Exposure of Managing Directors of Austrian Corporate Entities in Times of COVID-19

Management teams have found themselves confronted by a whole new world of perilous risks since the onset of the COVID-19 pandemic. Regulatory, public health, legal and commercial developments have been rapid and unpredictable, causing risk profiles to shift in potentially dramatic ways and raising uncertainty as to the propriety of company responses. As litigators and white-collar crime lawyers, we have already guided a variety of clients through a spate of thorny, COVID-related civil and criminal litigations and investigations, both within and outside of Austria.  

The time has come to take stock of the extent to which managing directors of Austrian corporate entities may face increased risks of liability as a direct or indirect consequence of COVID-19.  Have their duties and their standards of care significantly changed and/or their exposure to liability increased as a result of the pandemic? 

This article examines some key areas that are likely to affect the exposure of managing directors –i.e. Geschäftsführer of GmbHs and Vorstandsmitglieder of stock corporations (AGs) – to personal liability in these challenging times. For an in-depth guide  to the liability of managing directors, you can find the comprehensive Handbook on the Liability of Senior Executives and Managing Directors here.

No Success Guarantee – ex ante, not ex post view determinative

Experts expect an exponential increase in the number of insolvencies once government aid ends. Consequently, many managing directors may find themselves confronted by receivers sitting in judgment on the decisions they have made during the pandemic and pursuing damages claims against them. 

Critically, for both receivers and managing directors, the directors are not liable for the success of the company. They are liable for a duty of diligence and care and for compliance with specific statutory obligations. While it would be easy to – ex post, with hindsight– attribute liability to managing directors’ whose businesses failed as a result of the pandemic, damages claims can only be successful if they look at what, ex ante, the management team faced at the time decisions under scrutiny were made.

The Business Judgment Rule (see KNOETZL article here ) was developed in common law jurisdictions and introduced into legislation in continental Europe, inter alia in Austria, for the specific purpose of allowing commercial decisions to be made without fear of ex post examination by – often non-commercially-minded judges. The purpose of that legal development is to prevent the fear of liability from crippling corporate decision-makers, be it to expand or protect the business in a beneficial climate or to guide the company through a market in the grip of a pandemic. 


The good news first: Managing directors can continue to rely on the Business Judgment Rule (“BJR”) in the pandemic. 

To recap the BJR: If, when making a business decision for which the managing director has sufficient authority, the decision is made on the basis of sufficient informationwithout undue extraneous influences and can justifiably be believed to be in the best interests of the company, the “safe harbour” rule applies, i.e. courts may not examine the substance of the decision. 

As always, the most significant restriction – besides restrictions in decision-making and signing authority – is that the BJR only applies where the managing director has discretion, i.e., has latitude to exercise “business judgment”. If clear mandatory statutory obligations exist, managing directors must create or maintain appropriate systems to ensure compliance. 

1.1 COVID-19-inspired areas requiring increased vigilance to ensure compliance:

The novel coronavirus pandemic has given rise to a flood of new legal provisions that require compliance measures to be decided, implemented and monitored. While existing distribution of responsibilities between members of the managing board (“Ressortverteilung”) remain in place during the pandemic, the increased level of risk to the company during the pandemic requires increased vigilance in areas where the managing director in question may have had no previous, direct, responsibility delegated to him.  

1.1.1 Obtaining an overview of applicable laws and regulations

A company’s keeping abreast of these laws is a challenge, but an absolutely necessary one. A lack of knowledge of the law does not exculpate managers, regardless of how rapidly it changes and how difficult fast-moving provisions are to absorb. Accordingly, well-advised managers have ensured that this task be clearly delegated, either to one central person or department, or according to substantive or organizational criteria. 

Relevant laws range from lockdowns, operative health and safety measures such as implementing and monitoring the relevant (currently “3G”) rules for public and private access to and use of the premises, distancing and protective standards, rules governing home-office and “Kurzarbeit” (short time employment), available government aid and requirements, the extension of deadlines and alleviation of formalities for annual accounts and shareholder meetings, public access as well as additional, bespoke, regulatory requirements depending on the industry, size and type of business.  

1.1.2 Financial Monitoring / Insolvency Risk

One of the key areas where compliance has prompted an increased vigilance in all industries during the pandemic is in financial monitoring. As at any critical juncture, managing directors are required to keep a close eye on the ongoing liquidity and solvency of the company during the pandemic and to adapt liquidity planning and measures to absorb loss of turnover and/or payment defaults by customers and additional costs caused by the pandemic, as well as studying and considering available government aid. 

Special attention should be given to tax and social security payments.  Not only are these the least forgiving of creditors as a high percentage of insolvency applications in Austria are made by the tax office and social security institutions but managing directors may also be held personally liable if the company fails in its obligation to make these payments. Preferential treatment of other creditors over the tax offices and social security institutions is a trap to be avoided, notwithstanding pressing suppliers and operational concerns.  

If the company is undergoing an incipient financial crisis – e.g. due to forced closure of the company itself or of suppliers and/or customers – the managing directors’ duty of care demands that they carefully weigh potential remedial and re-structuring measures and that they keep the deadline for insolvency applications in mind (generally 60 days after the company has become overindebted or insolvent as defined in Sec. 67 and 66 of the Austrian Insolvency Act, extended up to 120 days for insolvency resulting from pandemics and epidemics,  temporarily suspended by various further COVID-19 measures). The 60/120 day periods must to be used for financial restructuring and reorganization. 

Experience has shown that compensation claims against managing directors in court are likely to be pursued by insolvency receivers. If insolvency-relevant deadlines have not been met, managing directors often find it difficult to defend against such claims. The better they have documented all relevant considerations, including the effects of the pandemic and responses  – ideally including detailed internal considerations and prognoses, close monitoring and reporting as well as obtaining external expert advice – the better their defense against subsequent liability claims raised by receivers and/or creditors will be.   

On a general note, as the uncertainty and risk to the company increases, so does the duty of care and the need for appropriate risk analysis and measures to ensure that the company survives the pandemic as a going concern with minimal damage. 

1.1.3 Ensuring employee health and safety – new compliance and self-protective framework

Employee safety has become a new focal point in the pandemic, both in terms of compliance with statutory obligations and with additional voluntary measures.  

Resolving and implementing systems that safeguard employee safety and build trust have been critical throughout the pandemic. What measures were, and are, required depends on the specific circumstances. As a minimum, the well-published regulatory  provisions (see for example for example here and here) must be complied with, including monitoring of vaccination and test certificates, mandating masks to be worn, mandating a “Covid-19 Beauftragten” and implementing a Covid-19 Prevention Concept (if over 51 employees). Failure to ensure these measures are put into place can result in fines for the company and, at worst, criminal liability of both the company and the relevant decision-makers. 

Whether measures promoting home office (see details here) are put into place and how these are implemented are, on the other hand, generally business decisions, since home-office work is – at least currently – not obligatory in Austria, in contrast to Germany. Similarly, deciding whether to reduce the labour force or to utilize “Kurzarbeit” is a business decision, subject to the business judgment rule. The same is true of additional, voluntary precautionary measures, such as spacing of employees, running meetings online rather than in-person, providing and pressuring the use of extra disinfectant at all points of entry etc. Additional measures may include ensuring that a complaints system is in place as an additional tool for monitoring compliance with safety rules, and installing a voluntary health and safety committee as a central point of contact and communication for all levels of the company. A particularly thorny issue that requires careful consideration is whether it would be justified and of benefit to the company and its employees to mandate – incoming and/or existing – staff to be vaccinated.

These measures can be costly, e.g. putting home-office hard- and software and additional data security technology in place for home-office employees.  So the benefit of these measures for the company must be weighed against their costs and the financial viability of the company, bearing in mind available governmental aid. 

Data protection officers should be involved in all these measures, in view of the sensitive nature of the data. 

1.2 Distribution of dividends

For those companies lucky enough to make it through 2020 and/or 2021 with profits, managing directors have had to deal with the question of which profits, if any, were and are distributable and where reserves must be appointed. 

Critically, Austrian governmental aid measures preclude profit distribution – also for profit made prior to the pandemic. More generally, Sec. 82 para 5 GmbHG precludes distribution of profit if, during preparation of the annual accounts, it emerges that the company’s assets have been substantially and likely not only temporarily reduced as a result of losses incurred or impairment in value, e.g. if all reserves – including hidden reserves – no longer cover half the share capital or if a negative trend becomes apparent in Q1 that is not reversed by the end of the year. Whether government-imposed closures are expected to result in a temporary or more long-lasting depletion of the asset base is one of many analyses that must be undertaken. 

Managers may find it necessary to remind shareholders that they may have a fiduciary duty to resolve regarding profit carry-forwards, if a distribution of profits would threaten the company’s existence.  Indeed, if such threat only emerges after the financial statements have been determined, shareholders’ fiduciary duty to the company may even preclude them from claiming profits whose distribution had already been decided in the ordinary course. 

The business judgment rule also applies to managing directors acting as shareholder representatives in group companies.  In voting for or against profit distribution of a subsidiary, the managing director must strike a balance between the interests of the parent company in receiving dividends and the interests of the company in maintaining liquidity, taking into account any resulting withdrawal of liquidity within the group, particularly where the group set-up provides for central financing of the entirety. 

1.3 Supplier/Customer relationships in times of pandemic.

Customer and supplier relationships are another critical area requiring close attention and risk analysis during the pandemic. Diligence in contract negotiations and performance may require heightened COVID-related scrutiny and analysis. Failure to make and implement decisions to minimize damages could, at worst, result in substantial, personal liability. 

Necessary measures include ensuring that existing contracts are reviewed as to the appropriateness of the allocation of risks and their consequences of the pandemic, in particular delivery delays, and changing regulatory standards. Existing contracts should be updated where possible. Any new contracts should contain clear force majeure provisions including pandemic and supply-chain disruptions, and should distribute risks of further lockdowns, transport blockages, delivery failures etc. appropriately, taking all ongoing and likely legal developments into consideration.  The validity of applicable terms and conditions should be reviewed and adjustments made where necessary and possible. 

Managing directors should bear in mind that legal arguments that may have been successful at the beginning of the pandemic will not bear similar exculpatory weight after 2 years, since most consequences of the pandemic can no longer qualify as “unpredictable”. This applies both to contractual disputes with customers and employers and to any failure of the manager to put contractual measures in place where possible. 

On a more practical note, if contractual systems are put into place to ensure due and timely communication with all contractual partners for any operational delays and/or problems, this would serve to reduce the exposure of both the company and the directors. 

More generally, the experiences of the pandemic, to date, should currently be informing management decisions regarding risk-minimizing alternative or substituting transactions, i.e. ensuring alternative sources of supply and transport, re-locating production, substituting suppliers prone to delay with reliable or geographically closer suppliers; requiring suppliers to provide prompt information on any anticipated delays and reacting quickly, building up additional stock etc. To what extent such and further measures are required in order to avoid contractual penalties and withdrawals will depend on the circumstances and supply and delivery chains of each company. Ensuring a full review of the operational risks arising from the consequences of the pandemic and putting damage-limitation in place is, in any case, not optional. Which measures these are, is, to a large extent (leaving aside regulatory requirements), a business decision, i.e. if made on the basis of sufficient – documented – information without conflict of interest and in the justifiable belief that it is in the best interests of the company, managing directors should find protection in the business judgment rule’s  safe harbor. 


Crisis situations, whether unique or global with specific application, require more intensive communication and contact between and among levels of management, the supervisory board and the shareholders (and, where relevant, employee representatives). Those who adapted the level of communication according to the level of uncertainty and risk at a given time during the pandemic have reduced their liability risk. Applying to shareholders or to the supervisory board for decisions and/or approvals over and above what is required by law, the statutes and the by-laws is a further risk-minimizing tactic. Cautious directors have set up a system of regular online meetings with the supervisory board and/or shareholders, with additional meetings as required, e.g. when the implementation of new and/or costly regulatory measures became necessary and when difficult decisions affecting customer and supplier relations and size of the labour force had to be made. 

Ideally, equal attention has been paid to establishing strong communication channels from rank and file levels up to the level of managing directors. Any existing compliance system that could serve to exculpate managing directors from civil and/or criminal liability requires strong communication with effective monitoring and appropriate reaction times. 

2.2 Absences

Organizational measures should include making provisions for absences due to illness of key staff and directors to ensure operations are not disrupted and decisions can be made quickly when necessary.  This may include granting additional authorizations (signing power, power of procura) to further management team members’ decisions regarding who shall assume which portfolios in emergency situations, ensuring accessibility to information from home etc. 

2.3 Documentation, documentation, documentation 

Under the business judgment rule, documentation is key. The documentation serves to furnish  proof that the director in question based decisions on “sufficient information” (see further in our article on BJR criteria here) and that the information, including anticipated advantages and disadvantages as well as risks and opportunities, were diligently weighed when the decision was made, and external expert advice obtained where necessary. 

Under Austrian law, managing directors and management board members bear the burden of proof that they acted diligently. Accordingly, ensuring that minutes are taken of shareholder, supervisory board and management board meetings and that all considerations are properly documented and archived together with any outside expert opinions, is in the management team’s best interests.  Obtaining a sufficient information basis for decisions and documenting this is a key ingredient in fighting liability claims, as we have seen. 

2.4 D&O

As an additional safeguard, managers who do not yet have a good D&O insurance coverage may wish to explore this option.


To summarize, exposure to liability claims is not per se higher during the pandemic. Managing directors who have paid and continue to pay sufficient attention to 

  • ensuring compliance with mandatory regulations, in particular by establishing and monitoring appropriate compliance measures, 
  • adjusting the intensity of financial reporting and communication to stakeholders to the level of risks and uncertainty facing the company,
  • undertaking ongoing risk analyses and ensuring that critical operative areas, such as customer and supplier relationships, were reviewed and measures put into place to minimize risks;  and to
  • carefully preparing commercial decisions by obtaining – and documenting! – appropriate information bases and documenting reasons the decision is anticipated to be in the best interests of the company, 

should not have a higher exposure to liability than at any other time, even if the company suffers as a consequence of the pandemic.

Where the documentation of such measures is insufficient, managing directors would, in any event, be well-advised to undertake efforts to ensure such documentation is generated and safely archived as soon as possible. 

On a positive note, companies and management teams who have used the opportunity to review and strengthen compliance and communication systems during the pandemic within their company will have increased the company’s resilience to future crises. 

For more information, please contact Katrin Hanschitz or your customary relationship professional at KNOETZL.