Earlier this week, Vanguard published a statement on its approach to board responsiveness to shareholders & other stakeholders. After a couple of pages devoted to the usual platitudes about the importance of engagement and the general need for directors to be responsive to shareholder input, Vanguard lowered the boom by laying out its policy on board responses to majority supported shareholder proposals:
When a board fails to respond to a proposal supported by a majority of its voting shareholders and the Vanguard-advised funds supported the proposal, the funds will generally vote against relevant members of the board. For example, concerns with compensation matters would likely impact votes on members of the compensation committee, while governance concerns would generally impact votes on members of the nominating/governance committee. A pattern of unresponsiveness to shareholder feedback (e.g., a failure to act, or slow action, on shareholder votes) may be an indicator of poor governance practices and may result in increasing levels of opposition to board members’ election.
Not surprisingly, Vanguard doesn’t specify what an appropriate “response” would be to a majority-supported shareholder proposal, which is probably impossible to do in the abstract. Nevertheless, companies need to know that their responsiveness to these proposals will be graded at the ballot box by one of their largest shareholders.
Vanguard’s policy may not have a significant impact on most companies, at least for now. That’s because, as SEC Commissioner Mark Uyeda pointed out in his speech at the Society for Corporate Governance’s conference earlier this week, the percentage of shareholder proposals receiving majority support has fallen precipitously in recent years. Only 5% of proposals received majority support this proxy season, compared to 19% just two years ago.
The May-June issue of the Deal Lawyers newsletter was just posted and sent to the printer. This month’s issue includes the following articles:
– Anatomy of a CVR: A Primer on the Key Components and Trends of CVRs in Life Sciences Public M&A Deals
– Chancery Ruling Highlights Important Role of Special Litigation Committees in Maintaining Board Control Over Derivative Litigation
The Deal Lawyers newsletter is always timely & topical – and something you can’t afford to be without in order to keep up with the rapid-fire developments in the world of M&A. If you don’t subscribe to Deal Lawyers, please email us at sales@ccrcorp.com or call us at 800-737-1271.
Liz and Broc met up at the Society Conference in Salt Lake City this week and I just couldn’t resist sharing this picture of two of TheCorporateCounsel.net’s all-time greats with our readers. It feels like a Beatles reunion – minus Ringo, of course, but nobody misses him anyway!
Yesterday, the SEC announced settled enforcement proceedings against Marcum LLP, for what it contends were systemic quality control failures & audit standards violations in connection with audit work for hundreds SPAC clients. This excerpt from the SEC’s press release provides additional details on the proceeding:
Over a three-year period, Marcum more than tripled its number of public company clients, the majority of which were SPACs, including auditing more than 400 SPAC initial public offerings in 2020 and 2021. The strain of this growth, however, exposed substantial, widespread, and pre-existing deficiencies in the firm’s underlying quality control policies, procedures, and monitoring. These deficiencies permeated nearly all stages of the audit process and were exacerbated as Marcum took on more SPAC clients.
Moreover, in hundreds of SPAC audits, Marcum failed to comply with audit standards related to audit documentation, engagement quality reviews, risk assessments, audit committee communications, engagement partner supervision and review, and due professional care. Depending on the audit standard at issue, violations were found in 25-50 percent of audits reviewed, with even more frequent, nearly wholesale violations found as to certain audit standards across Marcum’s SPAC practice.
The SEC’s order alleges that “Marcum’s quality control and audit standard failures permeated most stages of engagement work—from client acceptance to risk assessments, audit committee communications, audit documentation, assembly and retention of audit documentation, engagement quality reviews, technical consultations, due professional care, and engagement partner supervision and review. At nearly every stage, Marcum lacked sufficient policies and procedures to provide reasonable assurance that engagements were conducted in accordance with professional standards.”
Without admitting or denying the SEC’s allegations, Marcum agreed to an order finding that the firm engaged in improper professional conduct within the meaning of Rule 102(e), violated multiple audit standards across numerous engagements, and violated Rule 2-02(b)(1) of Regulation S-X. Marcum also agreed to pay a $10 million penalty & to undertake remedial actions, including retaining an independent consultant and abiding by certain restrictions on accepting new audit clients.
The Association of Corporate Counsel recently released the results of its 2023 Law Department Benchmarking Survey, which covered 449 legal departments in companies of all sizes across 24 industries and 20 countries. Here are some of the key takeaways:
– Privacy is now the most common business function directly overseen by Legal (57% and six points more than reported in 2022) overtaking compliance, which traditionally tops the list (56%). An additional 19% of departments, however, indicated that compliance is a separate department that reports to legal. Therefore, in total, 77% of legal departments reported that the CLO ultimately oversees compliance compared to 70% that have oversight over privacy.
– The median total legal spend for all participating companies increased from $2.4 million last year to $3.1 million this year and although this increase occurred across companies of all sizes, the largest increases were driven by companies with greater than $20 billion in revenue, with a median total legal spend of $80 million this year compared to $50 million last year.
– The median total legal spend as a percentage company revenue (a key measure of Legal’s overall cost to the business) also increased to 0.63% compared to 0.56% last year. However, the total inside/outside spend distribution has remained roughly the same with 53% of total spend going to internal costs and 47% of total spend going to outside costs.
– About three in ten departments track internal diversity metrics related to the legal department’s composition, and 21% report tracking diversity metrics with respect to their outside counsel. There has been little movement in these numbers over the past three years despite the increased attention and desire to establish a more inclusive and equitable environment within the legal profession.
The increases in total legal spend are pretty eye-popping, particularly for large companies. A recent LegalDive.com article on the survey notes that although law firms increased their rates by an average of 5.5% in the first quarter of 2023, other factors, such as increased litigation and regulation, are more significant contributors to the jump in overall spending.
The members of the House of Representatives managed to pry themselves away from the cable news networks’ microphones long enough to pass a bunch of bipartisan legislation aimed at facilitating capital formation. Here’s the intro to this Mayer Brown blog:
In early June, the US House of Representatives passed two sets of bills focused on promoting capital formation. The bipartisan effort included bills that amend the accredited investor definition in order to increase the diversity of investors participating in the private markets. In addition, as the IPO market continues to suffer, the packages include bills that would enact legislation formalizing measures that already are permitted by SEC staff, such as, for example, expanding “testing-the-waters” accommodations to all issuers. Also, the package includes a bill directing the SEC to investigate the costs associated with going public for middle market companies.
The blog includes brief summaries of each piece of legislation as well as links to the text of the bills. It says that the next stop for this package is the Senate Committee on Banking, Housing, and Urban Affairs.
Artificial Intelligence is a topic that’s really exploded into public consciousness this year, so it isn’t surprising that AI risks are also beginning to feature prominently in some corporate risk factor disclosures. This Bryan Cave blog notes that companies are addressing AI risks either through standalone risk factors or as part of broader risk factor disclosures. The blog highlights the topical areas of these broader risk factors in which AI disclosures appear and provides several examples of standalone risk factors, including this one from DoorDash’s most recent Form 10-Q:
We may use artificial intelligence in our business, and challenges with properly managing its use could result in reputational harm, competitive harm, and legal liability, and adversely affect our results of operations.
We may incorporate artificial intelligence (“AI”) solutions into our platform, offerings, services and features, and these applications may become important in our operations over time. Our competitors or other third parties may incorporate AI into their products more quickly or more successfully than us, which could impair our ability to compete effectively and adversely affect our results of operations. Additionally, if the content, analyses, or recommendations that AI applications assist in producing are or are alleged to be deficient, inaccurate, or biased, our business, financial condition, and results of operations may be adversely affected.
The use of AI applications has resulted in, and may in the future result in, cybersecurity incidents that implicate the personal data of end users of such applications. Any such cybersecurity incidents related to our use of AI applications could adversely affect our reputation and results of operations. AI also presents emerging ethical issues and if our use of AI becomes controversial, we may experience brand or reputational harm, competitive harm, or legal liability. The rapid evolution of AI, including potential government regulation of AI, will require significant resources to develop, test and maintain our platform, offerings, services, and features to help us implement AI ethically in order to minimize unintended, harmful impact.
The blog says that only about 10% of companies in the major indices (S&P 500 and Russell 3000) are currently including a discussion of AI in their risk factor disclosures, but it also points out that companies addressing AI in their risk factors represent a broad range of industries tech & software.
Verizon recently published its 2023 Data Breach Investigations Report, and one of its more interesting findings is that, when it comes to cybersecurity, a company’s senior leaders are often its weakest link – particularly when it comes to the burgeoning category of “social engineering” attacks. Here’s an excerpt from Verizon’s press release:
The human element still makes up the overwhelming majority of incidents, and is a factor in 74% of total breaches, even as enterprises continue to safeguard critical infrastructure and increase training on cybersecurity protocols. One of the most common ways to exploit human nature is social engineering, which refers to manipulating an organization’s sensitive information through tactics like phishing, in which a hacker convinces the user into clicking on a malicious link or attachment.
“Senior leadership represents a growing cybersecurity threat for many organizations,” said Chris Novak, Managing Director of Cybersecurity Consulting at Verizon Business. “Not only do they possess an organization’s most sensitive information, they are often among the least protected, as many organizations make security protocol exceptions for them. With the growth and increasing sophistication of social engineering, organizations must enhance the protection of their senior leadership now to avoid expensive system intrusions.”
Like ransomware, social engineering is a lucrative tactic for cybercriminals, especially given the rise of those techniques being used to impersonate enterprise employees for financial gain, an attack known as Business Email Compromise (BEC). The median amount stolen in BECs has increased over the last couple of years to $50,000 USD, based on Internet Crime Complaint Center (IC3) data, which might have contributed to pretexting nearly doubling this past year.
Last week, the Division of Corporation Finance named Tiffany Posil Chief of the Office of Mergers and Acquisitions. She succeeds Ted Yu, who recently was appointed to serve as Associate Director of the Division of Corporation Finance. Tiffany is currently a partner of Hogan Lovells, and previously worked for Corp Fin, where, among her other responsibilities, she was the primary drafter of the universal proxy rule proposal.
Tiffany should also be familar to many of our members. She participated in our “Universal Proxy: Preparing for the New Regime” webcast last year & has also authored an article on universal proxies for our Deal Lawyers Newsletter. Congratulations to Tiffany!
As you might have already guessed, I’m among those who are skeptical about claims that retail investors should be encouraged to become more involved in corporate governance, and that governance will be enhanced if they do. Some of the objections filed to AMC’s recent class action settlement filed by retail investors with the Chancery Court suggest that this skepticism may be well founded.
AMC was one of the companies to warmly embrace its meme stock “apes”, at least until it proved impossible for the company to get the quorum needed to approve a charter amendment to increase its authorized shares, which in turn inhibited its ability to raise additional capital. Since “meme stocks gotta meme”, AMC needed a fix for this problem. As Liz blogged earlier this year, the company found a solution through the creative use of blank check preferred stock. Of course, any solution to a corporate problem that’s labeled “creative” inevitably leads to class action litigation, and AMC’s fix was no exception. Last month, the company reached an agreement with the plaintiffs to settle that litigation, and that’s when the fun began.
AMC’s retail “apes” responded to the proposed settlement with an outpouring of outrage that was significant enough that the Chancery Court set up a procedure for them to submit their comments on the proposed settlement – which they did, in droves. However, while there were plenty of objections to the settlement, many didn’t inspire a lot of confidence. Here’s an excerpt from Tulane professor Ann Lipton’s recent blog on the objections:
While some of the letters inspire a lot of sympathy – many investors appear to have endured significant losses – a lot of the comments are, well, uninformed, to put it mildly. There are some fairly odd conspiracy theories floating around regarding AMC shares, and, in particular, something about an inflated share count and “synthetic” shares that are improperly voting. Many of the objecting shareholders buy into those theories. For example, in a report filed on May 17, the special master recommended against one shareholder’s attempt to intervene, which was predicated on the “synthetic share” theory.
Ann goes on to confront the fundamental question raised by the some of the more unhinged AMC objections:
So this is the elephant in the room: What does this tell us about the wisdom of encouraging greater retail involvement in corporate governance? While no doubt some retail shareholders are highly informed, many are not, and if AMC demonstrates anything, it’s that in some cases, the technological tools that enable retail shareholders to coordinate and share information may also cause the rapid spread of misinformation.
In other words, social media may have the same kind of implications for corporate governance that it has had for our political discourse. That’s a point that UCLA professor Stephen Bainbridge picks up on in this excerpt from his own blog on the AMC situation:
Many retail investors are deeply engaged with social media and increasingly exhibit the pathologies associated with social media. In the AMC Entertainment litigation, for example, one of the two lawsuits challenging the plan was filed by an individual Usbaldo Munoz. The AMC Apes have been viciously attacking Munoz. Things apparently got so bad that Munoz has now ghosted his own lawyers, leaving them without guidance as to how to proceed.
Oh, goodie! It’s nice to know that one possible outcome of the “rise of the retail investor” might be the establishment of a Q-Anon corporate governance division – “where we go one to a shareholders’ meeting, we go all.”
