TELESTO STRATEGY

Management briefing: Litigation risks are rising and management is increasingly in the spotlight

AUGUST 2025

In an era of mounting regulatory scrutiny and intensifying stakeholder activism, legal exposure is no longer confined to the boardroom. Senior management across legal, compliance, sustainability, risk, finance, operations, and technology are now on the front lines of litigation risk. What began as a primarily enterprise-level concern has evolved into personal legal exposure — particularly for executives navigating cybercrime, sustainability and ESG commitments, regulatory reporting, and geopolitical disruption. Although landmark cases assigning personal financial penalties remain rare, enforcement and litigation mechanisms are increasingly targeting individuals where negligence, misrepresentation, or oversight failures are evident.

Key takeaways for management: 

  • Litigation risk is rising, with new claims targeting executives and decision-makers for duty of care and oversight failures — the average claim tied to a breach of trust and care is estimated at $1 million 
  • Management is now directly involved in issues that require enhanced governance, training, documentation, and disclosure: cyber, geopolitical, climate, ESG, and sustainability 
  • Shareholder suits, greenwashing claims, and failure-to-supervise allegations are growing, creating an increasingly complex litigation landscape 
  • Proactive scenario planning, legal review of disclosures, and alignment with regulatory expectations can reduce individual and organizational exposure 

Understanding executive exposure 

While personal liability remains relatively rare, the perimeter is expanding, especially for multinationals operating in regulated sectors or making public ESG and climate commitments. Increasingly, plaintiffs and regulators are scrutinizing executive-level decisions in areas such as disclosure, oversight, and operational governance. 

Here are the core pathways through which executives may face legal exposure: 

  • Breach of fiduciary duties. 
    • Duty of care: Failing to act with diligence and prudence — e.g., approving a transaction or initiative without sufficient information or inquiry 
    • Duty of loyalty: Conflicts of interest or decisions that benefit the individual over the company 
    • Duty of good faith: Knowingly ignoring major risks or approving actions that violate the law 
  • Oversight failures. Lapses in implementing or monitoring compliance and risk systems, especially in cyber, ESG, and regulatory environments 
  • Securities law and disclosure liability. Misstatements or omissions in sustainability reports, SEC filings, and investor materials, even if unintentional 
  • Regulatory breaches. Statutes in several jurisdictions now allow direct liability for executives, including in areas like climate disclosures and data privacy 
  • Cybersecurity readiness misrepresentation. Claims can arise if leadership fails to oversee or accurately represent the company’s cyber risk posture 
  • Cross-border and geopolitical risk exposure. Overlapping legal regimes may create personal accountability in export controls, human rights due diligence, and conflict-related compliance 
  • Greenwashing and ESG misstatements. Personal liability is emerging in cases of overstated sustainability achievements or targets 
  • Climate governance obligations. Climate risk is increasingly viewed as a governance matter and regulators are asking whether it is being treated with the same rigor as financial risk 

Climate- and ESG-related litigation is accelerating 

Enterprise risk management systems have had to evolve rapidly to account for climate- and ESG-related lawsuits. Local governments, NGOs, individuals, and advocacy groups are actively filing claims against companies — and increasingly implicating the decisions made by senior leaders. 

Climate change and ESG-related litigation cases grew more than 4x between 2013 and 2023. In 2021-2022 alone, about 300 cases were filed, with broad geographic scope: thirty-nine new cases in the US, and the remaining 122 cases in forty-three countries and fifteen international or regional courts.As of December 2022, the total number of historical cases had grown to 2,180. 

Cases in the U.S. continue to expand across jurisdictions — including Maine, California, New York, and Illinois — and commonly allege that companies misled the public and investors on the environmental or climate impacts of their products or operations. 

Globally, the themes driving litigation include climate change, pollution, human rights, diversity in leadership, food safety, and more. These are being brought not just by shareholders, but by local communities, youth groups, Indigenous leaders, and civil society coalitions. 

Types of ESG-related litigation: 

  1. Disclosure-based: Claims that statements made (e.g., ESG reports, investor updates) are deceptive or materially incomplete 
  2. Conduct-based: Claims targeting operational practices (e.g., supply chain emissions, deforestation) 
  3. Governance-based: Claims targeting leadership decisions and alleged failures to fulfill fiduciary or oversight duties 

Notable climate and environmental cases executives should be aware of globally include:  

  • Germany — Lliuya v. RWE. A farmer in Peru sued RWE over glacier melt attributed to climate change. While the case was dismissed in May 2025, the court affirmed the legal principle that emitters could, in theory, be liable for climate damage 
  • UK — McGaughey & Davies v. USS Ltd. Pension fund beneficiaries sued directors for not divesting from fossil fuels. The claim did not succeed, but it highlighted the fiduciary exposure tied to climate risk misjudgment. 
  • UK — ClientEarth v. Shell’s board. A derivative action was brought for failure to adequately prepare for climate transition. The case was dismissed, but the spotlight on executive climate governance continues. 

Geopolitical risk, conflict, and human rights litigation expand exposure 

Political instability and armed conflict have made risk management more complex. Regulators and courts now expect organizations to identify, monitor, and mitigate risks stemming from: 

  • Duty of care lapses in conflict zones 
  • Violations of sanctions and export controls 
  • Human rights issues, including forced labor and trafficking 
  • Criminal liability tied to conduct in sensitive jurisdictions 
  • Cross-border enforcement of ESG and governance standards 

Cases that pierce the corporate veil and hold individual executives liable are rare — but increasing. Courts are assessing whether individual decisions or inaction justify personal accountability. 

Expanded areaKey driversTypical responsibilities added
Cybersecurity Breach incidents, SEC cybersecurity disclosure ruleOversight of risk posture, threat response, cyber audits
ESG & Climate disclosures EU CSRD, California Climate BillsReview of ESG reporting frameworks, greenwashing risk, materiality, climate risk, compliance, assurance
AI & Technology Risks AI adoption, algorithm bias, internal controls on automationReview of controls over AI-driven finance and reporting tools
Whistleblower protections SEC bounty program, cultural transparencyOversight of hotline mechanisms and retaliation policies
Audit quality and independence PCAOB enforcement, investor concernsIn-depth audit firm performance review, rotation considerations
Political riskGeopolitical tensions and operating risks, sanctionsOversight of vendor due diligence, business continuity plans, government affairs strategy
Third-party risk and compliance Global supply chain complexity, traceability, and transparencyOversight of vendor due diligence, ethics and compliance

What management can do now: 

Here are six priority actions management teams can take to reduce exposure and build institutional readiness: 

  • Legal scenario planning. Work with counsel and subject matter experts to assess litigation scenarios — especially those involving climate, nature, cybersecurity, and human rights 
  • Update governance and disclosure policies. Ensure management-level charters, escalation protocols, and reporting lines reflect current ESG and climate oversight needs 
  • Improve documentation discipline. Keep detailed records of decisions, risk assessments, and external advice — especially for material issues 
  • Train and upskill leadership. Offer targeted training on ESG, climate risk, cyber risk, disclosure obligations, and regulatory developments 
  • Review personal protections. Examine whether D&O insurance coverage is comprehensive for senior executives — particularly for Side A coverage 
  • Engage early with regulators. Monitor relevant regulatory consultations and participate where appropriate — shaping expectations before they become mandates 

Questions management should be asking: 

  • Are we embedding climate, cyber, and geopolitical risk into strategic planning — not just risk registers? 
  • Do we validate the assumptions and data supporting public disclosures and investor materials? 
  • Could an external observer reasonably conclude that we exercised diligence and judgment in recent strategic decisions? 
  • Are our ESG and climate disclosures thoroughly vetted by legal and compliance teams? 
  • Are there gaps in our insurance or protections that could expose individual leaders to liability? 
  • How well do our internal policies and controls reflect the rising bar on human rights, sustainability, and cyber risk oversight? 

Additional Telesto resources

Legal exposure is no longer just a board-level issue — it’s a real and rising risk for executive teams. The best defense is clarity, documentation, and collaboration across legal, risk, and ESG functions. 

Connect with Telesto Strategy to assess your litigation exposure, strengthen executive governance practices, and align with the latest regulatory expectations — before they become legal liabilities. 

Contact us
RELATED ARTICLES


Unlocking Value in Uncertainty

Linkedin-in

Copyright © 2025 Telesto Strategy, LLC
All rights reserved

Scroll to Top