In the latest Deep Dive with Dave podcast, John and I talk about the topics we cover in the November-December 2021 issue of The Corporate Counsel. We discuss the annual season items that you should keep in mind as we go into the annual reporting and proxy season, review the SEC’s universal proxy rules and address Staff Legal Bulletin 14L. Thanks for listening to the Deep Dive with Dave podcast!
– Dave Lynn
Programming Note: This blog will be off tomorrow, back next week.
Earlier this week, the SEC announced that it had brought charges against yet another hacking ring accused of accessing earnings releases prior to issuance and trading based on the information obtained through the hack. The earnings announcements were accessed by hacking into the systems of two filing agent companies before the announcements were made public. In the complaint, the SEC alleges that the insider trading scheme yielded $82 million in profits during a period from February through August 2020.
As has been the case with many of the Division of Enforcement’s recent cases, the Staff credits powerful analytical tools for helping to make the case against the defendants. The complaint notes:
The trades by the Trader Defendants were disproportionately focused around the earnings announcements of publicly-traded companies that used the Servicers to make their EDGAR filings, as compared to earnings announcements where the required EDGAR filings were not made through the Servicers. Indeed, statistical analysis shows that there is a less than one-in-one-trillion chance that the Trader Defendants’ choice to trade so frequently on earnings events tied to the EDGAR filings of the Servicers’ public company clients would occur at random.
This latest hacking scheme points to the vulnerability of material nonpublic information when it is stored in the cloud prior to making the EDGAR filing. Despite all of the efforts to maintain the security of the systems used to process and store this information, sophisticated hackers can often find a way in. Unfortunately, there is not much that companies can do to protect themselves in this situation, other than to try to minimize the time that the submission is on the filing agent’s system. This is no doubt not the last of these schemes that the SEC will find with its sophisticated trading surveillance methods.
I may be slow on the uptake here, but I just started wondering what the heck is going on with my telephone that has not been working for the past week or so. Apparently, my telephone is one of many casualties of the “Log4Shell” vulnerability, which has been wreaking havoc across the technology world for almost two weeks now. As Emily notes over on the Mentor Blog, Log4Shell is a piece of ubiquitous code that TechCrunch has called the “bug that’s breaking the internet.”
Now, having been someone who lived through the infamous Y2K vulnerability, which was billed as potentially ending modern civilization as we know it, I tend to take that sort of statement with a big grain of salt. However, as we grind through this holiday week, the last thing we need is for the Log4Shell problem to continue gather steam and give us something other than the Omicron variant to worry about. The Mentor Blog notes these critical steps that companies should take, as highlighted in this recent DLA Piper memo:
Legal team to communicate with vendors and service providers to determine whether Log4j software is used in their products, whether Log4j software has been patched, whether Log4Shell has impacted their systems/services/products and if so, the status of remediation. Review vendor contracts for notice rights and indemnity obligations and take appropriate action to preserve contractual and other remedies
Legal team to print a hard copy of the cyber insurance policy
Legal and InfoSec teams to print hard copies of the incident response plans and playbooks and notify members of the incident response team to be on standby in the event they need to be activated
If InfoSec team detects unauthorized activity, activate IR plans and get legal involved to conduct privileged investigation
Legal and InfoSec teams to stay current on Log4Shell threats.
Note that we have plenty of other resources addressing cybersecurity threats available in our “Cybersecurity” Practice Area.
The November-December issue of The Corporate Executive has been sent to the printer (email sales@ccrcorp.com to subscribe to this essential resource). It’s also available now online to members of TheCorporateCounsel.net who subscribe to the electronic format – an option that many people are taking advantage of in the “remote work” environment. The issue includes articles on:
• SEC Reopens Comment Period for Compensation Clawback Rules
• ISS and Glass Lewis Update Proxy Voting Guidelines
• Accounting Rules Now Allow Private Companies to Use Section 409A Methodology
• A Blast from the Past: The SEC Issues Guidance on “Spring-Loaded” Awards
SEC Commissioner Elad Roisman released a statement yesterday indicating his plan to resign his position by the end of January 2022. Roisman has served as a Commissioner since September 2018, and served as acting Chairman for a brief time from December 2020 to January 2021. Commissioner Roisman joined the SEC from the U.S. Senate Committee on Banking, Housing, and Urban Affairs, where he served as Chief Counsel. He had also served as Counsel to SEC Commissioner Dan Gallagher, and worked at NYSE Euronext and Milbank. Commissioner Roisman’s statement gives no indication of what he plans to do next.
Yesterday, the Staff of the Division of Corporation Finance published a sample letter highlighting comments issued to companies that are based in, or that have the majority of their operations in, the People’s Republic of China. The lead-in to the sample letter notes:
[T]he Division is issuing comments to China-based companies seeking more specific and prominent disclosure about the legal and operational risks associated with China-based companies. The Division’s comments focus on the need for clear and prominent disclosure regarding the structure of the company, including the relationship between the entity conducting the offering and the entities conducting the operating activities, risks associated with a company’s use of the VIE structure, and the potential impact on the company’s operations and investors’ interests if such structure were disallowed or the contracts were determined to be unenforceable. The Division’s comments also focus on additional legal, regulatory, and enforcement risks that may apply to investments in China-based companies, such as the potential impact of the Holding Foreign Companies Accountable Act and related rules and any necessary PRC permissions a China-based company may need to operate its business or offer securities to foreign investors.
The Staff goes on to point out that for a SPAC with sponsors based in China, executive offices in China, a majority of its executive officers and/or directors that are located in or have significant ties with China, or that is contemplating a merger with a company incorporated in China, “specific disclosure about these circumstances is warranted to meet the company’s disclosure obligations.” The Staff indicates that the disclosure should address the risks associated with the SPAC’s operations, as outlined in the sample letter. Also, for China-based companies with ongoing SEC periodic reporting obligations or that are engaged in capital raising transactions via takedowns from an effective shelf registration statement, the Staff expects prospectus supplements or incorporated periodic or current reports (and future periodic reports) to disclose the information and risks discussed in the Staff’s sample letter.
Recently, the SEC announced that it had named James Grimes as the agency’s new Chief Administrative Law Judge. Judge Grimes succeeds Brenda Murray, who retired in 2019 after 25 years of service as the SEC’s Chief Administrative Law Judge.
The SEC’s administrative law judges conduct hearings, issue initial decisions, and adjudicate matters in administrative proceedings before the agency. I point this out because I got my start at the SEC serving as a law clerk in the Office of Administrative Law Judges. I was hired by Judge Murray and had the great opportunity to work with her and all of the judges in the office at that time in the mid-1990s. I was fortunate that the Office of Administrative Judges was on the same floor as several Corp Fin review offices, and I met Shelley Parratt in the hallway (at the time, Shelley was an Assistant Director running the review office that handled real estate and a number of other industries). That chance meeting with Shelley led to my first job in Corp Fin, and the rest, as they say, was history. It just goes to show how one opportunity can lead to another, and a chance meeting can sometimes change the course of your career!
The Corp Fin Staff addressed the procedural aspects of shareholder proposal no-action requests again on Friday, requesting that, effective immediately, companies and shareholder proponents redact all personally identifiable and other sensitive information (e.g., brokerage account numbers, physical addresses, email addresses and telephone numbers) from Rule 14a-8 submissions and related materials prior to submitting them to Corp Fin. The Staff notes:
For example, companies should redact personally identifiable information from an individual shareholder’s cover letter accompanying the proposal. Shareholder proponents should also limit the personally identifiable and sensitive information in the materials they provide to companies by including only the information that is necessary to establish their eligibility to submit the proposal and for the company to communicate with them. The staff may require parties to resubmit any materials we receive that contain personally identifiable or sensitive information, in which case the staff will not consider the substance of those materials until they are resubmitted.
The Staff goes on to indicate that the applicable guidance in prior Staff Legal Bulletins only calls for the submission of all relevant correspondence in Rule 14a-8 submissions. The Staff states that the amount of personally identifiable and sensitive information would be reduced dramatically if companies did not submit documents that are not relevant to the Staff’s consideration of a no-action request. For example, the Staff says that a company should only submit a shareholder proponent’s proof of ownership documents if the company is contesting a proponent’s eligibility to submit a proposal under Rule 14a-8(b).
In the past, the Staff has taken upon itself to redact, to the extent possible, personally identifiable and other sensitive information before posting the materials on www.sec.gov, but the Staff notes “this process can result in delays in the public dissemination of these materials.”
Recently, the SEC’s Office of the Advocate for Small Business Capital Formation issued its 2021 Annual Report. This SEC office with a very long name was created back in January 2019 pursuant to legislation that was seeking to advance the interests of small businesses and their investors. The SEC’s announcement notes:
The 2021 Report is a comprehensive resource on the dynamics of capital raising in communities across the country. It highlights the office’s advocacy work during fiscal year 2021, shares policy recommendations, and provides data on small business capital formation in the following categories:
Small and emerging businesses
Mature and later-stage businesses
Small public companies
Women-owned businesses and investors
Minority-owned businesses and investors
Natural disaster areas
Rural communities
The report also presents a summary of activities by the Small Business Capital Formation Advisory Committee during this past fiscal year.
The Office of the Advocate for Small Business Capital Formation will host its third annual “Capital Call” on January 19, 2022. It will be a virtual event, and participants can ask questions about the 2021 Annual Report and share perspectives on capital raising.
I recently spoke with Sebastian Gomez Abero, who serves as Deputy Director of the SEC’s Office of the Advocate for Small Business Capital Formation. Sebastian, who previously led the Office of Small Business Policy in Corp Fin, talked to me about the work of the Office of the Advocate for Small Business Capital Formation, including the recently launched capital-raising navigator. As I mentioned in this blog, the navigator seeks to steer companies to the most relevant resources about the offering exemptions that smaller companies commonly use to raise capital.