The Center for Audit Quality recently published this analysis of S&P 500 ESG reporting. Here are some key takeaways:
– 95% of S&P 500 companies had detailed ESG information publicly available.
– The information the CAQ examined was primarily outside of an SEC submission in a standalone ESG, sustainability, corporate responsibility, or similar report. Of the remaining 5%, most companies published some high-level policy information on their website.
– A majority of companies referenced more than one reporting framework – CDP, SASB, GRI, TCFD and/or IR. Nearly 300 companies refer to using 3-5 frameworks.
– 264 companies said they had some form of assurance or verification over ESG metrics. Roughly 6% of S&P 500 companies received assurance from a public company auditing firm over some of their ESG information, and 47% had assurance from an engineering or consulting firm.
The CAQ goes on to compare different types of assurance and assurance terminology. This is definitely still an evolving area, and one that our colleague Lawrence will be continuing to write about on PracticalESG.com.
If you’re old enough to remember the original version of “Stark Trek,” you probably recall an episode called “The Trouble with Tribbles.” The plot involved a somewhat sketchy interstellar trader who arrived selling purring little fluff-balls known as “tribbles.” These creatures were adorable and soothing, and everybody on the crew loved them. The only problem was that they bred uncontrollably and their sheer numbers quickly threatened to overwhelm the entire starship.
It seems to me that plot of this 50+ year old Star Trek episode – which my wife says I’m a dork for using in this blog – actually isn’t a bad analogy for the potential consequences of the retail investor boom over the past year. Like tribbles, retail investors usually are considered pretty cuddly by company management, but when the size of the retail base explodes, all sorts of complications can arise. This recent WSJ article detailing the travails of companies that found themselves on the receiving end of Robinhood’s “free stock” promotion is a good example of some of those complications. Here’s an excerpt with a hair-raising tale from a small cap issuer about just how much Robinhood’s promo cost it:
One company pushing back is Florida-based drugmaker Catalyst Pharmaceuticals Inc., which says Robinhood’s program cost it more than $200,000 last year and could be even more expensive this year. “Catalyst has become aware that Robinhood has been giving away shares of Catalyst’s common stock at no charge as part of its promotional program,” Catalyst Chief Executive Patrick McEnany wrote in a June comment letter to the Securities and Exchange Commission. “Catalyst believes that there are likely numerous companies facing this same issue, and that the costs of distributing materials to small stockholders under these circumstances is onerous and unreasonable.”
To put this into perspective, Catalyst only had about $120 million in revenues last year, so you can see why they’d gag on Robinhood sticking them with an additional $200,000 in mailing costs. Not to pat ourselves on the back, but Liz flagged the issue of potentially alarming rises in proxy distribution costs on our “Proxy Season Blog” more than a year ago. She also recently blogged about the NYSE’s rule change that will no long require issuers to bear fees associated with shareholders who only hold shares due to broker promos.
It appears that this issue may at least be on its way to being managed, but I think there’s reason to believe that the unprecedented influx of retail investors over the past year means that the problem of higher proxy distribution costs isn’t the only “trouble with tribbles” that public companies are going to have to deal with in the near future. What do I mean by that? Well, a couple of concerns come to mind. . .
There’s been a lot of press recently about shareholder perks being offered by companies as a means of engaging with their retail shareholders. Some companies, like Berkshire Hathaway, have been doing this kind of thing for quite some time. In theory, it sounds like a great idea – and there’s certainly evidence that retail engagement efforts can pay off big time for some companies. But listen, I’ve been there, and these things don’t always work out as planned.
I’ve blogged about how meme stocks like AMC have made efforts to cultivate relationships with retail investors by offering up various goodies, and this IR Magazine article says that other companies are engaging in similar efforts. I wish them well, but I’ve worked with a lot of consumer products companies over the years, and I can tell you from experience that these plans sometimes go awry.
I’ll give you a quick example. One company that I worked with owned a variety of well-known consumer-oriented brands, and also actively cultivated retail shareholders. One of the things they used to do was place a plastic bucket filled with product samples under each seat in the auditorium where their annual meeting was held. In one sense, their efforts were very successful, because lots of retail shareholders showed up at each year’s meeting looking for their goodies. On the other hand, things got progressively more out of hand with each passing year.
How out of hand? Many retail shareholders (who fit the stereotype of retirees with time on their hands) would arrive at the meeting early, scarf up their buckets of goodies, and then keep an eagle eye on the auditorium. As the meeting progressed, several would periodically race around to the empty chairs and snag the unclaimed buckets that had been placed under them, and things really picked up steam after it adjourned. I’ve got to admit, it was pretty impressive – I’ve never seen 75-year old people move with such stealth & speed. Ultimately, the scuffling for buckets became unruly enough that company ended the practice. If I recall correctly, they abandoned it the year that the blue-haired buccaneers made off with every single bucket of goodies that had been placed under the directors’ chairs.
I could tell a few other stories about how efforts to cultivate retail shareholders got out of hand, and having spoken to other lawyers who’ve also worked with companies that appeal to retail investors, I know that my experiences aren’t unusual. But I think the key thing to remember here is this – all of our stories took place before retail investors multiplied like tribbles. Today, you’ve got a bunch of companies with an outsized retail investor presence. That’s going to make all of these engagement efforts tougher to manage and potentially more likely to go off the rails – perhaps spectacularly.
Earlier this summer, Lynn blogged about a company that had to adjourn its annual meeting due to the absence of a quorum. That company was Oragenics, and it reconvened its adjourned meeting on August 23rd. Believe it or not, the company had to adjourn it yet again. Here’s an excerpt from its press release:
Oragenics, Inc. (NYSE American: OGEN) Oragenics, Inc. (“Oragenics” or the “Company”) today announced the Company’s reconvened annual meeting of shareholders, on August 23, 2021 at 4:00 p.m. was adjourned due to a lack of quorum. The Company intends to seek approval for the proposals submitted to its shareholders at a new postponed annual meeting date when practicable. The new annual meeting date will be established by the Company and a new record date, will be set in conjunction therewith; the former record date of May 5, 2021, is no longer valid.
So now, the company will try for a third time to hold an annual meeting, although this time it gets to incur all of the costs associated with establishing a new record date, filing a new proxy statement and soliciting shareholders all over again. I don’t think it’s coincidental that Oragenics reportedly has only about 8% institutional ownership.
Earlier this year, proxy solicitors warned that the decision by TD Ameritrade and other brokerage firms to no longer exercise discretionary voting authority for their accounts would increase the hurdles that companies with large numbers of retail investors would face in obtaining a quorum. Oragenics is an extreme example of that, but even the mightiest of the meme stocks, AMC, abandoned a proposal to increase its authorized number of shares due to concerns about getting enough votes.
The basic problem is that, historically, retail shareholders haven’t voted unless companies solicited them like crazy. Some think that may change with the rise of millennial investors. But it’s fair to say that the jury’s still out on that, and if companies with a bunch of new retail investors want to make sure those shares are represented “in person or by proxy,” they better be prepared to spend some of the money they’ll no longer be giving to Robinhood. Otherwise, Oragenics-like quorum nightmares could become a lot more common.
As the number of people and businesses impacted by Hurricane Ida’s devastation continues to grow, it’s worth noting that earlier this week, the SEC issued a press release announcing that it was monitoring the situation and that the Staff will evaluate the appropriateness of providing regulatory relief for those affected by the storm. In 2018, the SEC issued an order granting relief from filing deadlines for companies unable to make their filings as a result of Hurricane Florence. At this point, there’s been no word from the SEC as to whether such relief will be provided here.
As Liz blogged last week, ransomware attacks seem to be multiplying and becoming more audacious with each passing day. In the current environment, managing ransomware risk is a critical component of the board’s cyber-oversight responsibilities. This Woodruff Sawyer blog provides practical tips on developing appropriate protocols to address ransomware threats, and on developing a plan to respond to an attack. This excerpt addresses some of the things to think about when planning to mitigate the risk of ransomware attacks:
Have you set up your systems in a way so that your business can continue to operate after a ransomware attack? This involves ensuring your data and networks can be restored from backups. Increasingly, however, bad actors are finding ways around this, including infiltrating a network and searching for backups right away. If they can encrypt backups, you may have to pay the ransom.
Do you have a detailed incident response plan? This includes knowing who owns the plan within the company and choosing your key response vendors before a cyber event occurs. It is especially important to establish ahead of time your trusted outside counsel and your investor relations team or consultant.
How will you handle communications and disclosures during and after the cyber incident? This is one area where you will want to lean on the guidance of your outside counsel. There is tremendous pressure to say something—anything—during a cyber incident. However, speaking too quickly or not being prepared can lead to ill-advised and incomplete disclosures. Think through various scenarios and consider ahead of time what will be your cadence of communications, what you will say, and who will say it. You will also need to make appropriate disclosures to agencies like the SEC. For more on this, see my colleague Dan Burke’s article on nailing your communications during a cyber event. Remember, too, that the SEC is coming down hard on companies that have executed their communication plans poorly. See recent SEC enforcement actions against First American Title Company and Pearson plc.
In what circumstances would you pay the ransom? There are several considerations when deciding whether to pay a ransom, including if you are able to restore from backups as outlined earlier as well as others highlighted in a recent article by Dan Burke on three things to consider before paying a ransom. You will also want to be sure the person or entity is not on a sanctions list managed by the US Department of the Treasury’s Office of Foreign Assets Control. This list prohibits transactions with certain people or entities as a matter of national security. The agency “may impose civil penalties for sanctions violations based on strict liability, meaning that a person subject to US jurisdiction may be held civilly liable even if it did not know or have reason to know it was engaging in a transaction with a person that is prohibited under sanctions laws and regulations administered by OFAC.”
The blog also provides insights on whether to contact the government and how to interact with your insurance carrier in the event of a ransomware attack.
By the way, now is a good time to take a hard look at the way you approach cybersecurity governance. That’s because in a speech delivered yesterday, SEC Chair Gary Gensler reiterated previous comments to the effect that the Staff is “developing a proposal for the Commission’s consideration on cybersecurity risk governance, which could address issues such as cyber hygiene and incident reporting.”
Credibility International recently released this report on 2020 SEC & PCAOB enforcement activity relating to financial reporting, auditing, and accountants’ professional responsibilities. Overall, the report says that the SEC and PCAOB brought actions against 125 respondents in new matters. Of these, 62% were brought against individuals and 38% were brought against entities.
In addition to quantitative data on enforcement actions, the report also discusses significant themes of the SEC & PCAOB’s enforcement program. This excerpt includes observations on 2020 actions targeting revenue recognition and related disclosures that didn’t involve alleged GAAP violations:
A second important observation arising from 2020 activity is the prevalence of revenue recognition cases alleging revenue disclosure violations with no related alleged GAAP violation. These cases related to: (1) disclosures about known trends and uncertainties in Management’s Discussion and Analysis of Financial Position and Results of Operations (“MD&A”), and (2) reporting of sales-related key performance indicators (“KPIs”) and the presentation of non-GAAP financial measures related to revenue recognition.
Further, given the SEC’s increased focus in recent years on non-GAAP financial measures and on disclosures contained outside the audited financial statements, we anticipate continued enforcement activity in this area, regardless of whether alleged revenue violations result in material misstatements of GAAP financial statements.
Other major enforcement themes addressed in the report include ICFR & disclosure controls and procedures, gatekeepers, cooperation credit and remediation, and audit firm quality control systems. The report also identifies a number of emerging areas that may become enforcement priorities. These include asset impairment, valuation, earnings management, blank check companies, and COVID accounting and disclosure.
I’m afraid that I have some very sad news to report from our friends at Bass, Berry & Sims:
It is with a heavy heart that we inform you that our friend and Bass, Berry & Sims colleague Jim Cheek passed away last week. He was a legend in the legal industry, especially in the area of corporate and securities law, and he is remembered as an inspiring leader and mentor. His legal acumen and commitment to service and meaningful relationships with clients, colleagues, and friends have shaped our law firm and the broader legal community, and his influence will remain central to that foundation for years to come.
Last year markehisd Jim’s 50th anniversary with Bass, Berry & Sims. As we reminisce about Jim and his impact on the firm, we find solace in knowing we had the opportunity to celebrate his career through a video tribute and dedication of our Nashville boardroom in his honor. We invite you to watch the video, which can be found here, in remembrance of a great man.
I’d like to offer the condolences of everyone here at TheCorporateCounsel.net to Jim’s friends and family. I never had the pleasure of meeting Jim Cheek, but I can tell you that he was a role model and inspiration for me and many other securities law practitioners in the “flyover states.” Despite the concentration of legal talent on the coasts, Jim’s example showed those of us who weren’t in major east or west coast markets that we also could make meaningful contributions to the national dialogue on securities and corporate law issues.
Bass Berry says that it is collecting quotes in remembrance of Jim Cheek that the firm will share with his family. If you’d like to contribute, the firm invites you to email your tribute to tributes@bassberry.com.
Last week, a subcommittee of the SEC’s Investor Advisory Committee weighed in with a set of draft recommendations for Rule 10b5-1 reforms. This excerpt from a recent Sullivan & Cromwell memo summarizes the recommendations, which are expected to be approved at the IAC’s September 9th meeting:
The key proposals in the draft recommendation are (1) the implementation of a four-month cooling-off period before trades may occur under a newly adopted or modified plan, (2) prohibitions on overlapping plans, (3) required disclosures in Current Reports on Form 8-K, Forms 4 and proxy statements, (4) the application of Form 4 requirements to foreign private issuers and (5) the electronic filing of Form 144. Notably, many of these changes, including the four-month cooling-off period, would apply to individual and corporate trading plans, even though much of the scrutiny around trading plans has related to individual plans.
The memo provides details on these and other recommendations, and notes that many of them are consistent with the reform ideas outlined by SEC Chair Gary Gensler in June. However, there are some potential changes that Gensler referenced that aren’t addressed in the draft. These include limits on the ability of insiders to terminate plans while in possession of MNPI, and his cryptic reference to rules addressing “the intersection [of 10b5-1 plans] with share buybacks.” S&C’s memo suggests that we might see a rulemaking proposal as early as this fall.
Last week’s IAC meeting must have been pretty busy, because in addition to the 10b5-1 reform recommendations, it also received a subcommittee’s draft recommendations on enhancing SPAC disclosure. This excerpt from a recent CFO Dive article summarizes the key recommendations:
Based on the draft document, the advisory committee would recommend SPACs be required to:
– describe the role of its sponsor (including “insiders or affiliates such as celebrity sponsors/advisors”), their “expertise and capital contributions,” and any potential conflicts of interest, according to the advisory committee’s draft document;
– enable investors to gauge risks by providing “plain English” disclosure about stages in the SPAC process, including the “promote” to be paid to sponsors and the impact on dilution of shares and;
– detail “the mechanics and timeline of the SPAC process,” including a description of the asset to be purchased, events required during the next two years for the asset to appreciate and the shareholder approval process at the time of de-SPAC.
The draft also includes a recommendation that the SEC publish an analysis of the players in the various SPAC stages, their compensation, and their incentives. Following the publication of that analysis, the IAC may follow-up with additional actions or recommendations regarding SPACs.
If you take the time to read the draft, I think you’ll come away with the sense that the IAC subcommittee is very uncomfortable with how little is known about the post-2019 SPAC market. In particular, with so many SPACs still looking to complete their merger transactions, the draft says that “the greatest risk of SPACs to investors may remain ahead with the merger being a point of significant inflection for investors – and their related risk and returns.”
Speaking of SPACs & SPAC mergers, be sure to tune in to our September 22nd joint webcast with DealLawyers.com on “Navigating De-SPACs in Heavy Seas” to hear our panel of experts discuss the De-SPAC process and the challenges presented by the current regulatory environment.