Here’s an anecdote from the Wall Street Journal that you might find very exciting or very scary, depending on your perspective:
At a recent bank board meeting, directors were treated to a surprise. They listened to the chief executive talk strategy—except it wasn’t actually the CEO talking. It turned out to be a voice-cloning model that was trained, using the CEO’s prior earnings calls, to generate new content.
This was a staged exercise to “grasp the impact — and potential risks — of generative artificial intelligence,” but it still seems like one of those exercises in preparation that might make you (or any board member) feel worse and not better! Unsurprisingly, the article says the meteoric rise of AI in corporate America is keeping directors up at night. The article suggests that board members regularly ask the following questions, among others, to the management teams:
Who in senior leadership focuses on AI?
Where is AI being used within the company?
How are tools being identified and ranked for risk?
How are third-party providers using it, and how are boards monitoring evolving regulatory regimes and litigation?
Over at the D&O Diary, Kevin LaCroix gave his perspective on the article, saying, “while many directors recognize the importance of getting a handle on AI and how it might affect their companies, they are struggling to find the right approach even as AI-related questions become more pervasive.” And that could be a problem. Kevin points out that “questions concerning possible AI-related board liability exposures pervade all of these issues [and] companies that experience AI-related problems or disruption could well face the unwanted attention of plaintiffs’ lawyers, who, armed, with the benefit of hindsight, might well scrutinize prior company actions, particularly board activity.”
There’s no magic fix, but for a resource that can help boards and audit committees struggle through, take a look at the Center for Audit Quality’s recently released guide “Audit Committee Oversight in the Age of Generative AI” intended to “aid audit committee members looking to dedicate more time discussing AI governance by providing an overview of genAI and questions audit committees can ask to better understand company management’s approach to the use of genAI and oversee the related risks” — especially focused on use in financial reporting and ICFR.
The questions address risk considerations related to governance, data privacy and security, technology selection and design, technology deployment and monitoring, fraud and the regulatory environment. Some are intended to be addressed to management and others to the outside auditor. All of the questions are pulled out of the full resource and listed separately in Appendix A for easy reference.
Public company boards are far from the only group struggling with how to navigate the corporate and competitive landscape in an AI-powered world. This recent Bloomberg Law column says that law firms are starting to adjust their near-term expectations for genAI by “acknowledging that today’s AI tools are better at boosting back-office efficiency rather than redesigning how client work is handled.”
Redesigning the way lawyers produce work for clients—or figuring out how to build a business model that plugs the holes AI blasts in the billable hour—are largely problems for another day, said Charles Adams, Clifford Chance’s global managing partner.
He compared the coming change to early in his career when red-lining technology eliminated the need for lawyers to manually mark-up changes to documents, blowing up a large portion of associate work. Generative AI will lead to a similar moment, he said, but nobody yet knows what it will be or when it will happen.
[…] Law firm partners pushed firms to invest in the technology, excited by its potential, said Sente Advisors’ McClead. That was a change from typical tech adoption, which usually requires convincing lawyers to get on board, he said. [Now…] “We’re reaching a critical mass where they’re using it, finally, and saying: ‘But it doesn’t do what I thought it was going to do.’”
Some law firms have dedicated the time to understand where the current capabilities of gen AI can — and can’t — help their teams. The article notes that some M&A practitioners feel “today’s AI tools lack the accuracy and functionality that would make them useful in the dealmaking space.” On the other hand, the article says some early adopters of Microsoft CoPilot are finding it useful to improve the tone of an email or generate notes:
“For one of my emails, it said you’re conveying a lot of anxiety and stress. And I was like, you know what, I want that conveyed. Because I have anxiety and stress about this,” [Sharis Pozen, managing partner of the Americas for Clifford Chance] said, adding, “I absolutely love it.”
The tool has also generated notes for video meetings with recruiters, saving staff time on a previously manual task, she said. The firm wants its lawyers to experiment with the technology and use it in ways that saves them time.
David Cambria of Epiq says, “law firms are torn between FUD—fear, uncertainty and doubt—and FOMO, the fear of missing out.” Aren’t we all!
SCOTUS is poised to review a Ninth Circuit decision of great interest to us all — addressing whether Facebook could be held liable under antifraud rules for failing to disclose risks that had materialized but presented no known risk of ongoing or future harm. The Court granted cert in Facebook, Inc. v. Amalgamated Bank in June and is poised to hear oral arguments on November 6.
The case involves the same disclosures at issue in a 2019 SEC enforcement action but involves a securities class action lawsuit filed by Amalgamated Bank. Here’s the background from this Kramer Levin article:
Amalgamated Bank filed a securities class action alleging that defendant Facebook Inc. made materially false and misleading statements and omissions regarding the risk of improper access to or disclosure of Facebook user data. Facebook’s 2016 Form 10-K disclosures included risk factors such as “[a]ny failure to prevent or mitigate … improper access to or disclosure of our data or user data … could result in loss or misuse of such data, which could harm [Facebook’s] business and reputation and diminish our competitive position.” Plaintiffs alleged that at the time these risk factor statements were made, Facebook knew that on two prior occasions, Cambridge Analytica, a political consulting firm, had improperly collected and harvested Facebook users’ personal data. Accordingly, plaintiffs alleged that the risk factors identified in the Form 10-K were false and misleading because they framed the risk of data misuse as merely hypothetical, belying the fact that such data misuse had already occurred.
[The Ninth Circuit] found that the plaintiffs had adequately pleaded falsity as to the risk factors disclosed in Facebook’s Form 10-K regarding whether misuse of Facebook users’ data could harm Facebook’s business, reputation and competitive position. In so finding, the majority pointed to its reasoning in In re Alphabet, decided after the district court dismissed plaintiffs’ complaint. In In re Alphabet, the Ninth Circuit held that falsity allegations could survive a motion to dismiss when the complaint plausibly alleged that a company’s Securities and Exchange Commission (SEC) filings warned that risks “could” occur, when in fact those risks had already materialized. Relying on this holding, the majority found that the plaintiffs had sufficiently alleged the falsity of Facebook’s risk factor statements. […]
Facebook’s petition for certiorari presented two questions for the Court’s consideration, of which it granted review of one: whether risk disclosures are false or misleading when they do not disclose a risk that has materialized in the past, even if that past event presents no known risk of ongoing or future business harm. […] The petitioners contend that the Ninth Circuit’s holding creates a three-way split among eight circuits regarding what companies must include in “risk factors” disclosures.
The article notes that law professors, former SEC officials, legal policy institutes and industry groups had submitted amicus briefs in support of the petition for cert. Briefs on the merit have been submitted in August (and may continue to be submitted until September 24). The Society for Corporate Governance and the Chamber both argue that risk factor disclosures cannot support liability based on failure to disclose past events and urge SCOTUS to reaffirm “that Item 105 calls for prospective disclosures. Hypothetical phrasing about the future does not generally imply the absence of past incidents.” The Society’s brief suggests liability for hypothetical phrasing is only appropriate in very limited circumstances:
Insofar as forward-looking Risk Factors could be misleading as to past events or existing conditions, this Court should allow such a reading only where the risk disclosure implies a specific fact that is incorrect. For example, “a caution that ‘the price of our primary input may rise above $5 next quarter’ could certainly cause a reasonable investor to conclude that the price was, at present, $4.99 or less.” In re Mylan N.V. Sec. Litig., No. 16-cv-7926 (JPO), 2018 WL 1595985, at *9– 10 (S.D.N.Y. Mar. 28, 2018). But such specificity is not the norm, and the Court should not extend liability outside this narrow exception. Otherwise, litigants will continue to deliberately misread companies’ statements concerning hypothetical future risks to mean that such risks have never materialized in the past, subverting the plain, forward-looking focus of Item 105.
More to come on this one, which we’ll be following closely! For now, have a wonderful Labor Day Weekend! Our blogs will resume Tuesday.
Eye-popping SEC whistleblower awards continue. Last week, the SEC announced two awards totaling over $98 million and then, early this week, another two awards totaling over $24 million. (One individual whose tip prompted the opening of the investigations is receiving an award of $82 million! And this is still significantly below the record!) As a reminder, whistleblower awards can range from 10% to 30% of the monetary sanctions where they exceed $1 million.
While these few whistleblowers were getting multimillion-dollar awards, the U.S. Court of Appeals for the D.C. Circuit confirmed something Liz highlighted last year — the very limited circumstances under which lawyers may claim an award. As the opinion explains:
Under the Commission’s regulations implementing its whistleblower award program, an attorney may not receive a whistleblower award for disclosing information obtained during the representation of a client unless the attorney’s disclosure was permitted by the applicable state bar rules or the Commission’s attorney conduct regulations.
But the circumstances of this case were a bit unique. Here’s the background:
Defendants had offered and sold the securities of a corporate entity. In doing so, the Defendants had misrepresented to investors in the securities offering that their money would be used to fund a particular project (the “Project”). Instead of spending investors’ funds on the Project, however, Individual 1 and Individual 2 misappropriated a large portion of investors’ funds for their personal use. …
Doe was employed as in-house counsel at a company. The Company was owned and controlled by Individual 1 and provided assistance in connection with the Defendants’ securities offering. … During the course of his employment at the Company, Doe came across information that indicated that Individual 2 was misappropriating money invested in the securities offering. Individual 2 did not own, control, or play any formal role at the Company.
Doe filed a whistleblower tip with the Commission. In his tip, Doe explained that Individual 2 was misappropriating investors’ funds for his personal use and that, as a result, the Project that the securities offering was supposed to fund would never be completed. … Doe explained that he believed his disclosure would serve his client’s interest by “preventing further misappropriation by [Individual 2], possibly recovering funds that had been misappropriated, and helping lead to the successful completion of [the Project].” …
Although Doe’s whistleblower tip did not mention the Company or Individual 1, both were investigated by the Commission as a result of Doe’s tip and ultimately subject to enforcement actions.
The SEC determined that Doe’s disclosure was not permitted by the Florida Rules of Professional Conduct. Doe sought reconsideration based on the rule that permits a lawyer to reveal confidential information to the extent necessary to serve the client’s interest. The court did not find this persuasive:
The record demonstrates that at the time he filed the tip, Doe believed that the Company was implicated in the securities fraud scheme. In reporting on the suspected wrongdoing, then, Doe was reporting on his own client. Common sense therefore dictates that Doe could not have reasonably believed that he was acting in his client’s best interest. … Doe informed the Commission, for example, that his “goal” in submitting this tip was “to prevent [his] client . . . from committing a crime.” Doe elaborated that he intended for the Commission to investigate the entire securities offering, including his client; he explained, “I fully expected my tip to result in such a widely encompassing investigation” and “I intended for that to occur.”
But remember, whistleblower award or no, lawyers still need to report “up the ladder” under SEC rules!
With some signs showing that market conditions for IPOs may be improving, more companies may be asking two questions: Can I go public? And, if so, what do I need to do now? This HLS blog from Orrick attempts to answer the first question by assessing 79 non-SPAC IPOs that priced through June 30, 2024 and comparing those that traded up versus those that traded down. The data showed some trends in post-IPO performance depending on market cap and trailing twelve-month (TTM) revenue:
Of the 20 companies that listed with a market cap of $1 billion or more, only six have traded down so far. In contrast, of the 12 companies that listed with a market cap between $500 million and $1 billion, half have traded up, and half down. And of the 47 companies that listed with a market cap below $500 million, 39 have since traded down.
Of the 21 companies with around $300 million or more in TTM revenue, only seven experienced early stock price declines, with the results below that threshold much more mixed. Of the 12 companies with between $50 million and about $200 million of revenue, five have traded up and seven have traded down. And of the 46 companies with less than $50 million of revenue, only 8 have traded up.
For those looking to capitalize on an open IPO window, this Cooley blog walks through how to prepare. Steps 3 and 4 in the process address conducting a public company readiness assessment and establishing a timeline to address any issues. The blog lists these considerations (while acknowledging that this is not comprehensive):
Financial reporting and internal controls readiness
– Identify personnel needs.
– Assess Sarbanes-Oxley Act of 2002 (SOX) compliance readiness.
– Assess annual and quarterly financial statement closing timeline readiness.
– Review IT and cybersecurity readiness.
Audit and tax readiness
– Identify key accounting and tax issues.
– Flag “cheap stock” exposure and/or remediation measures required.
– Review past or planned significant acquisitions to determine financial statements required.
– Map Public Company Accounting Oversight Board (PCAOB) audit timelines.
Legal readiness
– Identify and analyze legal risks, such as:
Data privacy risks, including regulatory compliance (General Data Protection Regulation, California Consumer Privacy Act, and others)
Other regulatory risks
Intellectual property risks, including related to disputes, patent coverage, Proprietary Information and Inventions Assignment Agreements, and contractor agreements
Pending or threatened litigation exposure
– Audit the company’s capitalization table to identify what actions may be required to ensure all company equity is properly authorized and issued.
Governance readiness
– Determine what changes to the executive team may be necessary or desirable.
– Review board composition and identify changes needed to:
Meet stock exchange independence requirements
Meet applicable diversity requirements or desired standards
Enhance the collective expertise of the board to improve performance, anticipate investor demand or meet stock exchange requirements
Establish stock exchange-compliant committees
– Audit existing governance policies to identify gaps.
Human resources readiness
– Review compensation practices to see if they are competitive, appropriate, and ready to withstand public scrutiny.
Last week on Section16.net, Alan Dye blogged about a recent decision regarding Rule 16b-3. Here’s the intro:
Peter Romeo and I have noted many times that neither the courts nor the SEC has ever addressed the question whether Rule 16b-3 exempts a transaction between the issuer and an officer or director if the transaction is approved while the person is an officer or director but occurs after termination of service. Uncertainty exists because the rule exempts transactions with an officer or director (not a former officer or director), and the question usually comes up in connection with such post-termination transactions as tax withholding upon the exercise of an option or a pay-out of stock units in a deferred compensation account. Most practitioners have gotten comfortable that the exemption should be available, and a recent decision by the SDNY dismissing a complaint appears to support that conclusion.
The blog continues with a discussion of the complaint and the decision. There have been lots of Section 16-related developments this summer that Alan has been covering over on Section16.net. As a member of Section16.net, you can subscribe to get Alan’s updates delivered right to your inbox so you don’t miss out on any timely reminders or related court decisions. If you’re not currently receiving other blogs by email, you can sign up here!
In March, John shared that the results of the PCAOB’s last inspection reports on the Big 4 accounting firms were…not great. New inspection reports are now out showing that the overall deficiency rate among the Big 4 has stabilized versus the prior year. The WSJ reports:
The firms collectively had an average deficiency rate of about 26%, the same as a year earlier. PCAOB Chair Erica Williams said the findings from the inspections released Thursday, which covered audits of 2022 financials, were still unacceptable.
Deloitte and PwC’s U.S. units had rates of 21% and 18%, respectively, both up from 17% and 9% a year earlier. EY continued to have the highest deficiency rate among the Big Four in the U.S., at 37%, down from 46% the year prior, which marked a surge from 21% the year before that. KPMG’s rate fell to 26% from 30%.
The WSJ subsequently reported on EY’s efforts to refresh its audit practice, including by “resigning from serving certain public-company audit clients and limiting new clients” starting about 18 months ago. It’s also focused on enhancing audit tools & methodology (investing “$1 billion over three years in part to strengthen artificial intelligence-enabled audit and tax platforms”) and improving training.
We’ve heard a lot from the PCAOB about the need to improve audit quality and reduce these deficiency rates, so it might seem surprising that rates only leveled out (without improving overall). But keep in mind that the results John covered in March were from 2022 inspections of 2021 audits, and the numbers reported by the PCAOB now are from 2023 inspections of 2022 audits. The PCAOB’s press release notes that these inspection reports were released “months sooner than reports have been released in recent years thanks to ongoing efforts to speed the release of reports.” It also highlights additional accompanying resources:
– The inspection reports are accompanied by a new staff Spotlight publication, which provides an overview of staff observations from the 2023 inspections.
– The PCAOB also published new charts on its website illustrating much of the data in the U.S. GNFandU.S. annual Non-Affiliate Firms (NAF)inspection reports for the first time as part of ongoing efforts to increase transparency in inspection data and make it easier for stakeholders to understand and compare inspection results both across firms and over time.
This additional transparency should allow audit committees to better evaluate auditor performance and monitor audit quality, in line with Chief Accountant Paul Munter’s statement on the recent increase in deficiency rates found in audit inspections and the audit committee’s role in ensuring high-quality audits.
In early July, John blogged about a rare SEC comment letter to Kimmeridge Energy Management LLC questioning the timing of a Schedule 13D filing and shared a newsletter from Olga Usyvatsky predicting “we will likely see more SEC comments on 13D and 13G filings.” Remember that in October 2023 the SEC adopted amendments shortening the deadlines.
It sounds like Olga’s prediction is coming to pass. Barnes and Thornburg recently blogged about a more recent SEC comment letter also challenging the timeliness of a Schedule 13D filing. Here’s the comment & response:
We note the date of the event reported as requiring the filing of the Statement was February 12, 2024. Rule 13d-1(a) of Regulation 13D-G requires the filing of a Schedule 13D within five business days after the date beneficial ownership of more than five percent of a class of equity securities specified in Rule 13d-1(i)(1) was acquired. Based on the February 12, 2024 event date, the Schedule 13D submitted on May 3, 2024 was not timely filed. Please advise us why the Schedule 13D was not filed within the required five business days after the date of the acquisition.
The Company respectfully advises the Staff that the Schedule 13D was not filed within five business days after the February 12, 2024 event date because the Company initially considered itself eligible to file on Schedule 13G with respect to its holdings in Kyverna Therapeutics, Inc. (“Kyverna”).
The Company was a stockholder of Kyverna since prior to its initial public offering (the “IPO”), which closed on February 12, 2024. At the closing of the IPO, based on its holding of an aggregate of 4,523,924 shares of common stock underlying shares of Series A-1 convertible preferred stock, all of which converted into shares of Kyverna’s common stock at the closing of the IPO, the Company believed that it is entitled to report its beneficial ownership of Kyverna’s equity securities on a Schedule 13G on a later date.
As disclosed in the Schedule 13D, Vida Ventures III, L.P. and Vida Ventures III-A, L.P., funds separately managed from, but affiliated with, the Company acquired a total of 253,136 shares of Kyverna’s common stock at the closing of the IPO. The Company disclosed its beneficial ownership of shares of Kyverna’s common stock, together with such affiliated entities, on a Form 4 promptly following the closing of the IPO, on February 14, 2024. However, the Company was not aware at the time that it was obligated to report such beneficial ownership on a Schedule 13D. Following a review of the affiliated position, including review of Staff guidance with respect to Section 13 filings, the Company determined a 13D was appropriate and filed the Schedule 13D on May 3, 2024. The Company respectfully advises the Staff that future filings by the Company with respect to its beneficial ownership in equity securities of Kyverna will be timely made in accordance with Rule 13d-1(a) of Regulation 13D-G.
The blog says no follow-up letters were made public, and the SEC Staff seems to have accepted this explanation, but warns of a “larger takeaway” — that “the SEC staff appears to be monitoring these filing deadlines as the new rules are implemented,” and “it could also indicate that the reported SEC enforcement sweep on violations of Section 16(a), Section 13(d) and Item 405 disclosure obligations is continuing.”
Last week, I blogged about Vice Chancellor Laster’s opinion in Seavitt v. N-Able, (Del. Ch.; 7/24). One of the more interesting aspects of his opinion addressed the permissibility of language in N-Able’s certificate of incorporation making certain of its provisions “subject to” the terms of the stockholders’ agreement that was at issue in the case. The defendants argued that this was permitted by Section 102(d) of the DGCL, which provides that:
“Any provision of the certificate of incorporation may be made dependent upon facts ascertainable outside such instrument, provided that the manner in which such facts shall operate upon the provision is clearly and explicitly set forth therein. The term “facts,” as used in this subsection, includes, but is not limited to, the occurrence of any event, including a determination or action by any person or body, including the corporation.”
Vice Chancellor Laster disagreed that the “ascertainable facts” language of Section 102(d) was broad enough to permit the incorporation by reference of a stockholders’ agreement into a corporate charter. This Paul Weiss memo summarizes the key points underlying his reasoning:
“Facts ascertainable” are not “provisions ascertainable.” The court reasoned that Section 102(d)’s reference to “facts” ascertainable outside a charter does not include outside “provisions” or other incorporation by reference of a broad, substantive nature. According to the court, “facts ascertainable” refers to specific inputs and are not a vehicle for introducing substantive provisions. According to the court, the examples of “facts” given in the statute (i.e., “the occurrence of any event” or “a determination or action by any person or body”) supported its conclusion. While the court distinguished and took no issue with references to private agreements for limited facts (e.g., the identity of parties or whether there has been a breach of the agreement) or references to laws and regulations (e.g., the definition of “affiliate” in the U.S. Securities and Exchange Act of 1934), a Delaware corporation cannot simply create substantive charter terms through an external, private document.
Public unavailability of private agreements. The DGCL requires charters to be publicly filed, but not a private agreement. The court reasoned that the public nature of charters makes basic information about the corporation available to both investors and third parties, but incorporating provisions by reference to non-public documents frustrates that statutory purpose. Furthermore, while federal securities laws might require public companies to file their governance agreements, that fact does not affect the interpretation of the DGCL applicable to all Delaware corporations.
Circumvention of stockholder vote on charter amendments. The court observed that DGCL Section 242 requires both board and stockholder approval of charter amendments, whereas incorporation by reference of private party agreement provisions permits the contracting parties to amend their agreement on their own and thereby amend the charter automatically. According to the court, this would circumvent Section 242, thereby depriving stockholders of their voting rights.
Members of TheCorporateCounsel.net can check out our “Delaware Law” Practice Area for more memos on this decision, the recent DGCL amendments and more.
Yesterday, the SEC issued an order to approve Nasdaq’s proposal to amend, or adopt new, corporate governance phase-in periods. My blog from May of this year (when the SEC posted the notice & request for comment) details the substantive rule changes. The changes will be reflected in Rules 5605, 5615 and 5810, so once they’re posted to the rulebook, read those for more detail.