Supply chain financing has been a disclosure hot topic for a while now. In late 2022, FASB issued new standards that require qualitative and quantitative disclosure about reverse factoring arrangements and updated quarterly disclosure of a company’s outstanding balance of obligations. With one exception, the new standards were effective for fiscal years ending after December 15, 2022, including the interim quarterly periods, and apply retrospectively to each period in which a balance sheet is presented.
This alert from Morgan Lewis discusses findings from new disclosures under these standards, and it sounds like they run the gamut:
Several companies have disclosed their reverse factoring arrangements since the standards went into effect. Among the disclosing companies, some report reverse factoring programs that constitute a majority of their total money due to suppliers, whereas some report these programs as a small percentage of their overall accounts payable.
Companies also differ in how much information they disclose about these programs—some companies report the existence of supplier finance programs in their periodic reports along with the related financial metrics, while some others have only disclosed that they have these arrangements and that the outstanding payment obligations under them are not material to the company’s financial statements.
In light of the diverse approaches both in the use of supply chain financing and in related disclosure, companies need to be thoughtful about their disclosure approach. Here’s more from the alert:
Per FASB, an entity can determine the level of disclosure necessary to enhance transparency of their use of reverse factoring programs—for example, a company can aggregate its disclosures if it uses more than one reverse factoring program so long as such programs do not have substantially different characteristics.
Disclosure should support the goal of allowing a user of a company’s financial statement to understand the nature and magnitude of a company’s reverse factoring programs, including activity during the period and changes from one period to the next.
Companies with supply chain financing should think about reverse factoring programs more carefully and holistically, alongside their other debt financing arrangements. As supply chain financing continues to receive more attention from investors, accountants, and regulators, companies should include the programs in their normal reporting and treasury processes.
In April, John blogged about some pretty dismal data on the IPO market in the first quarter of this year. Fortunately, data from the first half of the year shows improvement, but the year-over-year swings are massive. Here’s an excerpt from this article on CFO Dive:
U.S. initial public offerings during the first half of 2023 raised $8.8 billion, an 87% jump compared with the same period last year but only about one-tenth the $84.2 billion surge in IPO proceeds during the first six months of 2021, EY said. During the first half of last year, U.S. IPOs raised a paltry $4.7 billion.
The article also highlighted how, when the market is down, one big IPO can really change the numbers, which puts these big swings in perspective:
Nearly half of the U.S. proceeds from January through June stemmed from the $4.4 billion IPO in May by Kenvue, a divestment by Johnson & Johnson of its consumer health care business.
The article generally has a positive outlook on the market for the next 12 months and encourages companies in that stage to start planning for an IPO and life as a public company.
In case you missed it, here’s an update on the CCPA from Gibson Dunn:
On June 30, 2023, Sacramento Superior Court Judge James Arguelles held that the California Privacy Protection Agency (CPPA) cannot enforce its regulations issued on March 29, 2023, until March 29, 2024—about nine months later than the date the California Privacy Rights Act (CPRA) permitted enforcement of any provisions added or amended by the law. This development provides helpful breathing room for businesses seeking to comply.
We non-data privacy people may feel like this is a hurry-up-and-wait-type situation, but the alert says: “It is important to note that this reprieve only exists for the new regulations issued under the CPRA on March 29, 2023, not all aspects of the CPRA.” Wait, CCPA? CPRA? CPPA? California’s privacy laws — and the interested parties involved — could compete for ESG with the number of confusing acronyms flying around. Luckily, the article gives a summary of the saga and reminds us what they all mean:
An advocacy group, Californians for Consumer Privacy, began collecting signatures and by 2018, was in position to successfully submit a ballot initiative for consideration by California voters in the November 2018 election titled the “California Consumer Privacy Act,” or CCPA. State legislators negotiated a compromise with key stakeholders, including Californians for Consumer Privacy, and enacted a last-minute compromise draft through the legislative process in exchange for pulling the initiative off of the November 2018 ballot. The state legislature passed the California Consumer Privacy Act (CCPA) as AB 375 and it was signed into law on June 28, 2018, with provisions becoming operative January 1, 2020.
After the passage of the CCPA, but even before it came into effect, Californians for Consumer Privacy remained dissatisfied with the state of California privacy law and began a second ballot initiative, the California Privacy Rights Act (CPRA). Voters approved the initiative in November 2020. The CPRA amended the CCPA by, among other things, adding additional consumer rights, including the right to correct inaccurate personal information, the right to opt out of certain “sharing” of data (rather than just the right to opt out of “sale” of data), and the right to limit the use and disclosure of sensitive personal information.
The CPRA also created the California Privacy Protection Agency (CPPA) and charged it with promulgating final regulations under the law and, along with the Attorney General, enforcing the law and those regulations. The CPRA specified that “[t]he timeline for adopting final regulations required by the act … shall be July 1, 2022” and “[n]otwithstanding any other law, civil and administrative enforcement … shall not commence until July 1, 2023[.]”
The CPPA, however, failed to finalize regulations by July 1, 2022, and businesses seeking to comply with the new requirements were left to wonder about both the ultimate content of the regulations and their potential enforcement exposure and liability. On March 29, 2023, nine months after the deadline, the CPPA issued final regulations relating to twelve of the fifteen topics contemplated by the CPRA—leaving businesses just three months to comply.
This decision was the result of a lawsuit by the California Chamber of Commerce. You’ll have to see the Gibson Dunn article or talk to your data privacy people to understand which regulations were delayed, but I hope this primer made those conversations more comprehensible!
Since we’re discussing data privacy, it seems like a good day to cover sanctions — another topic that’s outside my comfort zone but something corporate attorneys need to know at least a little about for compliance, governance and disclosure purposes. Developments in sanctions against Russia by the US, UK and EU have continued apace in the first half of 2023.
If you need an up-to-date “treatise,” this Debevoise publication has you covered. Things are happening so quickly, updates from the initial publication on June 14 to the July 10 “as of” date of this publication are highlighted in red. This is another topical area that’s keeping us very busy, and we’re continuing to post resources in our “Russia Sanctions” practice area.
Early this month, the SEC posted an order involving a company’s failure to disclose related party transactions involving family members of corporate officers. This omission highlights a trap for the unwary:
Smaller reporting companies qualify for scaled disclosure — scaled generally meaning less — but not for related-party transactions. Under Item 404 of Regulation S-K, SRCs must disclose related party transactions exceeding the lesser of $120,000 or 1% of the average of the company’s total assets at the end of the last two fiscal years, and the disclosure must cover two fiscal years, instead of one.
The company was an SRC during the period in question, and at least one of the undisclosed related party transactions involved dollar amounts below the $120,000 threshold for non-SRCs. According to the order, the relevant thresholds for the company over the covered fiscal years ranged from approximately $20,000 to $30,000, well below $120,000. This is an important reminder — especially for companies who have recently become SRCs or go in and out of SRC status — to update your policies, procedures and internal inquiries, including D&O questionnaires, if and when the lower threshold is relevant.
For other reasons, advisors of life sciences companies should read the entire order. The SEC also took issue with the company’s statements in two press releases about a screening test it developed to detect COVID-19. And the SEC wasn’t the only regulator who inquired about these statements — the FDA had also contacted the company with concerns about the language used.
With June 30th — a key date for calendar year-end public companies — just behind us, Cooley recently released a set of flowcharts to guide companies through “the statutory and regulatory requirements for entering and exiting non-accelerated, accelerated and large accelerated filer status, as well as smaller reporting company status.” This new resource starts by identifying information that users of the flowcharts should gather before working through them, including public float, annual revenue, and fiscal year information. It then addresses key questions through the following six flowcharts, which are color-coded for ease of use:
– Smaller Reporting Company – Initial Qualification and Annual Reevaluation for SRCs
– Smaller Reporting Company – Annual Reevaluation for Non-SRCs
– Non-Accelerated Filer – First Reevaluation for Non-Accelerated Filer After Becoming a Reporting Company
– Smaller Reporting Company and Non-Accelerated Filer – Annual Reevaluation for a Smaller Reporting Company and Non-Accelerated Filer
– Accelerated Filer – Annual Reevaluation
– Large Accelerated Filer – Annual Reevaluation
Join us tomorrow at 2 pm Eastern for the webcast – “Non-GAAP Developments: Enhancing Your Policies and Procedures” – to hear Honigman’s Mike Ben, Deloitte’s Pat Gilmore, Faegre Drinker’s Amy Seidel, and Covington’s Matthew Franker discuss non-GAAP developments and how you should be revamping your related disclosures, policies, procedures and controls.
Members of this site are able to attend this critical webcast at no charge. If you’re not yet a member, try a no-risk trial now. Our “100-Day Promise” guarantees that during the first 100 days as an activated member, you may cancel for any reason and receive a full refund. The webcast cost for non-members is $595. You can sign up by credit card online. If you need assistance, send us an email at info@ccrcorp.com – or call us at 800.737.1271.
We will apply for CLE credit in all applicable states (with the exception of SC and NE which require advance notice) for this 1-hour webcast. You must submit your state and license number prior to or during the program using this form. Attendees must participate in the live webcast and fully complete all the CLE credit survey links during the program. You will receive a CLE certificate from our CLE provider when your state issues approval; typically within 30 days of the webcast. All credits are pending state approval.
As the latest in a series of reminders, the Corp Fin Staff has posted a new sample comment letter regarding the disclosure obligations of companies based in or with a majority of their operations in the People’s Republic of China. As usual, the Staff provides an explanation and a series of sample comments. The explanation notes that Corp Fin is focused on the following three key areas of disclosure regarding China-specific matters:
– Disclosure obligations under the Holding Foreign Companies Accountable Act
– “Specific and prominent disclosure” about material risks related to the role of the government of the People’s Republic of China in the operations of China-based companies
– Disclosures regarding the material impacts of certain statutes including, for example, the Uyghur Forced Labor Prevention Act (UFLPA)
The sample comments focus on Item 9C of Form 10-K (Disclosure Regarding Foreign Jurisdictions that Prevent Inspections), risk factors and MD&A. With respect to risk factors and Corp Fin’s concern about government intervention, it reminds companies that the term “control” is broadly defined in the federal securities laws:
We remind companies that there are other ways in which a government or any person can exercise control over a company beyond appointing members to the board or having formal powers under the company’s organizational documents. The federal securities laws and regulations generally define the term “control” (including the terms “controlling,” “controlled by,” and “under common control with”) more broadly. For purposes of the Commission’s rules under the Securities Act of 1933 and the Securities Exchange Act of 1934, control “means the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a person, whether through the ownership of voting securities, by contract, or otherwise.”
With respect to MD&A, the Staff provides the following sample comment regarding the UFLPA:
We note that you appear to conduct a portion of your operations in, or appear to rely on counterparties that conduct operations in, the Xinjiang Uyghur Autonomous Region. To the extent material, please describe how your business segments, products, lines of service, projects, or operations are impacted by the Uyghur Forced Labor Prevention Act (UFLPA), that, among other matters, prohibits the import of goods from the Xinjiang Uyghur Autonomous Region.
As Dave shared right after the SEC adopted the new share repurchase disclosure requirements, additional disclosure is right around the corner. Domestic companies will be required to comply with the new disclosure and tagging requirements in their periodic reports on Forms 10-Q and 10-K (for their fourth fiscal quarter) beginning with the first filing that covers the first full fiscal quarter that begins on or after October 1, 2023. So, a company with a December 31, 2023 fiscal year end will be required to begin complying with the new disclosure and tagging requirements in their Form 10-K for the fiscal year ending on December 31, 2023 with respect to repurchases made during the quarter ending December 31, 2023.
This recent Proskauer alert suggests some action items that companies should consider taking now, before the fourth quarter. Here are tips from the alert:
We recommend that issuers consider their planned or ongoing stock buy‑back programs with a view to the new required disclosures that will cover periods at the end of the current fiscal year. Some issuers may consider modifying their current trading plans, but others merely should ensure that their current disclosure procedures and practices are updated to satisfy the new requirements. For example:
– given the requirement to disclose the objectives of buy‑back plans, it may be prudent to ensure that relevant minutes or resolutions of the Board of Directors address that subject;
– given the requirement to disclose policies and procedures related to transactions by officers and directors, should the company’s employee stock trading policies be re‑considered?
Last fall, Dave blogged about corporate compliance programs, noting that the White House has identified corporate compliance as an Administration priority. White & Case and KPMG recently released the results of a joint benchmarking survey of 201 senior decision-makers from more than 30 countries that has tons of helpful benchmarking data on corporate compliance programs. Not surprisingly, a number of recent hot topics — like third-party risk management and cybersecurity — got a lot of attention.
This page is packed with data-heavy infographics showing key insights at-a-glance. Here are some findings:
– Respondents reported that “use of third parties” was the greatest anti-corruption risk facing their company by far (59% versus the next highest risk “pressure to meet sales targets” at 36%)
– 43% reported that they annually review the content of the company’s anti-corruption compliance program, but only 28% tested its effectiveness annually (31% do not test their anti-corruption compliance programs at a regular cadence)
– Respondents ranked cybersecurity as top of their list of compliance priorities in the next 12 months
– Employees most often cited “fear of retaliation” as their top concern about using reporting mechanisms (55% for all respondents and 75% for respondents with > $50B in revenue)
The survey results show lots of opportunities for improvement and actionable items for companies to consider. Here are a few that stood out related to the key insights above:
– Regularly testing anti-corruption programs for effectiveness
– Measuring hotline awareness and effectiveness and addressing any employee concerns about hotline integrity
– Requiring third parties to complete anti-corruption training “to ensure third parties understand their obligations under applicable laws and relevant contract clauses, and to reinforce the consequences of non-compliance”
We have memos and other resources relevant to corporate compliance posted in our “Compliance Programs” Practice Area.