We’re continuing to post resources on the fallout from the collapse of SVB in our “Financial Institutions” Practice Area. Unfortunately, it still looks like there’s a chance that we could end up with a broader banking crisis on our hands – but even if we all dodge the bullet on this one, companies would be wise to consider how to mitigate the risks of a future crisis on their own businesses. This Freshfields memo recommends that companies implement an investment policy to actively manage those risks:
Every company should adopt an investment policy and actively manage investment risk. An investment policy prescribes how management should invest the company’s cash balances. For operating companies, investment policies accomplish at least two goals. First, the policies set forth the types of securities in which the company can invest and requires management to monitor the maturity profiles of such securities, any liquidity concerns and the performance of the investment portfolio.
Second, for operating companies, investment policies are designed to ensure that a company’s cash resources are not deployed in a manner that would inadvertently cause the company to become an investment company under the Investment Company Act of 1940, as amended. This is important because a failure to register as an operating company, even if inadvertent, can have significant negative direct and indirect consequences, including the potential unenforceability of all of the company’s contracts, SEC enforcement action and litigation.
The memo says that the policy should address, among other things, the company’s liquidity needs, cash flows, cash balances and portfolio performance, risk & concentration limits, and alternative capital sources. It also addresses the oversight responsibilities of management and the board, and the role that legal can play in helping to develop the policy and ensure that it works as intended.
This Wachtell memo says that the SEC’s recent settled enforcement action against Blackbaud provides a reminder to companies that when they communicate about a corporate crisis, their disclosure controls and procedures need to be sufficient to ensure that those communications are accurate. As this excerpt indicates, among other things, this requires companies to make sure that appropriate information about the facts on the ground is communicated to those making decisions about disclosure:
On July 16, 2020, Blackbaud disclosed that it had discovered a ransomware attack, but also stated that the attacker did not access any donor bank account information or Social Security numbers. According to the SEC’s order, within a matter of days, Blackbaud’s technology and customer service personnel learned that the statement about access to sensitive information was erroneous.
Nonetheless, those personnel failed to communicate that knowledge to senior management. As a result, not only did Blackbaud fail to correct the erroneous disclosure, but it also subsequently filed a Form 10-Q that failed to disclose that the attacker removed sensitive customer data. The SEC charged Blackbaud with negligence-based misrepresentations, as well as reporting violations and failure to maintain adequate disclosure controls.
The memo notes that the SEC imposed a $3 million civil penalty in this proceeding, and contrasts that with the $1 million penalty it imposed in a very similar 2021 proceeding involving Pearson. It suggests that it’s reasonable to assume that the SEC is acting on its well-publicized warnings that the penalties are going up.
The crypto bros have been having a bit of a moment in recent weeks, as bitcoin rallied while bank stocks burned. Some crypto-evangelists have contended that recent events have “exposed the fractional reserve banking system’s core limitations and strengthened the case for investing in bitcoin”. You folks do what you want, but I think it’s worth comparing the relative outcomes for SVB & FTX depositors before pulling your life’s savings out of the federally insured banking system and making a bet that Charlie Munger isn’t right about everyone’s favorite digital tulip.
Anyway, the SEC made it pretty clear last week that the crypto bros aren’t making much headway with it. In addition to Coinbase’s disclosure that it had received a Wells notice from the agency, the SEC’s Office of Investor Education & Advocacy issued an investor bulletin on Thursday warning about the risks of crypto investments. The bulletin was lengthy, but the SEC started it off with this “TLDR” summary:
TLDR: The SEC’s Office of Investor Education and Advocacy continues to urge investors to be cautious if considering an investment involving crypto asset securities. Investments in crypto asset securities can be exceptionally volatile and speculative, and the platforms where investors buy, sell, borrow, or lend these securities may lack important protections for investors. The risk of loss for individual investors who participate in transactions involving crypto assets, including crypto asset securities, remains significant. The only money you should put at risk with any speculative investment is money you can afford to lose entirely.
Among other things, the bulletin points out that those offering crypto asset investments or services may not be complying with applicable law, including federal securities laws, and that the marketplace is full of fraudsters peddling scams to retail investors.
It’s been a couple years since we’ve had a non-GAAP enforcement action. Last week, the SEC reminded us that they’re still watching for problems. The Commission announced charges against a company for allegedly misleading disclosures about its non-GAAP financial performance in multiple reporting periods from 2018 until early 2020.
One of the things that got the company in trouble was allegedly failing to adopt disclosure controls & procedures specific to non-GAAP measures. The SEC says that led to misclassifications of excluded expenses and misleading disclosures of what exactly had been excluded. Here’s more detail from the 11-page order (also see this Cooley blog):
The company also had insufficient processes to ensure that its business practices for classifying costs as TSI were consistent with the plain meaning of the company’s own description of those costs in its periodic reports filed with the Commission and in its earnings releases. The absence of a non-GAAP policy and specific disclosure controls and procedures caused employees within the business units and in the Financial Planning & Analysis area (“FP&A”) to make subjective determinations about whether expenses were related to an actual or contemplated transaction, regardless of whether the costs were actually consistent with the description of the adjustment included in the company’s public disclosures. As a result, the company negligently misclassified certain internal labor costs, data center relocation costs that were unrelated to the merger, and other expenses as TSI costs.
Without admitting or denying the findings in the order, the company consented to a cease-and-desist order, to pay an $8 million penalty, and to undertake to develop and implement appropriate non-GAAP policies and disclosure controls and procedures. The SEC considered the company’s cooperation and remedial actions in accepting the settlement offer.
I blogged a few weeks ago that “disclosure controls” enforcement actions are trending. We all need to pay attention to the link between disclosure controls & disclosure content – including for voluntary disclosures – because the SEC certainly is doing that. As Lawrence noted last week on PracticalESG.com, the SEC’s interest in whether companies are accurately explaining what makes up the information they’re providing could also translate to scrutiny of ESG disclosure controls in the future.
We received a bunch of memos over the weekend on the Silicon Valley Bank situation, and we are posting those memos and other materials relating to SVB’s closure in our “Financial Institutions Practice Area.” There’s also a brief post on The Mentor Blog this morning about some of the 8-K filings that companies made on Friday concerning the situation.
Hopefully, the joint statement issued by the Fed, FDIC & Treasury last night that depositors will be made whole and have access to their money today will take the edge off the crisis that erupted late last week, but we’ll stay tuned and post additional resources when we receive them.
Last month, Liz blogged about the SEC’s recent enforcement action against Activision-Blizzard, which is the latest action premised solely on an issuer’s alleged deficient disclosure controls unaccompanied by a related disclosure violation. This Shearman memo reviews that proceeding and another recent SEC action premised solely on deficient controls and offers up some lessons that public companies should draw from those enforcement actions. This excerpt says that companies should look at the relationship between disclosure controls and the disclosures contained in their SEC filings as a two-way street:
Treat the relationship between disclosure controls and disclosure content as an open feedback loop rather than as a one-way communication channel. Disclosure controls are often viewed as informing disclosure content, but not the other way around. Consider reviewing your existing disclosure content with an eye towards identifying key topics and risks and then compare those to your disclosure processes.
Is each of these topics and risks covered by a corresponding stakeholder on your disclosure committee? Are disclosure committee members collecting information relevant to assessment of these topics and risks? What information are you collecting from business unit leaders who are not directly represented on the disclosure committee, and what procedures do you have in place to ensure that relevant information is fed into the disclosure process? Allowing feedback from disclosure content to disclosure controls also means being mindful of the disclosure controls implications when adding new risk factors.
The memo disagrees with contentions that the Activision-Blizzard proceeding will require companies to collect all information that could potentially be relevant to disclosures about an operational risk once it decides that the risk merits a reference in the risk factors section of its filings. Instead, the authors expect that the SEC will pursue these purely disclosure controls related proceedings selectively, “in matters (1) of broader public interest, or (2) where the SEC sees a specific opportunity to highlight an example of information it believes is getting insufficient attention for disclosure purposes.”
Inflation, rising interest rates, recession concerns & market volatility have provided activists with a target-rich environment this year, and the implementation of universal proxy gives them a key tool to help capitalize on those opportunities. That raises the stakes when it comes to shareholder engagement, and this Wilson Sonsini memo has some thoughts about how boards and management teams can most effectively structure their engagement efforts. This excerpt addresses two of the key components for successful engagement in 2023:
– Proactively enhancing governance practices. Governance is almost never the central feature of an activism campaign, but it is frequently used as a wedge issue by activists to paint a board of directors as entrenched and out of touch. As such, companies should regularly evaluate their governance practices and look for proactive measures—such as the adoption of majority voting in director elections, the elimination of supermajority vote provisions, and even, in appropriate circumstances, voluntary declassification of the board—that can be taken to show the board’s deliberate approach to governance. Shareholder engagement is a long game, and years of thoughtful evolution can reassure shareholders that the board prioritizes good governance and has sufficient internal will to make changes when they are warranted.
– Focusing on board composition and refreshment. A robust approach to board refreshment has become table stakes for the most sophisticated companies when it comes to engagement. Institutional shareholders appreciate seeing changes in board composition and view a regular cadence of new directors joining a board as evidence of a healthy boardroom dynamic. As noted above, the universal proxy rules have cast a brighter light on the skills and qualifications of each director individually. As such, boards should be conscious of, and seek to proactively address, weaknesses that an activist might seek to exploit. This is particularly true at companies that have seen an erosion in investor support for directors and say-on-pay proposals.
Other areas of emphasis in shareholder engagements include clearly articulating the company’s strategy for value creation, considering efforts to boost shareholder value, and understanding the views of the company’s shareholder base. Perhaps most important of all, the memo says that companies need to listen actively and be open to change, because shareholders—especially activist shareholders—want to know that the board takes their views seriously and isn’t “willfully blind” to alternatives.
The latest issue of the Shareholder Service Optimizer has some timely tips for making your annual meeting run smoothly this year. Here are a couple of important ones:
– Make sure that no one on your Meeting Team agrees to accept “Floor Votes” as a way to head off a formal shareholder proposal: Please be sure to review our article on this crazy process, which a few naïve companies foolishly agree to every year – based on the often-mistaken notion that there will be too few voters to worry about. Brush up here: The Best, Worst and Weirdest Things We’ve Seen in the 2019 Meeting Season to Date
– Beware: Shareholder Proponents, and activists in general, will be monitoring VSMs and paying special attention to the Q&A period, and to whether shareholders are being given a fair chance to ask questions and suffcient time to cast or change their votes online. Here’s a sample ‘run of show’ and tips for the Q&A to avoid being publicly named and shamed: A Sample “Run-Of-Show” For A Satisfying And Successful VSM & The Virtual Shareholder Meeting Q&A – and How to Tackle It
The article also says that the vast majority of companies that went the virtual-only route last year are doing the same this year, and it also reminds companies to identify their shareholder proponents by name. This year, failing to identify the lead proponent could result in a negative recommendation from Glass-Lewis on the chair of the governance committee.
Speaking of annual meetings, don’t forget to attend our “Conduct of the Annual Meeting” webcast on March 30th for more timely tips to help you manage your annual meeting.
The Jim Hamilton Blog recently flagged the competing efforts of Democrats & Republicans on Capitol Hill to influence the substance of the SEC’s climate disclosure rules. Republicans continue to fixate on questioning the SEC’s authority to adopt these rules as proposed, while this excerpt indicates that some Democratic lawmakers continue to push hard for Scope 3 disclosures:
Democrat lawmakers’ recent letter to the SEC specifically addressed another topic the SEC may be mulling as it finalizes the climate risk disclosure regulation—Scope 3 emissions, or what might be considered the proverbial electrified third rail of climate disclosure. The Democrats’ letter said overall that they want the SEC to move forward with a “strong climate disclosure rule without delay.”
While the letter worried about the SEC potentially raising the threshold for disclosure (the proposal pegged the threshold at 1 percent of the specified line-item financial metric), the letter was even more concerned about the prospect that the SEC could weaken or even eliminate Scope 3 emissions disclosures from the final regulation.
The Democrats’ letter references recent Wall Street Journal and Politico reports that the SEC is considering easing the final version of its rules – including possibly eliminating the proposed Scope 3 disclosure requirement – and is clearly an attempt to keep the agency from going wobbly on the final version of its rules.
But with recent reports suggesting that political support for Scope 3 disclosures among Democrats may be on the wane, perhaps it’s worth noting that the letter was signed by only eight senators and 43 members of Congress. That’s a lot fewer than the 130+ Dems who signed an earlier letter supporting the SEC’s rulemaking last summer,
If you’ve worked on more than a handful of private placements over the years, you know that in many situations, issuers opt not to file a Form D with the SEC. I’ve heard a lot of reasons for that over the years, most of which seem to be one version or another of, “well, it’s not a condition of the exemption . . .” followed by some kind of mutterings about confidentiality or concerns about sharing information with the “gubmint.” However, Keith Bishop recently blogged about a new study that suggests another reason why issuers so often don’t file a Form D – the desire to avoid “patent trolls.” Here’s the abstract:
We document that the majority of venture-capital backed financing rounds are not accompanied by a Form D filing. We show that filing behavior is predictable and is related to both the ability to fly below the radar and the benefits of withholding information. Financing rounds that are harder to hide, larger offerings and those previously covered by media, are more likely file a Form D while financing rounds by firms with greater proprietary information, early stage firms or companies in biotech, pharmaceutical, and high tech industries, are less likely to file a Form D.
We document one adverse outcome to the filing of a Form D, patent litigation, and show that protection from this type of litigation through the enactment of anti-patent trolling laws subsequently increases the rate of filing. Firms are less likely to file a Form D once the form is required to be filed on Edgar. Finally, we note that reliance on Regulation D is stronger as the firm nears an exit from the private market. Our results suggests that some firms view even minimal disclosure and regulatory oversight as costly.
Keith points out that one of the authors’ conclusions is that the Form D filing rate among California issuers is particularly low, and that these issuers typically don’t file a limited exemption notice filing at the state level either – which the authors suggest means that at least some issuers may be relying on Reg D as an exemption but not filing the form to ensure their privacy.
If you’re considering not making a Reg D filing, bear in mind a few cautionary points. First, although Securities Act Rules CDI Question 257.07 says that a Form D filing isn’t a condition of the exemption, it is still required by Rule 503. In addition, Rule 507 provides that failure to file a Form D may form the basis for disqualifying an issuer from using the exemption in the future. In addition to potential SEC enforcement proceedings, some states may get their noses out of joint if a state Form D isn’t filed and pursue enforcement actions of their own unless you’ve scoped out a non-filing exemption that you can hang your hat on.
