We’ve posted the transcript for our recent “SEC Enforcement: Priorities and Trends” webcast featuring Hunton Andrews Kurth’s Scott Kimpel, Locke Lord’s Allison O’Neil, and Quinn Emanuel’s Kurt Wolfe. The webcast covered:
SEC Enforcement Activities in 2023 and Priorities for 2024
Monetary and Non-Monetary Penalties
Accounting and Disclosure Actions
Actions Targeting Gatekeepers
Whistleblower Developments and Trends
Self-Reporting and Cooperation Credit
Coordination with DOJ Investigations
Our panelists referred to the SEC’s fiscal 2023 as “the year of the whistleblower” and stressed “how successful the [whistleblower] program continues to be” as “it really is driving enforcement investigations and enforcement actions [and] changed the way that the SEC originates cases and pursues cases.” They linked this back to the SEC’s recent Rule 21F-17 enforcement actions that “strike at efforts to chill whistleblowers.” Scott Kimpel said, “that’s why the SEC does it. They want the word to spread. They don’t want to have to keep bringing those cases. They would prefer for companies to change their language.”
If you are not a member of TheCorporateCounsel.net, email sales@ccrcorp.com to sign up today and get access to the full transcript – or sign up online.
The SEC adopted its human capital disclosure rules in 2020, and this Gibson Dunn memo reviews the results of a survey of S&P 100 Form 10-K disclosures since the rules were adopted. Overall, the survey found that companies were generally tailoring the length & topics covered in their disclosures and those disclosures were becoming slightly more quantitative in some areas. Here are some of the key takeaways concerning disclosure trends during the most recent year:
– Length of disclosure. Forty-eight percent of companies increased the length of their disclosures, four percent of companies’ disclosures remained the same, and the remaining 48% of companies decreased the length of their disclosures (with the decreases generally attributable to the removal of discussion related to COVID-19).
– Number of topics covered. Twenty-two percent of companies increased the number of topics covered (with the categories seeing the most increases being diversity statistics by race/ethnicity and gender, employee mental health, monitoring culture, talent attraction and retention, and talent development), while 34% decreased the number of topics covered (the majority of which were attributable to the removal of disclosures related to COVID-19), and the remaining 46% covered the same number of topics.
– Breadth of topics covered. The prevalence of 16 topics increased, seven decreased, and four remained the same. The most significant year-over-year increases in frequency involved the following topics: quantitative diversity statistics on gender (60% to 65%), employee mental health (46% to 50%), culture initiatives (22% to 26%), efforts to monitor culture (60% to 64%), and talent attraction and retention (90% to 94%). The most significant year-over-year decrease involved COVID-19 disclosures, which declined in frequency from 69% to 34%. Other year-over-year decreases involved discussion of governance and organizational practices (56% to 51%) and diversity targets and goals (23% to 19%).
– Most common topics covered. The topics most commonly discussed this most recent year generally remained consistent with the previous two years. For example, diversity and inclusion, talent development, talent attraction and retention, and employee compensation and benefits remained four of the five most frequently discussed topics, while quantitative talent development statistics, supplier diversity, community investment, and quantitative statistics on new hire diversity remained four of the five least frequently covered topics.
The memo also addresses industry trends in human capital disclosure, the potential for new rulemaking and the IAC’s recommendations to the SEC concerning that rulemaking, Staff comments on human capital disclosure, and the implications of recent SCOTUS cases on corporate DEI programs and related disclosures.
The last time we blogged about the Payroll Protection Plan loan program, the SBA Inspector General was reporting that the levels of fraud in the program were truly mind-blowing. Since that’s the case, it’s probably not surprising that according to this McDermott Will memo, many PPP borrowers find themselves ensnared by red tape when it comes to trying to get their loans forgiven, and many of those whose loans have previously been forgiven are now facing audits. This excerpt addresses the predicament of borrowers who have won appeals of SBA denials of forgiveness:
Some businesses are facing an increasingly common predicament: They appealed an unfavorable Final Decision to the [SBA’s Office of Hearings & Appeals]. The OHA granted their appeal, agreeing with the borrower that the SBA’s decision was based on clear error. The OHA then remanded the loan back to the SBA to conduct a new review, and the business is forced to wait for months for the SBA to act on the loan.
Other borrowers are in a similar situation after filing an appeal with the OHA only to have the SBA withdraw the challenged Final Decision and place the loan back under review with no further communication from the SBA regarding the status of the loan. These businesses have been waiting and waiting for months—and in some cases more than a year—for the SBA to issue a new decision.
The memo says that once a Final Decision has been withdrawn, the borrower faces what feels like a “black hole” of SBA review. It suggests that the problem stems from both a lack of resources & a lack of a sense of urgency on the part of the the SBA to resolve outstanding loans in a timely manner. On another happy note, the memo says that there’s been an uptick in audits of borrowers who have had their loans forgiven years ago. The most significant issues in these audits are whether the borrower correctly calculated its initial PPP loan amount and whether the borrower was “small” enough to qualify for the loan.
With the 2024 proxy season just around the corner, many companies are considering potential updates to their D&O questionnaires. This Bryan Cave memo identifies areas where questionnaires may need updating. This excerpt addresses a potential tweak that may be necessary to address the universal proxy rules:
Under the new universal proxy card rules that became effective in 2023, a company may be required to include a dissident’s nominees on its proxy card and, in turn, the dissident may be required to include the company’s nominees on the dissident’s card. In light of this possibility, companies should review the consent language in their D&O questionnaires to ensure it includes the consent of the director or nominee to be included in the company’s proxy materials, as well as a nominee in a dissident’s proxy materials, should that become applicable.
The memo says that other topics that may need attention in D&O questionnaires this year include cybersecurity and human capital management expertise, Section 16 reporting, Rule 10b5-1 plans, and board diversity information.
Yesterday, Glass Lewis announced the publication of its 2024 Voting Guidelines. We’ll be posting memos in our “Proxy Advisors” Practice Area. Here are excerpts from the intro highlighting some of the key changes:
Material Weaknesses – When a material weakness is reported and the company has not disclosed a remediation plan, or when a material weakness has been ongoing for more than one year and the company has not disclosed an updated remediation plan that clearly outlines the company’s progress toward remediating the material weakness, we will consider recommending that shareholders vote against all members of a company’s audit committee who served on the committee during the time when the material weakness was identified.
Cyber Risk Oversight – In instances where cyber-attacks have caused significant harm to shareholders, we will closely evaluate the board’s oversight of cybersecurity as well as the company’s response and disclosures. Moreover, in instances where a company has been materially impacted by a cyber-attack, we believe shareholders can reasonably expect periodic updates from the company communicating its ongoing progress towards resolving and remediating the impact of the cyber-attack. These disclosures should focus on the company’s response to address the impacts to affected stakeholders and should not reveal specific and/or technical details that could impede the company’s response or remediation of the incident or that could assist threat actors.
In instances where a company has been materially impacted by a cyber-attack, we may recommend against appropriate directors should we find the board’s oversight, response or disclosures concerning cybersecurity-related issues to be insufficient or are not provided to shareholders.
Board Oversight of Environmental and Social Issues – Given the importance of the board’s role in overseeing environmental and social risks, we believe that this responsibility should be formally designated and codified in the appropriate committee charters or other governing documents. When evaluating the board’s role in overseeing environmental and/or social issues, we will examine a company’s committee charters and governing documents to determine if the company has codified a meaningful level of oversight of and accountability for a company’s material environmental and social impacts.
Board Accountability for Climate-Related Issues – Beginning in 2024, Glass Lewis will apply this policy to companies in the S&P 500 index operating in industries where the Sustainability Accounting Standards Board (SASB) has determined that the companies’ GHG emissions represent a financially material risk, as well as companies where we believe emissions or climate impacts, or stakeholder scrutiny thereof, represent an outsized, financially material risk.
We will assess whether such companies have produced disclosures in line with the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD). We have further clarified that we will also assess whether these companies have disclosed explicit and clearly defined board-level oversight responsibilities for climate-related issues. In instances where we find either of these disclosures to be absent of significantly lacking, we may recommend voting against responsible directors.
Clawback Provisions – In addition to meeting listing requirements, effective clawback policies should provide companies with the power to recoup incentive compensation from an executive when there is evidence of problematic decisions or actions, such as material misconduct, a material reputational failure, material risk management failure, or a material operational failure, the consequences of which have not already been reflected in incentive payments and where recovery is warranted. Such power to recoup should be provided regardless of whether the employment of the executive officer was terminated with or without cause. In these circumstances, rationale should be provided if the company determines ultimately to refrain from recouping compensation as well as disclosure of alternative measures that are instead pursued, such as the exercise of negative discretion on future payments.
Other policy changes address executive stock ownership guidelines, proposals concerning equity awards to shareholders, NOL pills and control share acquisition statutes. Glass Lewis also adopted clarifying amendments to its policies on board responsiveness and interlocking directorates.
By the way, don’t forget that ISS’s peer group review & submission window for most companies opens on Monday, November 20th. Check out Liz’s blog on CompensationStandards.com for more details.
I think it’s fairly common for people involved in internal investigations to feel uncertainty about the investigatory process and to have concerns about whether that process conforms to best practices. If you find yourself worrying about these issues, this recent blog from “Compliance & Ethics: Ideas and Answers” may be helpful. It identifies areas of inquiry that should be considered in evaluating investigation processes. This excerpt provides some examples:
– Are there written guidelines governing how investigations will be assigned? Are they logical and appropriate? Are they followed in practice?
– Is there a written investigations protocol, and does it include those elements that are necessary to facilitate robust investigations? Some of the elements that are typically included in investigations manuals include:
– Professionalism standards that govern the investigations process, such as a discussion of the importance of impartiality, competency, confidentiality, and non-retaliation.
– Step-by-step guides for each aspect of investigations, including intake procedures, preliminary analysis of the allegation, assigning investigations, opening a case file, creating an investigative plan, reviewing documents, whom to interview and how to do so, preparing interview notes, assessing and determining findings, preparing a final report, responding to the complainant and subject, and closing out the case.
– Samples and outlines of investigation documents, such as reports of interviews, reports of investigation, and sample communications with interviewees, complainants, supervisors, and subjects of investigations.
– Are there protocols that govern how evidence can be collected (e.g., required approvals before electronic data is accessed) and when and how litigation or investigation holds will be issued?
– Are there clear guidelines governing when to get the Legal Department involved and the steps to be taken when conducting an inquiry under the attorney-client privilege?
The blog says that, ultimately, an effective assessment of an investigation’s process seeks to determine whether it is being conducted independently, objectively and impartially, whether the investigators have the access to the people and documents they need, and whether the investigator is qualified to conduct the investigation.
The PCAOB recently proposed amendments to its rules governing when an individual accountant will be deemed to have contributed to a firm’s primary violations of professional standards. This excerpt from Dan Goelzer’s blog on the proposal summarizes its implications:
The Public Company Accounting Oversight Board has proposed to amend its rule governing the liability of a person associated with an accounting firm whose conduct causes the firm to violate a professional standard. The Board’s proposal would lower the level of conduct that can result in an individual’s “contributory liability” for a firm’s violation from recklessness to negligence.
If the change is adopted, the PCAOB would be able to bring disciplinary proceedings against an individual auditor (and potentially bar him or her from public company auditing) for failing to exercise reasonable or ordinary care. Under its current rules, the Board would have to show that the individual’s conduct was intentional or reckless, not merely negligent.
The proposal is unlikely to be welcomed by your friendly neighborhood auditor. Most audit firms have a black belt in “CYA” and already go to extraordinary lengths to protect themselves during the course of an audit engagement. Lowering the bar for enforcement actions against individual accountants will undoubtedly spur increased efforts on their behalf to protect their firms & themselves.
When you consider the possibility that a change like this could come on the heels of the adoption of the PCAOB’s demanding NOCLAR proposal, it sure looks like dealing with your outside auditors could become an even more difficult, painstaking, and expensive process in the near future.
As Liz blogged earlier this month, the 5th Cir. recently sent the SEC back to the drawing board on its buyback disclosure rules, and it now looks like something similar could happen to the SEC’s Staff Accounting Bulletin 121, which addresses accounting for safeguarded digital assets. That’s because, according to the GAO, the SEC failed to comply with procedures mandated by the Congressional Review Act (CRA) when its accounting staff issued the SAB. This excerpt from a recent Fenwick memo explains:
The CRA requires that, before an agency rule can take effect, the agency must submit a report on the rule to both the House of Representatives and the Senate as well as to the Comptroller General. The law allows Congress to review and disapprove any rule newly issued by federal agencies for a period of 60 days using special procedures. If a resolution of disapproval is enacted, then the new rule has no force or effect.
On August 2, 2022, Senator Cynthia M. Lummis requested the GAO—which is an independent, non-partisan agency within the legislative branch of the federal government—to determine whether SAB 121 was a “rule” subject to the CRA. The SEC maintained that the bulletin was not subject to the CRA because it was published by the SEC’s staff, rather than through the SEC. The GAO disagreed, however, finding that the statement was an “agency statement” within the applicable definition of a “rule” under the Administrative Procedures Act, and thus, was subject to the CRA’s requirements.
The GAO reasoned that, since the role of the SEC’s Division of Corporation Finance (Division) is to monitor companies’ compliance with accounting and disclosure requirements, and since the Division’s practice is to refer noncompliant companies to the SEC’s Division of Enforcement, it was “reasonable to believe that companies may change their behavior to comply with the staff interpretations found in [SAB 121].”
So what happens now? That’s a bit unclear. The memo says that there’s a window of time during which Congress can pass a joint resolution disapproving the issuance of SAB 121. It seems unlikely that the Congressional clown show could get its act together to do something like that, but even in the absence of such action, the memo says that the GAO’s decision strengthens the hand of any litigant seeking judicial review of SAB 121.
In a recent speech, SEC Commissioner Mark Uyeda criticized the process by which the SEC adopted its pay versus performance disclosure rule, and in particular called out some of the goofy proxy disclosure resulting from the SEC’s decision to change the definition of “compensation actually paid” and the treatment of equity awards in the final rule without seeking additional public comment. He says there’s a lesson there for the SEC that it should take into account before moving forward with a final climate change disclosure rule:
Hopefully, the Commission will consider learning from the lesson of the pay versus performance rulemaking as it moves forward with other rulemakings, including climate-related disclosure. This proposal has received over 16,000 comments. The volume of comments is not surprising given the proposal’s expansive nature and the hundreds of requests for feedback contained in it. Most commenters did not focus on, or address, every single issue or alternative raised in the proposal.
Before the Commission adopts any final rule that significantly deviates from the proposal, it should seriously consider re-proposing the rule with revised rule text and an updated economic analysis. Doing so would provide the public with an opportunity to focus on aspects of the proposal that they did not initially consider, and perhaps more importantly, submit feedback on any revised requirements.
Commissioner Uyeda argues that a re-proposal “may ultimately help the Commission craft a better rule for all market participants” and says that the SEC should do everything possible to avoid promulgating a “costly and ineffective” rule. Okay, but what if the SEC just moves forward with a final rule? Well, that’s where Commissioner Uyeda drops his mic – he says that adopting a rule without reproposing it “might be indicative of a flawed process that raises the question of whether the rule is arbitrary and capricious under the Administrative Procedure Act.”
Earlier this year, Meredith blogged about the Pegasystems case, which highlighted the potential perils of reflexively characterizing claims made by the plaintiff in a lawsuit as being “without merit.” This Goodwin blog highlights some things that companies should consider as they draft litigation disclosure post-Pegasystems, and this excerpt offers up some specific examples of alternative disclosure that might be appropriate:
In reviewing litigation disclosures in filings with the SEC, close attention needs to be paid to the language asserting that a litigation against the company is “without merit.” To mitigate risk, and after consultation with the company’s auditors, it may be best to avoid such language and rely on statements such as the following:
– We intend to vigorously pursue our claims against [defendant] in this matter.
– We intend to vigorously defend against the claims brought by [plaintiff] in this matter.
– We are unable to reasonably estimate possible damages or a range of possible damages in this matter given the uncertainty as to how a jury may rule if this ultimately proceeds to trial.
– We dispute these allegations and plan to vigorously defend ourselves.
– We have defenses to the claims raised in this lawsuit.
The blog points out the need to consult with auditors concerning this disclosure, because it may well have an impact on whether they believe that a reserve for the litigation should be established.
