Speaking of complying with new disclosure requirements, I poured my heart and soul into the latest issue of The Corporate Executive, which has been sent to the printer. The latest issue is also available now online to members of TheCorporateCounsel.net who subscribe to the electronic format. The issue includes articles on:
– Getting Your Cybersecurity Disclosure Right: Our Annotated Sample
– Do Rule 10b5-1 Plans Still Make Sense?
– Generative AI: What Should You Be Thinking About Now?
Don’t miss out on the practical guidance that The Corporate Executive has to offer. Email sales@ccrcorp.com to subscribe to this essential resource.
On Wednesday, a panel of 5th Circuit judges rejected a challenge to Nasdaq’s board diversity rule. In Alliance for Fair Board Recruitment v. SEC, (5th. Cir.; 10/23), the Court was unpersuaded by the plaintiffs’ argument that the diversity rules violate the 1st and 14th Amendments to the U.S. Constitution and the SEC’s statutory obligations under the Exchange Act and the Administrative Procedure Act.
In order for the 1st & 14th Amendments to be implicated by Nasdaq’s rulemaking, the plaintiffs had to establish that the rules involved “state action.” The plaintiffs made two arguments in support of that position. The first was that Nasdaq was itself a governmental entity, and the second was that Nasdaq’s rules were attributable to the government, and that as a result constitutional constraints on its actions applied. As this excerpt from the opinion indicates, the Court wasn’t very impressed with the argument that Nasdaq should be regarded as a government entity:
Nasdaq is a private entity. It is a private limited liability company wholly owned by Nasdaq, Inc., a publicly traded corporation. Nasdaq’s board of directors is selected by its broker-dealer members and by Nasdaq, Inc., and companies wishing to list on Nasdaq do so by entering into contracts with Nasdaq. While Nasdaq must register with and is heavily regulated by the SEC, the Supreme Court has made clear that a private entity does not become a state actor merely by virtue of being regulated. “[T]he ‘being heavily regulated makes you a state actor’ theory of state action is entirely circular and would significantly endanger individual liberty and private enterprise.” Halleck, 139 S. Ct. at 1932.
The argument that Nasdaq’s rules were attributable to the government didn’t fare any better with the Court. It noted that in order for the actions of a regulated entity to be attributed to the government, there had to be a close nexus between the State and the challenged action. That nexus had been found to exist only in a few limited circumstances, “including, for example, (i) when the private entity performs a traditional, exclusive public function; (ii) when the government compels the private entity to take a particular action; or (iii) when the government acts jointly with the private entity.” The Court found that none of these circumstances were present in this case.
The Court also rejected claims that the SEC’s actions exceeded its authority under the Exchange Act and was arbitrary and capricious in approving Nasdaq’s diversity rule. One aspect of this part of the opinion that’s worth noting is that the Court specifically rejected a claim that the SEC lacked the authority to promulgate rules requiring disclosures that weren’t material to investors:
[A] disclosure rule can be “related to the purposes of [the Exchange Act],” 15 U.S.C. § 78f(b)(5), even if the SEC does not find that the disclosure rule is limited to information that would be “material” in the securities fraud context. The “fundamental purpose” of the Exchange Act is “implementing a philosophy of full disclosure,” Levinson, 485 U.S. at 230 (internal quotation marks and citation omitted)—not just the disclosure of information sufficient to state a securities fraud claim. Indeed, the Exchange Act gives the SEC “very broad discretion to promulgate rules governing corporate disclosure.”Nat. Res. Def. Council, Inc. v. SEC, 606 F.2d 1031, 1050 (D.C. Cir. 1979).
While the decision is a resounding win for Nasdaq and the SEC, it’s unlikely that this will be the last word on the case. As this Reuters article points out, the defendants drew a very favorable panel comprised entirely of Democratic appointed judges. If the plaintiffs appeal to the full 5th Circuit, the SEC & Nasdaq may well face a more hostile reception, because 12 of the 16 judges there were appointed by Republican presidents.
We’ve previously blogged about the Corporate Transparency Act, which requires non-exempt entities to disclose information about their beneficial owners to FinCEN. Well, the New York LLC Transparency Act, which is currently awaiting Gov. Hochul’s signature, could impose beneficial ownership disclosure obligations that go beyond those contemplated by the CTA. This excerpt from a BakerHostetler memo explains:
If it becomes law, the NYTA will require all LLCs formed or registered to do business in New York to disclose to the New York Department of State the same beneficial ownership information that such LLCs will need to disclose to the Financial Crimes Enforcement Network (FinCEN) under the CTA.
While both pieces of legislation have similar goals and impose similar disclosure obligations, they differ drastically in terms of the use and availability of the information submitted. Under the CTA, the beneficial ownership database is kept confidential and may be accessed only by law enforcement agencies and financial institutions in limited circumstances. But under the NYTA, the names and business addresses of the beneficial owners of LLCs will be made publicly available in a searchable database.
The New York Legislature passed this bill in June, and it’s been waiting on the Governor’s desk since then. The memo says that it is unclear whether she will sign it, but that if she vetoes it, the Legislature can override that action by a 2/3rds vote of both houses.
When I’m reduced to blogging about things like pending NY LLC transparency legislation, you know we’ve reached the end of a slow news week here at TheCorporateCounsel.net. Since that’s the case, I thought it might be fun to might close things out today by checking in with America’s most entrepreneurial hip-hop artists, The Wu-Tang Clan, to see whether they’re up to anything interesting on the business front.
That’s a dumb question to ask when it comes to The Wu-Tang Clan, because they’ve always got some interesting business deals going on. In recent years, the group’s entrepreneurial ventures have focused on digital assets, and I’ve blogged about things like Method Man’s NFT venture & Ghostface Killah’s ill-fated ICO deal. Now, however, it looks like the burgeoning legal cannabis market has caught the eye of at least a couple of Wu-Tang members.
According to this article, the Newark, NJ City Council has signed-off on Raekwon’s application to open a branch of his “Hashstoria” cannabis dispensary in the city, and Raekwon promises big things to potential customers:
When it’s complete, Hashstoria’s newest location in Newark will have “the finest greenery on the planet.” That’s the pledge from Raekwon, the Wu-Tang Clan rapper who is bringing a cannabis dispensary and smoking lounge to New Jersey’s largest city.
Raekwon previously posted a message on Instagram about the planning board’s approval of Hashstoria in Newark, saying that it will be a “culture-shifting endeavor” and it is “guaranteed to be the top tier consumption lounge / dispensary to hit the east coast period.”
Not to be outdone by his colleague, Method Man recently announced that his own cannabis-related venture would be expanding into New York State:
TICAL Official, the cannabis brand spearheaded by Wu-Tang Clan’s Method Man, has officially graced New York State’s adult-use cannabis shelves. Collaborating with Central Processors NY and Adirondack Hemp Company, the brand’s entrance into the market has been both highly anticipated and symbolically significant. Rapper, actor and entrepreneur, Method now hopes to bring a different kind of soothing relief with his TICAL Official cannabis brand to his home turf. The initial offering features Central Processors’s prerolls and edibles, with indications that the product line is set to expand over the subsequent months.
The potential upside of a vertical merger involving Method Man’s chronic brand and Raekwan’s smoke shops seem obvious enough to me that I expect that it won’t be too long before we add a conflict with FTC Chair Lina Khan & her antitrust enforcement team to the “Beefs” section of our “Wu-Tang Clan” Practice Area.
We’ve previously blogged about the split between the circuits over whether deficiencies in MD&A disclosures, standing alone, are sufficient to give rise to a private Rule 10b-5 claim & efforts to persuade the SCOTUS to address the issue. Late last month, the Court granted cert in Macquarie Infrastructure Corp. v. Moab Partners, L.P., a case from the 2nd Cir. where the ability to rely on non-compliance with Item 303’s requirements to state a securities fraud claim is front and center. This excerpt from Debevoise’s recent memo on the Court’s decision to review the case discusses what’s potentially at stake:
The Supreme Court’s decision could have a significant impact on private securities fraud litigation, should Item 303 omissions be allowed to serve as a basis for Section 10(b) liability. This change would enable plaintiffs to establish a duty to disclose when they otherwise may not be able to plead an omission case, potentially expanding Rule 10b-5 liability to more closely resemble Section 11 and 12(a)(2) liability for omissions of “a material fact required to be stated.”
Although expanding the private cause of action under Section 10(b) and Rule 10b-5 in this way could incentivize issuers to over-disclose in an effort to prevent costly shareholder suits, issuers are already subject to SEC review and enforcement action regarding omissions in MD&A, so the practical impact of the Supreme Court’s decision on issuer activity may be negligible.
However, if the Court determines that Item 303 violations can serve as a basis for Rule 10b-5 liability, the ruling may raise questions about whether other disclosure obligations under Regulation S-K should be afforded similar treatment. In light of the upcoming changes to Regulation S-K, including significant new requirements related to cybersecurity risk management and climate change disclosures, the Court’s decision in Macquarie could have broader implications for issuer liability.
The memo also provides background on the Macquarie litigation and reviews the divergent positions that the 9th Cir. and 2nd Cir. have taken on whether there is a private right of action for MD&A disclosure shortcomings, so it’s a great way to get up to speed on the issues before the SCOTUS.
A recent Audit Analytics blog discussed the results of its review of situations in which companies have repeatedly disclosed that their internal control over financial reporting, or ICFR, was ineffective. As this excerpt indicates, repeat negative ICFR assessments happen a lot more than you may have thought:
A repeat adverse disclosure is when a company that filed an adverse ICFR disclosure the prior year, files another for the current year. Over the 19-year period, we found that there were 4,892 companies that had at least one repeat adverse ICFR disclosure. Between 2004 – 2022, 3,636 companies filed between one and four repeat adverse disclosures each. On the other hand, 81 companies filed a repeat adverse disclosure between 13 and 16 times over the period.
The blog says that accounting documentation, policy and/or procedures was cited as a deficiency in 98% of repeated adverse disclosures between 2004 and 2022. Unspecified FASB/GAAP issues were the most common accounting issue, cited in 73% of repeated adverse disclosures. The blog goes on to identify the other commonly cited internal controls and accounting issues cited in repeated adverse disclosures.
Woodruff Sawyer recently published its annual D&O Market Update, which discusses the roller coaster ride that public companies have experienced when it comes to D&O insurance premiums over the past few years. The report notes that during the second half of 2021, 71% of public companies renewing the same year-over-year program experienced a price increase, while just a year later, 87% of public companies achieved a decrease in the cost of their renewal program.
Favorable market trends accelerated into the first half of 2023, and this excerpt suggests that in the short term at least, those favorable pricing trends will continue:
As we move into the second half of 2023 and look ahead to 2024 and beyond, 63% of underwriters predict that D&O rates will stay the same, with another 30% expecting that rates will continue to fall. Our own forecast is that public companies will continue to see savings—but on a more moderate basis—compared to the sizeable savings achieved in the second half of 2022 and so far in 2023.
The publication provides some color on the reasons for the significant price increases that D&O insurance buyers experienced during 2021 and the first half of 2022, and cautions that some underwriters are concerned that continued price decreases may lead to a “whipsaw” effect on premiums in a few years.
Senior officials at the SEC’s Division of Enforcement have long touted the potential benefits that companies may derive by cooperating with its investigations, but it’s not always clear what companies have to do to move the needle. This K&L Gates memo looks at the terms of recent settlements and identifies some of the cooperation factors that are likely to contribute to reduced penalties – or even a decision not to impose penalties. Here’s an excerpt:
First, an important driver in whether a penalty is imposed is whether the entity promptly self-reports potential misconduct upon learning it or not. In each of the actions described above that did not impose a penalty, the entity self-reported the conduct to the SEC.
A second factor cited in the orders is the extent to which the entity provides information to the staff as it investigates the matter. Among the actions cited favorably are hiring outside counsel to conduct an independent internal investigation, providing the SEC with facts developed in that internal investigation (including presentations of interim findings and highlighting key documents and witnesses), promptly making witnesses available, providing detailed explanations of factual issues, facilitating testimony of former employees, providing relevant documents without requiring subpoenas, and providing translations of foreign-language materials.
Third, the SEC has highlighted that the entities voluntarily took remedial measures in response to the issues discovered. Such measures have included replacing management and board members, commencing an audit of compliance programs, revising procedures, holding compliance trainings with employees, creating employee guides or toolkits with commonly asked questions regarding the federal securities laws, and voluntarily ceasing the at-issue conduct.
If this sounds familiar, it probably should, because the memo points out that these are the same type of actions that the DOJ looks for when it assesses whether cooperation credit is appropriate.
Despite the SEC’s statements and the evidence provided by recent settlements, many companies are still skeptical about whether there’s much upside in going above and beyond in cooperating with the SEC. The memo acknowledges that this isn’t an irrational concern. That’s because the SEC isn’t exactly a model of consistency, and sometimes imposes significant penalties notwithstanding a high degree of cooperation by the company involved in the enforcement action.
There’s been a lot of discussion in recent months about generative AI and its implications for, well, everything. In keeping with that, we’ve added an avalanche of resources to our “Artificial Intelligence” Practice Area since the beginning of the year. There are two new additions that I think will give you a taste for the kind of really helpful materials that we’re posting in that practice area. The first is this 49-page Foley memo that takes a deep dive into the legal & operational issues associated with generative AI. This excerpt highlights some of the legal risks:
Another of AI’s most significant legal risks is the potential for bias. AI systems are as good as the data they are trained on. If that data is biased, the AI system will also be biased. This can lead to outcomes that violate anti-discrimination laws. For example, an AI hiring system trained on historical data that reflects biased hiring practices may perpetuate that bias and result in discrimination against certain groups.
Another legal risk of AI is the potential for violating privacy laws. AI systems often require access to large amounts of data. If that data includes personal information, businesses must comply with relevant privacy laws, such as the General Data Protection Regulation (GDPR) in the European Union or the California Consumer Privacy Act (CCPA) in the United States.
The second new resource is this Mayer Brown memo, which addresses the emerging legal frameworks for governing AI in jurisdictions throughout the world & their implications for corporate boards. Here’s the intro:
Currently, there are artificial intelligence (“AI”)-related legal frameworks pending or proposed in 37 countries across six continents. Even within each particular country, multiple governmental agencies are claiming AI as within their jurisdictional reach. For example, in the United States, the Consumer Financial Protection Bureau, Department of Justice, Equal Employment Opportunity Commission, Food and Drug Administration, Federal Trade Commission and the Securities and Exchange Commission each has issued guidance or otherwise indicated through enforcement activity that they view AI as within their respective purview of current regulatory and enforcement authority.
The memo goes on to discuss the policy rationale behind these legal frameworks & the importance of acquainting boards with their requirements. It also offers guidance on ways to help ensure that directors are prepared to provide appropriate oversight in this area.
The SEC has been pretty active over the past year in adopting new disclosure requirements, many of which companies are going to be required to comply with in their Form 10-Q and Form 10-K filings over the course of the next year. This Weil memo identifies these new disclosures, provides a snapshot of the compliance dates for calendar year end companies, and offers some guidance on how to prepare to comply with them. Not surprisingly, the memo’s recommendations focus on the need for companies to take a hard look at their disclosure controls and procedures:
Companies should confirm that disclosure controls and procedures have been updated and evaluated as they prepare to meet the timely disclosure of information required by the new rules. Companies also should be reviewing and updating various policies that will be required to be either filed or described publicly for the first time, such as the company’s insider trading policy, share repurchase processes and procedures, and cybersecurity risk management, strategy, and governance
The memo goes on to identify some specific actions that companies should take regarding their disclosure controls and procedures for each of these new disclosure mandates, if they haven’t already done so.