Board member liability: what can go wrong and how to protect yourself

Volunteering for a nonprofit board is an act of generosity. You give your time, expertise, and connections to help an organization pursue its mission. But generosity does not shield you from legal liability. Board members can be sued, fined, and held personally responsible for decisions they make, decisions they fail to make, and actions taken by the organization they govern.

The purpose of this guide is not to discourage board service. It is to ensure that every director understands the risks, knows the protections available, and takes practical steps to reduce their personal exposure. Informed directors make better decisions and are less likely to find themselves on the wrong end of a lawsuit.

How Board Members Can Be Held Liable

Breach of Fiduciary Duty

Every board member owes three core fiduciary duties to the organization: the duty of care, the duty of loyalty, and the duty of obedience. Breaching any of these duties can expose a director to personal liability.

Duty of care claims arise when directors fail to make informed decisions. Examples include approving a major expenditure without reviewing the financial implications, failing to read materials in the board pack, or ignoring warning signs of financial distress.

Duty of loyalty claims arise when directors put their personal interests ahead of the organization. The most common scenario involves undisclosed conflicts of interest. If a director steers a contract to a company they own without disclosure and board approval, they face personal liability for any resulting harm. A robust conflict of interest policy is the primary defense.

Duty of obedience claims arise when directors allow the organization to deviate from its mission or violate the law. Approving expenditures that violate donor restrictions, using lobbying funds improperly, or allowing the organization to engage in prohibited political activity can all give rise to liability.

Employment-Related Claims

Nonprofits are employers, and employment disputes are among the most common sources of liability for organizations of all types. Board members can face personal liability in employment matters in several ways:

Harassment and discrimination. If the board fails to implement adequate anti-harassment policies or ignores complaints, individual directors may be named in lawsuits.
Wage and hour violations. Some states impose personal liability on directors for unpaid wages.
Wrongful termination. If the board fires the executive director in violation of an employment contract or anti-retaliation laws, directors may face personal claims.
Independent contractor misclassification. Directors who approve treating workers as independent contractors when they should be classified as employees can face tax and employment law penalties.

Tax and Regulatory Violations

The IRS can impose intermediate sanctions (excise taxes) on directors who approve excess benefit transactions, meaning transactions in which an insider receives compensation or other benefits exceeding fair market value. These penalties apply to the individual directors who approved the transaction, not just to the organization.

Failure to file the Form 990 for three consecutive years results in automatic revocation of tax-exempt status. While this does not directly create personal liability for directors, it demonstrates a failure of board oversight that could support other claims.

State regulators, particularly attorneys general, can take action against directors who mismanage charitable assets. This can include removal from the board, prohibition from future board service, and orders to repay funds.

Contractual Liability

Board members are generally not personally liable for contracts entered into by the organization, as long as the contract is properly authorized and the director signs in their capacity as a representative of the organization rather than in their personal capacity. However, if a director personally guarantees an organizational debt, they are personally liable on that guarantee.

Directors who authorize contracts without proper authority under the bylaws may also face liability if the unauthorized contract causes harm to the organization.

Tortious Acts

If a board member commits a wrongful act (a tort) that causes harm to someone, they can be held personally liable regardless of their board role. This includes things like defamation, physical harm, or fraud. The organization's status as a nonprofit provides no protection for intentional wrongful conduct.

Real-World Liability Scenarios

Understanding how liability materializes in practice helps directors assess their own risk exposure.

Scenario: Undetected Financial Fraud

A nonprofit's bookkeeper embezzles funds over several years. The board never establishes an audit committee, never reviews financial statements in detail, and never engages an independent auditor. When the fraud is discovered, the state attorney general investigates and finds that the board failed in its oversight duty. Individual directors may be held liable for the losses that could have been prevented through reasonable oversight.

Lesson: The duty of care requires active financial oversight. Regular review of financial statements, engagement of independent auditors, and maintenance of internal controls are not optional. Board oversight of financial audits is a critical protection against this type of liability.

Scenario: Excessive Executive Compensation

A board approves a large salary increase for the executive director without obtaining comparability data, without following its compensation policy, and with two directors who have close personal relationships with the executive director participating in the vote. The IRS identifies the compensation as an excess benefit transaction and imposes intermediate sanctions on both the executive director and the directors who approved the transaction.

Lesson: Compensation decisions must follow the rebuttable presumption of reasonableness: approval by disinterested directors, reliance on comparability data, and contemporaneous documentation. The deliberation and vote should be recorded in the meeting minutes.

Scenario: Ignoring a Harassment Complaint

An employee reports harassment to a board member. The board member does nothing because they believe it is a management issue. The harassment continues and the employee eventually sues the organization and the board member who received the complaint. The court finds that the board member had a duty to act on the information and failed to do so.

Lesson: Board members who receive information about potential legal violations must act on it. This may mean reporting it to the board chair, engaging legal counsel, or ensuring that management investigates. Inaction is not a safe option.

Scenario: Charitable Solicitation Without Registration

The organization launches a nationwide online fundraising campaign without registering in the states that require charitable solicitation registration. Several states issue cease-and-desist orders and fines. The board never verified that the organization had the required registrations.

Lesson: The duty of obedience includes ensuring compliance with all applicable laws, including state-by-state nonprofit compliance requirements. Directors should verify that the organization is registered in every state where it solicits donations.

Protections Available to Board Members

The Business Judgment Rule

The business judgment rule is a legal standard that protects directors from liability for business decisions that turn out poorly, as long as the director:

Made the decision in good faith.
Was reasonably informed before making the decision.
Reasonably believed the decision was in the organization's best interest.
Had no personal conflict of interest in the matter.

The business judgment rule is a powerful protection, but it has limits. It does not protect decisions made with gross negligence, in bad faith, or in the presence of an undisclosed conflict of interest.

The Volunteer Protection Act

The federal Volunteer Protection Act of 1997 provides limited protection to individuals who volunteer their services for nonprofit organizations. Under the Act, a volunteer is generally not liable for harm caused by an act or omission on behalf of the organization if:

The volunteer was acting within the scope of their responsibilities.
The volunteer was properly licensed, certified, or authorized if required.
The harm was not caused by willful or criminal misconduct, gross negligence, reckless misconduct, or a conscious, flagrant indifference to the rights or safety of the individual harmed.
The harm was not caused by the volunteer operating a motor vehicle, vessel, or aircraft.

The Act has significant limitations. It does not protect against liability for violations of federal or state civil rights laws, sexual offenses, or misconduct for which the volunteer has been convicted.

State Volunteer Protection Laws

Many states have their own volunteer protection statutes that provide additional or different protections. Some states provide broader protection than the federal Act; others are more limited. Directors should understand the specific protections available in their state.

Indemnification

Indemnification is a contractual or statutory obligation of the organization to cover the costs and liabilities incurred by a director in connection with their board service. Most nonprofit bylaws include indemnification provisions.

A typical indemnification provision covers:

Legal defense costs, including attorney fees.
Settlements and judgments.
Fines and penalties, except those resulting from willful misconduct.

Indemnification is only as strong as the organization's ability to pay. If the organization is insolvent, an indemnification promise may be worth nothing. This is one reason why D&O insurance is important.

Directors should review their organization's indemnification provisions and ensure they are current. Key questions to ask:

Does the provision cover both current and former directors?
Does it cover costs incurred in regulatory investigations, not just lawsuits?
Does it require the board to approve indemnification on a case-by-case basis, or is it automatic?
Does it advance legal defense costs before the matter is resolved, or only reimburse after the fact?

Directors and Officers Insurance

D&O insurance is a policy that covers the personal liability of directors and officers for claims made against them in connection with their service. It is the most important financial protection available to individual board members.

What D&O Insurance Typically Covers

Side A coverage protects individual directors when the organization cannot or will not indemnify them. This is the most critical coverage for individual board members.
Side B coverage reimburses the organization for amounts it pays to indemnify directors.
Side C coverage (sometimes called entity coverage) protects the organization itself against certain types of claims.

What D&O Insurance Typically Does Not Cover

Intentional fraud or criminal conduct.
Claims arising from events that occurred before the policy's retroactive date.
Claims between insured persons (for example, one director suing another), unless the policy includes insured-versus-insured coverage.
Employment practices claims, which are usually covered by a separate Employment Practices Liability Insurance (EPLI) policy.
Pollution claims or professional liability claims.

Key Considerations When Purchasing D&O Insurance

Coverage limits. The policy limit should be sufficient to cover potential defense costs and judgments. Limits that seem adequate for day-to-day operations may be insufficient if a major claim arises.
Retroactive date. The policy should cover claims arising from events that occurred during the coverage period, even if the claim is filed later.
Tail coverage. If the organization cancels or does not renew its D&O policy, tail coverage extends the reporting period so that claims arising from past events can still be covered.
Defense cost coverage. Some policies erode the coverage limit as defense costs are incurred. Non-eroding policies are preferable but more expensive.
Prior acts coverage. New policies should cover claims arising from acts that occurred before the policy was purchased, as long as the organization was not aware of the potential claim at the time.

Who Should Obtain D&O Insurance

Every nonprofit with a board of directors should carry D&O insurance. The cost is modest relative to the protection it provides, and its absence may deter qualified individuals from serving on the board.

Directors should verify that the organization has a current D&O policy and should understand its key terms, including coverage limits, exclusions, and the retroactive date. If the organization does not have D&O insurance, obtaining it should be a priority.

Practical Steps to Reduce Personal Liability

Fulfill Your Fiduciary Duties

The single most effective way to reduce your personal liability is to take your fiduciary duties seriously. Read materials before meetings. Attend meetings regularly. Ask questions. Disclose conflicts. Vote your conscience. Document your reasoning. These behaviors establish the due care and good faith that protect you under the business judgment rule.

Ensure the Board Has Proper Policies

Certain policies directly reduce liability risk:

A conflict of interest policy that is consistently enforced.
A whistleblower policy that provides safe channels for reporting concerns.
A document retention policy that ensures records are properly maintained.
Financial controls and audit procedures overseen by the board.
An executive compensation policy that follows the rebuttable presumption of reasonableness.

Maintain Thorough Records

Documentation is your best defense. If you are ever sued, the question will be whether you acted with due care and good faith. The evidence will be found in:

Meeting minutes that record what you discussed, what information you considered, and how you voted.
Board packs that show the materials you received and reviewed.
Action items that demonstrate follow-through on board decisions.
Conflict of interest disclosure forms.
Annual policy acknowledgments.

Know When to Seek Expert Advice

You are not expected to be a lawyer, accountant, or subject-matter expert on every issue that comes before the board. You are expected to recognize when a situation calls for expert advice and to ensure the board obtains it. When facing significant legal, financial, or regulatory questions, engage qualified professionals and document your reliance on their advice.

Dissent and Resign When Necessary

If the board is taking an action that you believe is illegal, unethical, or harmful to the organization, and your efforts to change course have failed, you have two important options:

Register your dissent. Ask for the minutes to reflect your opposition to the action. A recorded dissent can protect you from liability for a decision you opposed.
Resign. If the board persists in a course of action that you believe is seriously wrong, resignation may be the appropriate choice. Continuing to serve on a board that is violating its duties can expose you to liability for those violations.

Before resigning, consider consulting legal counsel about how to protect yourself. In some cases, you may also have a duty to report the board's conduct to regulators or law enforcement.

The Role of Technology in Liability Protection

Board management tools directly support the practices that reduce liability:

A structured agenda builder ensures that compliance and governance matters receive regular attention.
Centralized board packs ensure directors have the information they need to fulfill the duty of care.
Automated meeting minutes create a contemporaneous record of deliberations and decisions.
A voting tool records individual votes and recusals.
A compliance module tracks policy acknowledgments, disclosure forms, and regulatory deadlines.
An action tracker ensures follow-through on board decisions.

These tools create an audit trail that demonstrates due diligence and good governance -- exactly the evidence you need if your conduct is ever questioned.

Conclusion

Board member liability is real, but it is manageable. The law provides significant protections for directors who act in good faith, exercise due care, and put the organization's interests first. D&O insurance, indemnification provisions, and volunteer protection statutes add additional layers of protection.

The directors who face the greatest risk are those who do not show up, do not read the materials, do not ask questions, and do not disclose conflicts. The directors who face the least risk are those who take their duties seriously, insist on proper governance processes, and ensure the organization maintains adequate insurance and documentation.

If you serve on a nonprofit board, take the time to understand your personal risk exposure. Verify that your organization has D&O insurance, that the bylaws include indemnification provisions, and that the board follows proper governance procedures. These are not abstract precautions. They are the practical measures that protect you, your fellow directors, and the organization you serve.

For more on the broader compliance landscape, see our essential guide to nonprofit board compliance. To explore tools that support good governance and reduce liability risk, visit NFPHub.