Economic Area (EEA) that breached EU competition law (Article 101(1) TFEU).
The ruling also clarified that the exemption in Article 101(3) TFEU only applies if supported by “robust analysis and cogent empirical evidence”. However, this cannot take into account benefits obtained by different consumer groups in a “two-sided market”. For example, benefits obtained by Mastercard cardholders as a result of the MIFs could not be used to make up for the harm suffered by Mastercard retailers as a result of the same MIFs.
In relation to pass-on, the Supreme Court decided three points which are favourable from the perspective of defendants: First, that pass-on arises not only where a claimant passes on an overcharge in the form of higher prices charged to customers, but also where it responds to an overcharge by reducing fees and costs paid to suppliers. Second, that whilst the legal burden in relation to pass-on lies with the defendant, once the defendant has raised the issue of pass-on there is a ‘heavy evidential burden’ on the claimant to provide evidence as to how it recovered costs in its business. Third, that the “broad axe” approach to the quantification of damages applies equally to claimants and defendants. Therefore a defendant can achieve a reduction in the amount of damages to account for pass-on (or other forms of mitigation) even if it is unable to prove precisely the quantum of pass-on.
Data transfers from the EU to third countries: data controller obligations
There have been two attempts to set up a streamlined basis on which personal data could be transferred between the EU and the U.S. The first, the Safe Harbour framework, was declared invalid by the CJEU five years ago in Schrems I (Case C‑362/14, 6 October 2015). The second, the EU-U.S. Privacy Shield, was declared invalid this year in Schrems II (Case C-311/18, 16 July 2020).
Both Schrems decisions form part of retained EU case law and so continue to bind the English High Court, at least.
The CJEU reasoned in Schrems II that the EU-U.S. Privacy Shield did not protect the personal data of EU residents from U.S. surveillance, and it failed to ensure that EU individuals had effective and enforceable remedies through the courts or an Ombudsman in relation to certain U.S. mass surveillance laws.
The ruling means that, from a UK and EU perspective, transfers of personal data from the EU to the U.S. can no longer be made in sole reliance on the U.S. recipient being certified under the EU-U.S. Privacy Shield.
The CJEU held that data controllers may continue to use the European Commission (EC) standard contractual clauses for cross-border data transfers to third countries, subject to (i) an assessment of whether the laws in the third country affect the protection provided by the standard clauses; and (ii) any notification by the data recipient of issues affecting compliance with the standard clauses. Should either of these conditions apply, data controllers must implement additional protective measures and consider whether to inform their national supervisory authority.
The form of the standard clauses is being updated by the EC and draft guidance on additional protective measures has been produced by the European Data Protection Board.
The derogation for international transfers of personal data necessary for the establishment, exercise or defence of legal claims is unaffected by the Schrems II decision. In addition, by a provision hidden in the EU-UK Trade & Co-operation Agreement, data transfers from the EU and EEA to the UK are not to be treated as made to a third country. This lasts until an adequacy decision is granted by the EC, or (if earlier) until 1 May 2021. If no adequacy decision is issued by that date, there is a further automatic extension until 1 July 2021, unless either party objects to that.
Vicarious liability for data breach and class actions
In WM Morrison Supermarkets plc v Various Claimants  UKSC 12, 1 April 2020, the Supreme Court found that the supermarket was not vicariously liable for breach of data privacy committed by one of its employees.
A disgruntled employee leaked online and to newspapers the payroll data of about 100,000 of the supermarket’s employees. Over 9,000 of them brought proceedings under a group litigation order for breach of statutory duty under the Data Protection Act 1998 (the DPA). The court found no vicarious liability on the specific facts of the case, as the unlawful disclosure was not sufficiently closely connected with the acts that the disgruntled employee was authorised to do. In other words, it was not within his “field of activities”.
The decision is generally seen as good news for employers, but the court noted that vicarious liability is not automatically excluded simply because an employer is compliant with the DPA. The court specifically rejected the argument that because the DPA contemplates fault-based liability, common law should not impose additional no-fault strict liability on employers. This analysis is likely to apply under the General Data Protection Regulation as it forms part of retained EU law.
It is worth looking out for this year’s Supreme Court decision in the appeal from Lloyd v Google LLC  EWCA Civ 1599, 2 October 2019, which is being heard this spring. The lawsuit, brought as a representative action on behalf of an estimated 4.4 million iPhone users, is in respect of Google’s use of the “Safari Workaround”, which allegedly permitted Google to bypass Safari’s blocking of third-party cookies. This, it is alleged, allowed Google to collect users’ data without their knowledge or consent and use it for advertising. The decision will likely set the tone for whether this type of mass, opt-out, class action claim is feasible in the UK for data breaches.
Disclosure and privilege
Internal regulatory compliance files may be disclosable in misselling claims
The court ordered disclosure of the bank’s internal regulatory compliance review file concerning the sale of interest rate hedging products (IRHPs) in a misselling dispute (Fine Care Homes Ltd v Natwest Markets Plc (formerly Royal Bank of Scotland Plc)  EWHC 874 (Ch), 7 April 2020).
The reasoning was that the file was likely to be relevant to claims for negligence and misrepresentation because the skill and care to be expected of a reasonably competent financial adviser usually include regulatory compliance, and the relevant regulations afford “strong evidence as to what is expected of a competent adviser in most situations”. The court also ordered disclosure of the bank’s internal IRHP manuals and guidance.
The court eventually dismissed the misselling claim on the merits (Fine Care Homes Ltd v Natwest Markets Plc (formerly Royal Bank of Scotland Plc)  EWHC 3233 (Ch), 27 November 2020). The bank was entitled to rely on the “no-advice” contractual clause. Under the doctrine of contractual estoppel, no advisory duty of care arose. The court emphasised the clear distinction between (i) “no-advice” clauses (ie clauses that simply define the primary rights and obligations) such as the one in this case; and (ii) “non-reliance” clauses (ie clauses stating that there has been no reliance on a representation) such as the one in First Tower Trustees v CDS.2 Only the latter are subject to the requirement for reasonableness under the Unfair Contract Terms Act 1977.
Conflicting foreign regulatory requirement not always a sufficient excuse for non-disclosure
The decision in Byers & ors v Samba Financial Group  EWHC 853 (Ch), 8 April 2020 highlights some of the challenges faced by litigants caught between English disclosure rules and foreign regulatory requirements.
The defendant bank tried, and failed, to vary an order for standard disclosure on the basis that it did not have the consent of its regulator in Saudi Arabia and, thus, any further disclosure would create a real and substantial risk of prosecution in Saudi Arabia with severe penalties.
The court considered whether this risk outweighed the importance of the disclosure to conducting a fair trial. Relevant factors in refusing the bank’s application included: (i) the late submission of the variation request, after the bank had benefitted from the other side’s full disclosure; (ii) the bank’s failure to comply with the regulator’s requirements; (iii) the bank’s refusal to disclose its correspondence with the regulator (even as a confidential exhibit); (iv) the lack of a decisive refusal of consent from the regulator; and (v) the fact that the bank’s witnesses had overstated the risk of prosecution in Saudi Arabia.
Finding that the bank’s breach of disclosure was serious and deliberate, the court also struck out the bank’s defence submissions, except for the issues where the claimants were not disadvantaged by the bank’s lack of disclosure.
Court reluctant to second-guess FCA and LSE in market manipulation claim
In Burford Capital Ltd v London Stock Exchange Group plc  EWHC 1183 (Comm), Burford claimed that a significant drop in the price of its AIM-listed shares was the result of unlawful market manipulation. The allegation was examined and dismissed by both the London Stock Exchange (the LSE), AIM’s parent company, and the FCA.
Burford applied for a Norwich Pharmacal order to compel the LSE, a third party, to release confidential trading data, including identity details for market participants. Keen not to second-guess the FCA and the LSE, the court rejected Burford’s application. Burford had failed to make a good arguable case for market manipulation and to satisfy the interests of justice test. On the latter, the court identified two additional factors which are of particular relevance to financial services litigation: (i) whether granting relief at common law would cut across an existing statutory regime; and (ii) the impact of granting relief on public confidence in the UK’s equity capital markets or in the FCA as a regulator.
Dominant purpose test in legal advice privilege
In The Civil Aviation Authority v Jet2.Com Ltd, R. (on the Application of)  EWCA Civ 35, 28 January 2020 the court confirmed that legal advice privilege is subject to a dominant purpose test, thus bringing English law in line with the law in Australia, Hong Kong and Singapore.
The case involved internal multi-party email communications between Jet2 in-house lawyers and non-lawyer employees. The court doubted the decision in Three Rivers No. 5,3 which held that communications between an employee of a company and the company’s lawyers could not attract legal advice privilege unless that employee was tasked with seeking and receiving that advice on behalf of the client. It therefore seems that Three Rivers No. 5 is ripe for overturning if the subject matter gets to the Supreme Court.
Accounting regulator not able to force disclosure of privileged documents from client
Reversing a problematic first-instance decision, the court in Sports Direct International Plc v Financial Reporting Council  EWCA Civ 177, 18 February 2020 provided welcome confirmation that, where permitted by statute, privileged material belonging to a company does not have to be disclosed to a regulator (in this case, it was the company’s accountants’ regulator). As part of its regulatory investigation into Grant Thornton’s audit of Sports Direct, the Financial Reporting Council (the FRC) issued a number of statutory notices of disclosure to Sports Direct, including for documents protected by legal privilege. The court held that the privileged documents did not have to be disclosed because the FRC’s statutory powers had an express exception for privileged material.
Disclosure Pilot Scheme
This round-up would not be complete without a brief mention of the Disclosure Pilot Scheme (the DPS) operating in the Business and Property Courts until 31 December 2021. Two key takeaways from decisions so far are that the DPS: (i) applies to both existing and new proceedings, including proceedings where a disclosure order was made before the start of the DPS; and (ii) seeks to introduce an important culture change to the disclosure exercise, replacing the parties’ “no stone unturned” approach with a collaborative approach underpinned by principles of reasonableness and proportionality.
Broad definition of “dishonest assistance” leads to dual vicarious liability
Bilta (UK) Ltd (in liquidation) & ors v Natwest Markets plc & anr co  EWHC 546 (Ch), 10 March 2020 was an interesting case on the dual vicarious liability of a parent bank and its indirect subsidiary for the actions of two of their traders involved in trading carbon credits, via an intermediary, related to carousel fraud.
The decision provides a good illustration of how those involved in trading can become liable in relation to a fraud of an unrelated, and even unknown, party at the far end of a chain of transactions. “Dishonesty” includes failure to make enquiries when an ordinary person would have become suspicious and “assistance” includes transactions via an intermediary.
The two traders had purchased a significant number of carbon credits from an intermediary despite (i) their general knowledge of carousel fraud in the sector; and (ii) the sudden and significant increase in trading volume with the intermediary. Dishonest assistance was therefore made out and, as a result, so was knowing participation in fraudulent trading (s213 Insolvency Act).
Given that the traders had acted in their capacity as agents for the parent bank and employees of the indirect subsidiary, dual vicarious liability was imposed.
Reflective loss rule does not limit creditors’ claims
Finally, in a seminal decision, the majority in Marex Financial Ltd v Sevilleja  UKSC 31, 15 July 2020 clarified that the rule against reflective loss only bars claims by a shareholder in respect of losses suffered as a shareholder because of an actionable wrong committed against both the company and the shareholder. The rule does not bar other types of losses suffered by a shareholder, any claims by a non-shareholder (eg creditors) or situations where the company has no cause of action.
The newly narrowed scope of the rule was confirmed in BIG, Burgess & ors v Smith & ors  EWHC 2501 (Ch), 21 September 2020, where an indirect shareholder was allowed to recover its loss.
For fuller coverage of these cases and more, please see our monthly Litigation and Dispute Resolution Review.
1. MasterCard Inc v European Commission (Case C-382/12 P)  5 CMLR 23, 11 September 2014.
2. First Tower Trustees Ltd & anr v CDS (Superstores International) Ltd  EWCA Civ 1396, 19 June 2018.
3. Three Rivers Council v The Governor and Company of the Bank of England (No. 5)  EWCA Civ 474, 3 April 2003.