In late May, Dave shared that the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with the National Association of Corporate Directors (NACD), had released a 72-page public exposure draft of a Corporate Governance Framework for public comment and some FAQs about the framework and the process. Just this week, COSO announced that the draft “has been withdrawn from public comment as COSO takes time to evaluate the extensive feedback received to date and engage further with stakeholders.” The press release cites “a shifting regulatory and economic landscape for U.S. businesses” and “the recent passage of a wide-ranging federal law that introduces significant changes to corporate reporting and planning requirements,” saying “COSO and NACD recognize the importance of ensuring that any revised draft framework aligns with the existing requirements and evolving expectations placed on public companies.”
Comments were initially requested by July 11, but it looks like the deadline was previously extended to September 12. Now, COSO suggests that stakeholders who have already prepared comment letters submit them by July 23 by email. The website says that comments will be made public after the comment period ends, and that COSO looks forward to reintroducing a refined draft at a future date.
This National Law Review article highlights recent SEC enforcement developments — focused on new cases the SEC brought, instead of old cases it dismissed. It reports that, in the second quarter, every case filed in district court alleged fraud, which may suggest that enforcement was focused on egregious conduct, and less on technical violations. It also says, “it is no surprise that the SEC now files all of its fraud cases in district court (where a jury is available) and not in its administrative forum (where cases are decided by administrative law judges),” after the Supreme Court held in Jarkesy that, “when the SEC seeks civil penalties for securities fraud, the defendant is entitled to a jury trial.”
At the DOJ, one of the more recent areas of focus is import-related fraud, especially U.S. tariffs and duties evasions. Per this Troutman Pepper alert, targeted conduct includes:
– Undervaluing imported goods to reduce duties owed;
– Falsifying country-of-origin information, including deceptive labeling or transshipment to conceal origin;
– Misusing free trade agreement preferences (e.g., under the U.S.-Mexico-Canada Agreement) without meeting eligibility requirements;
– Improperly classifying products to secure a lower duty rate or avoid tariffs entirely; and
– Structuring transactions to sidestep tariffs, such as Section 301 duties on Chinese-origin goods or Section 232 tariffs on steel, aluminum, automobiles, and automotive parts.
It suggests companies renew their focus on import compliance by:
– Auditing import records and customs filings for potential misstatements or misclassifications;
– Reviewing supplier declarations and country-of-origin certifications, especially for goods sourced from high-risk jurisdictions;
– Ensuring trade compliance policies and training are updated and applied consistently across the business; and
– Conducting internal investigations where potential red flags exist and preparing for voluntary disclosure where appropriate.
The clock is ticking to take advantage of our “Early Bird” rate – a 20% discount on the single in-person attendee fee – for our “Proxy Disclosure & 22nd Annual Executive Compensation Conferences.” That rate expires on July 25th, which is one week from today! You can sign up online or reach out to our team to register by emailing info@ccrcorp.com or calling 1.800.737.1271.
This year, the Conferences are on Tuesday & Wednesday, October 21 & 22, at The Virgin Hotels in Las Vegas. Check out our timely and topical agenda and terrific group of speakers. We also have even more opportunities to network this year. If you plan to attend in person, be sure to arrive early enough on Monday to attend the Welcome Party + CCRcorp’s 50th Anniversary Celebration, which will take place from 4:00 pm to 7:00 pm PT on October 20. We hope to see you there in person, but as always, we have a virtual option for those of you who are unable to travel to Las Vegas for the event.
Dave recently shared an academic paper arguing that AI is not just analyzing MD&As — but actually shaping how they’re written. The author, Professor Keren Bar-Hava of the Hebrew University of Jerusalem, just released a new paper summarized in this CLS Blue Sky Blog, suggesting two empirical tools to measure how companies tailor their MD&As to algorithms and when AI-induced disclosure pressure has caused tone to cross the line from optimism to manipulation.
The first tool, the AI Orientation Score, ranges from 0 to 5 and assesses how machine-optimized a disclosure is based on measurable language, keyword usage, structured formatting, impersonal tone, and tonal consistency. A higher score suggests that the MD&A was likely crafted with machine readers in mind.
The second tool, the AI Manipulation Exposure Index (AI-MEX), also scored from 0 to 5, captures rhetorical red flags that may signal tone manipulation. These include upbeat language despite poor financials, absence of key performance indicators, vague aspirational claims, and excessive repetition of positive terms.
Professor Bar-Hava applied these tools to analyze 80 MD&As from 20 large S&P 100 firms between 2021 and 2024 (using both ChatGPT and Gemini, which arrived at nearly identical conclusions) and found that:
AI Orientation Scores rose steadily, indicating growing use of algorithm-friendly narrative techniques in MD&A disclosures.
AI-MEX scores were significantly higher for firms with weak fundamentals, such as negative net income or deteriorating cash flow.
By 2024, over 60 percent of companies scored high on both indices, signaling a dual strategy of structural optimization and tone management.
She concludes that these trends are . . . not great (my words, not hers). She worries that they will erode investor trust and confidence in this important narrative disclosure that is often the “only section where strategy, performance, and uncertainty are discussed together in plain language.” She suggests that anyone on the reviewing end of MD&A start to incorporate these diagnostic tools to help understand when the narrative doesn’t align with the numbers and holding companies “accountable for how tone, metrics, and structure align.”
How should public companies and their lawyers be receiving and responding to this?
First, be aware that AI is one of the several audiences of your disclosures, and that your disclosures may be screened or assessed by an algorithm. On RealTransparentDisclosure.com, Broc recently shared some great practice pointers for drafting with that in mind. (The last one in particular jumped out at me: “Recognize that today’s disclosures train tomorrow’s AI models. The tone and style choices you make now can set future industry expectations—so lead wisely.”)
Second (and this aligns with Broc’s point no. 4), ensure you’re still presenting an accurate, fair and balanced picture of company performance. Investors may start considering to what extent you’ve machine-optimized disclosure and when and whether it starts to border on manipulation (or even misrepresentation) by applying these or other analysis tools. To that end, companies may also want to start considering how their disclosures score on AI Orientation and AI-MEX.
I’d also argue that outside counsel (through human review) may be well-positioned to help clients avoid high AI-MEX scores by looking at all the disclosures holistically and asking questions where disclosures (including tone) appear inconsistent. That can be a hard task for the preparer who has been living and breathing the numbers and disclosures for a few weeks, while a more outside observer well-versed on the company and its industry reading a full draft for the first time might immediately pick up on language that comes off as overly optimistic or inconsistent.
It goes without saying that “the company and its management are responsible for the accuracy and adequacy of their disclosures notwithstanding. . . any action or absence of action” by company or investor AI. (See what I did there?)
Regulation A has been a bit of a hot topic at the SEC of late. At the Small Business Advisory Committee’s May 6 meeting, two hours were devoted to discussing Regulation A to better understand how companies have utilized Regulation A, why it’s a less popular option, and whether rule changes could help facilitate its use and improve secondary liquidity. As John recently shared, the Committee is meeting again on July 22, and the agenda contemplates continuing this discussion.
In the meantime, Corp Fin’s Office of Small Business Policy recently responded to a no-action request relating to ongoing reporting obligations under Regulation A. Here’s a Reg. A reminder from this Goodwin blog:
Regulation A was adopted by the SEC to provide an exemption from registration for smaller value securities offerings. Regulation A has two offering tiers: Tier 1, for offerings of up to $20 million in a 12-month period; and Tier 2, for offerings of up to $75 million in a 12-month period. Once a Tier 2 offering has been qualified, the issuer is required to file with the SEC an annual report on Form 1-K for the fiscal year in which the offering statement became qualified and for any fiscal year thereafter, unless the issuer’s obligation to file such annual report is suspended under Rule 257(d) of Regulation A.
The company seeking no-action relief, BirchBioMed, filed an offering circular under Regulation A that was qualified by the SEC in October 2024. The company had commenced an offering, received completed subscription agreements and received funds in escrow; however, by June 20, all funds had been released from escrow and returned to investors.
Upon qualification of the offering statement, the company was required to file ongoing reports under Rule 257(b). Rule 257(d) permits the suspension of the filing obligation if (i) the issuer has fewer than 300 shareholders of record and (ii) has filed all reports required to be filed since it became a Regulation A reporting company; however, suspension of reporting obligations is not available during the fiscal year in which a Tier 2 offering statement is qualified. The company met these conditions, but for the fact that the offering circular was qualified in the current fiscal year.
The Goodwin blog points to the company’s public policy arguments — saying that the public policy considerations underlying the reporting requirements of Regulation A are not present because BirchBioMed, Inc. has no shareholders to whom the required ongoing reporting obligations are intended to benefit, and there is no secondary market that has or could develop as a result of the Regulation A offering. The SEC staff seemed to agree and granted no-action relief.
In a blog on Monday, I shared that my least favorite item of Regulation S-K (I said this was “as of” my associate years, but I think it still holds true) is Item 305 — Quantitative and Qualitative Disclosures about Market Risk. I remember form-checking those disclosures to be a terrible, and frankly, confusing slog. (Amirite?) Plus, it was always one more reason to be disappointed that I didn’t study accounting!
Anyway, it sounds like I am in good company. Inspired by reader outreach (we love that by the way — thank you to everyone who reaches out!), let’s run a quick poll. I’m curious if another item of Reg. S-K gives 305 a run for its money. I’m thinking 402 will have a lot of takers (but don’t let me influence you).
This is a Highlander situation — pick only one. But it’s anonymous, so don’t worry. Your least favorite item of Reg. S-K will never know how you truly feel about it. And I know I limited your selections, but the list got unwieldy!
The PCAOB announced yesterday that Chair Erica Williams will depart on July 22. SEC Chair Paul Atkins also issued a statement and thanked her for her service. The PCAOB press release described Chair Williams’ tenure:
Williams was originally sworn in as PCAOB Chair in January of 2022. She was reappointed in June 2024 and sworn in on October 24, 2024. Under her leadership, the PCAOB developed and executed an ambitious strategic plan to modernize standards, enhance inspections, strengthen enforcement, and improve the PCAOB’s organizational effectiveness. The PCAOB’s accomplishments under Williams’ tenure include:
Securing complete access to inspect and investigate firms headquartered in China for the first time in history and bringing record enforcement actions against China-based firms.
Launching a concentrated effort to improve audit quality that helped lead to significant improvements in deficiency rates across audit firms.
Increasing transparency in inspection reports and getting those reports out nearly a year sooner so that investors, audit committees, and others have access to valuable information more quickly.
Taking more formal actions to modernize standards and rules than any Board since the PCAOB was created, finalizing seven projects, covering 24 rules and standards.
Delivering record-setting sanctions, sending a clear message that there will be strong consequences for anyone who puts investors at risk.
Partnering with staff to make the PCAOB a better place to work, leading to a 30-percentage point increase in the number of PCAOB staff who say they would recommend the PCAOB as a great place to work.
Reimagining stakeholder outreach, reconstituting the Investor Advisory Group and the Standards and Emerging Issues Advisory Group and creating the first-ever standalone Office of the Investor Advocate.
Awarding the highest amount of merit-based scholarships to accounting students in PCAOB history.
The fate of the PCAOB has been unclear for the last few months — starting with speculation that the PCAOB’s powers would be scaled back under the new administration and subsequent attempts by Congress to eliminate it completely — and remains so, even though elimination of the PCAOB didn’t end up in the final budget reconciliation bill.
In early Q2, we saw a number of prominent companies suspend or withdraw financial guidance entirely due to tariff uncertainties. But where companies continue to provide guidance, how are they handling the potential impact of tariffs? Jenner & Block surveyed April and May 2025 earnings releases by 100 S&P 500 companies and found that:
– 20% of companies noted that the impact of tariffs wasn’t reflected in their guidance
– 30% took tariffs into account but did not quantify the impact or note specific offsetting actions
– 30% took tariffs info account and did specifically identify offsetting or mitigation actions, including pricing actions (usually when reaffirming), but did not quantify the impact
– 18% took tariffs into account and separately quantified their impact — usually on a gross or per share basis
– 2% (two companies) provided a quantification of the tariffs’ expected impact, but excepted it out of the guidance
Where companies did not mention tariffs in their discussion of guidance, they still mentioned them in their forward-looking statements disclaimer.
Late last month, I saw in the Securities Docket that two people were charged with insider trading after purchasing stock in advance of merger announcements that they learned about through their jobs as employees of an EDGAR filing agent. Apparently, they planned to leave the country but were thwarted when they were arrested by the FBI at JFK Airport. (I immediately thought Dave would be interested in that last part — since he recently shared that he was inspired to get a job at the SEC after seeing Gordon Gekko’s arrest in the movie Wall Street.)
Dramatic arrests aside, this Bryan Cave blog gives a practical take on this news and cites it as just one example of the special challenges public companies often face in protecting confidential information — especially when announcing material corporate developments and quarterly financial results. And it uses this news as an “opportunity” to share some best practices public companies can take to protect confidential information and internal controls public companies should develop surrounding public announcements. Among other things, the blog says those controls should include:
– Scrubbing metadata – or only using clean PDF formats – before releasing documents (or sharing via cloud collaboration). On some prior occasions, failures have allowed viewers to see:
Tracked changes showing edits to sensitive documents.
Comments showing internal disagreements over wording.
Author names and timestamps showing the drafting timeline.
Hidden text.
– Preventing premature posting, or mistaken posting of outdated versions, by:
Establishing clear communications with financial printers, filing and transfer agents, as well as IR and website teams and other third party vendors with access to confidential or sensitive information.
Evaluating drafting and review controls, including collaboration tools with audit trails, to avoid confusion over drafts or final versions.
Maintaining formalized levels of review by legal, finance, IR, and other relevant teams.
Reconciling SEC filings and press releases to ensure consistency.
– Evaluating controls for authorized release times, protocols for transmission to wire services and documentation of approvals from stakeholders.
– Periodically conducting testing for SEC filing and press release distribution protocols.
– Establishing procedures for promptly retracting or correcting erroneous communications, along with Form 8-Ks where appropriate.
– Reviewing or updating the external communications policy, including identification of parties authorized to speak to the media or analysts and related confidentiality obligations.
– Securing physical documents in locked drawers, whether at the office or at home.
– Evaluating third party agents for Edgarization or press release distribution, including with respect to their compliance policies, reputation, and employee training and confidentiality procedures.
It also highlights the need to remind employees of their obligations to protect confidential information, including by being careful about when and where they discuss a confidential topic. (That includes being careful at home — since I was immediately reminded of the WFH insider trading case from 2024.)
The Corp Fin Staff just released 18 revised CDIs on the filing of Schedules 13D and 13G. Thanks to the helpful redlines provided by Corp Fin, it looks like the changes are largely clean-up, clarification and updates necessary to align the CDIs with the October 2023 amended rules that, among other things, shortened the deadlines for initial and amended Schedule 13D and 13G filings. Here’s the full list of the updated CDIs, with links directly to the redlines:
