I previously blogged about how Hester Peirce’s dissent from the SEC’s refusal to permit the listing of a bitcoin ETF earned her the moniker “Crypto Mom” from crypto enthusiasts. Judging by a recent speech, Commissioner Peirce digs her new nickname – & wants to be regarded as a “free range” mom who “encourages her child to explore with limited supervision, which requires the acceptance of a certain level of risk.” This excerpt elaborates on what “free range parenting” means when it comes to the crypto:
Steering a speeding machine down the highway is an enormously complex and cognitively-challenging task, one that is dangerous for drivers, passengers, and innocent bystanders. Permitting people to drive means people will be injured and, in too many cases, die. Outlawing driving would save lives, but the costs in terms of lost quality of life of doing so would be enormous, albeit difficult to quantify.
Instead of banning it entirely, therefore, we place reasonable restrictions on driving. Some of us may decide to avoid risks the law allows us to take. A speed limit, after all, is not a mandate. Some of us may choose not to drive at night, in bad weather, or at all. But, barring bad behavior on our part, the choice is ours, not the government’s.
It puzzles me that it is so difficult for those of us who regulate the securities markets to understand this concept; after all, capital markets are all about taking risk, and queasiness around risk-taking is particularly inapt. A key purpose of financial markets is to permit investors to take risks, commensurate with their own risk appetites and circumstances, to earn returns on their investments. They commit their capital to projects with uncertain outcomes in the hope that there will be a return on their capital investment. The SEC, as regulator of the capital markets, therefore should appreciate the connection between risk and return and resist the urge to coddle the American investor.
I get the argument for a lighter regulatory touch, but the analogy between cars and crypto falls flat. I mean, even the most gruesome multi-car pileup never helped trigger a global depression – the same can’t be said for innovative financial instruments.
Ironically, Commissioner Peirce’s remarks came during the month marking the 10th anniversary of the financial crisis. Axios’ Felix Salmon commemorated that milestone by tweeting a copy of what may be the most chilling email ever sent – a message in which one NY Fed official told another that Morgan Stanley had informed Tim Geithner late on Friday, Sept. 20, 2008 that it would be unable to open on the following Monday, and indicating that if Morgan Stanley didn’t open, Goldman Sachs was “toast.”
“Crypto Mom” or “Stakeholder Slayer?”
Commissioner Peirce may like her “Crypto Mom” nickname, but I’d venture a guess she might actually prefer “Stakeholder Slayer.” That’s because in another recent speech, she made it clear that she’s not a fan of the idea of corporate “stakeholders.” Here’s an excerpt:
We have a deep and well-developed body of corporate law. It rests on the assumption that the board owes its principal duty to the shareholders collectively, not to an amorphous group of stakeholders. There is no compelling reason to overturn centuries of settled law, and there are many reasons not to.
Although she objects generally to efforts designed to compel directors to consider ESG issues as part of their fiduciary duties, Commissioner Peirce is particularly critical of California’s new law mandating inclusion of women directors on public company boards. She contends that California’s legislation “effectively forces corporations, including non-California corporations, to consider all women as stakeholders,” and argues that it opens a door to get other “favored groups” included in the stakeholder definition.
Cyber Insurance: GDPR Penalties? They May Not Cover It
One of the most intimidating aspects of the EU’s General Data Protection Regulation – GDPR – is the enormous potential penalties the companies can face for violating its provisions. Companies that run afoul of the GDPR could face fines of up to the greater of €20 million or 4% of their gross annual revenue.
For many companies, this regime means that the most significant potential cyber-related exposure they face is GDPR non-compliance. But this Womble Bond Dickinson memo says that if you expect your cyber insurance policy to protect you, you may be out of luck:
Companies with international exposure should check their cyber insurance policies to determine coverage of EU fines. According to an analysis conducted this summer by Aon, GDPR fines were found to be insurable in only two countries – Norway and Finland – out of the 30 European countries surveyed. In fact, in 20 of the 30 jurisdictions, including the UK, France, Spain and Italy, GDPR fines would specifically NOT be insurable. The other eight jurisdictions were less clear, and may depend on whether a GDPR fine is classified as civil or criminal.
The memo says the answer may be different for U.S. domiciled companies – but even here, the availability and scope of GDPR coverage varies from carrier to carrier.
– John Jenkins