With the compliance date kicking in December 18th for the SEC’s new line-item requirement to report material cyber incidents in real-time, it’s worth noting that the complaint that the SEC brought yesterday against SolarWinds and its CISO doesn’t award kudos to the defendants for their eventual decision to report the cyberattack on a Form 8-K. Instead, it doubles down on allegations that those disclosures were misleading:
On December 14, 2020, SolarWinds filed a Form 8-K with the SEC disclosing that its Orion network monitoring software contained malicious code that had been inserted by threat actors as part of a supply-chain attack. The Form 8-K was drafted by a group of executives, including Brown, and signed by SolarWinds’ CEO. That Form 8-K was materially misleading in several respects, including its failure to disclose that the vulnerability at issue had been actively exploited against SolarWinds’ customers multiple times over at least a six-month period in the incidents involving U.S. Government Agency A, Cybersecurity Firm B, and Cybersecurity Firm C.
Form 8-K disclosure may be the last thing on everyone’s mind when a cyber-attack is discovered, which is why you need to integrate this step into your incident response plan on a clear day. The good news (or the bad news, depending on your perspective), is that since the time of the SolarWinds announcement in 2020, we’ve all had a lot more experience with cyber incidents and companies have become more sophisticated with their Form 8-K disclosures, even in advance of the new requirement. Here are a couple of examples. This Cybersecurity Dive article says that the same bad actors might be behind both of these attacks, and that they’re still at large.
John & I blogged earlier this year about the very difficult task of delivering bad news during earnings season. So, this is unfortunate to see:
“Our early read on the third quarter earnings season suggests one of the most challenging reporting periods – across sectors – in recent history.”
That’s from a recent Riveron blog. And while it’s not a very bold prediction given where many companies are finding their stock price, it’s a good reminder that regardless of whether your company gives formal guidance, your friends in Finance & IR may be looking for ways to get creative with Q3 earnings releases – and they also may be faced with extra Q&A during this quarter’s earnings call. Here are a few of the blog’s suggestions:
1. Reinforce the longer-term value of the company
2. Convince the Street that short-term dynamics are ringfenced
3. Focus on 2024 value drivers including those investors who may be overlooking
The Riveron team gives more color on each of these tips, which are definitely the types of messages I would want to be able to deliver if I were an executive trying to reassure my investors. But wearing my “securities lawyer” hat, some of the suggestions made my heart race – for example:
– Discuss sales meetings on the calendar and new partnership discussions in the works, and
– Convey the company’s ability to control the impact of short-term dynamics like inflation and global supply chain disruptions
While it is good to reassure investors that the company has a handle on things, there are many factors beyond the control of boards & executives, and you have to be careful to not be misleading. Plus, plaintiffs’ firms live for these kinds of assurances. So, if you find these types of predictions in your company’s earnings release, I offer these general tips:
– Make your best effort to frame predictions as expectations rather than guarantees.
– Be very clear that the company is speaking only as of the current date.
– Include appropriately tailored cautionary statements – with specific reference to any assumptions on which predictions are based.
– To the extent you’re able, ask questions to confirm that the company does indeed have backup & controls to support its statements. It may be misleading to share only positive aspects of certain topics without also disclosing downsides.
– Consider whether the statements set an aggressive precedent for investor disclosure expectations.
– Confirm that the disclosures align with the company’s other public statements.
Keep in mind that you’ll need to balance all that with making the safe harbor disclaimer as short as possible in the earnings call script – because as Adam Epstein points out, your CEO doesn’t want investors to run for the hills. The Riveron team also suggests taking this opportunity to introduce key operational leaders who are expected to contribute to the business in 2024, and notes that companies should set the stage without overcommitting to a specific timeframe. They make this good point that we can all get behind:
Companies that lead with a clear, compelling, and convincing story of strengthening in the months and years to come do not need to sell the exact timing of these improvements. Rather, it’s more important (and credible) to present a narrative that illustrates how all the elements are in place for a successful 2024.
Visit our “Earnings Guidance” Practice Area for checklists & other practical resources that willare intended to help you as questions arise.
It feels like four years ago that we narrowly avoided a government shutdown, but it’s actually only been four weeks – and it’s likely that our politicians will once again negotiate down to the wire when they revisit whether our government can continue operating past November 17th. Like most things in Washington, this isn’t just a “yes/no” decision. That means that when the SEC (eventually) gets funded, “Congress gonna Congress” when it comes to what exactly the Commission can do with the money.
We’ve bloggedrepeatedlyover the past many years about appropriation bills that would tack on a restriction to the SEC’s ability to issue rules on “political spending” (or in some cases, that would remove the roadblock to rulemaking on that topic). Here’s the typical provision:
None of the funds made available by this Act shall be used by the Securities and Exchange Commission to finalize, issue, or implement any rule, regulation, or order regarding the disclosure of political contributions, contributions to tax exempt organizations, or dues paid to trade associations.
So, here we are again. Even though no “political spending” disclosure rules are contemplated by the hard-driving Reg Flex Agenda that represents Chair Gensler’s priorities, the risk of regulation persists, and appropriations bills that address this topic are making their way through the House & Senate in the form of H.R. 4664 and S. 2309. In addition, two other bills that have been introduced in the House – H.R. 4472 and H.R. 4563 – aim to codify this restriction so that it’s not dependent on the annual appropriations dance. Here’s an excerpt from that last one:
(a) Findings. — Congress finds the following:
(1) From 2010 through 2013, the Internal Revenue Service targeted conservative organizations seeking tax-exempt status. The result of this targeting was obvious—to discourage conservative organizations and individuals associated with them from engaging in the 2012 presidential election after an incredibly successful 2010 midterm election.
(2) In response to this treatment, a large number of conservative organizations sued the Internal Revenue Service. In 2017, a settlement was reached and the Internal Revenue Service was required to issue an apology for its actions.
(3) Congress quickly recognized that the Internal Revenue Service was not the only government agency that could question or threaten the tax-exempt status of disfavored political groups. The Securities and Exchange Commission, an independent government agency, also enjoys some regulatory power in this area.
(4) Beginning in 2015, Congress has included in every appropriations bill that has funded the Securities and Exchange Commission, an appropriations rider prohibiting the agency from using any of the funds made available to “finalize, issue, or implement any rule, regulation, or order regarding the disclosure of political contributions, contributions to tax exempt organizations, or dues paid to trade associations.” See Consolidated Appropriations Act, 2016, H.R. 2029, 114th Cong. § 1 (2015); Consolidated Appropriations Act, 2017, H.R. 244, 115th Cong. § 1 (2017); Consolidated Appropriations Act, 2018, H.R. 1625, 115th Cong. § 2 (2018); Consolidated Appropriations Act, 2019, H.J. Res. 31, 116th Cong. § 1 (2019); Consolidated Appropriations Act, 2020, H.R. 1158, 116th Cong. § 1 (2019); Consolidated Appropriations Act, 2021, H.R. 133, 116th Cong. § 2 (2020); Consolidated Appropriations Act 2022, H.R. 2471, 117th Cong. § 2 (2022); Consolidated Appropriations Act 2023, H.R. 2617, 117th Cong. § 2 (2022).
(5) This prohibition is too important to be subject to yearly renewal. Instead, it must be enacted into permanent law so political organizations of both political parties can rest assured the Securities and Exchange Commission will not target them.
(b) Prohibition. – The Securities and Exchange Commission may not finalize, issue, or implement any rule, regulation, or order regarding the disclosure of political contributions, contributions to tax exempt organizations, or dues paid to trade associations.
I’m not advocating for another disclosure rule, but I have always thought it was a stretch to compare the IRS settlement – which related to allegations that the agency was being extra strict in granting tax exempt status to conservative organizations – to the SEC’s consideration of a rule that would require companies to disclose the use of corporate resources for political activities. In any event, while our politicians have been arguing about it for the past decade, investors & companies have moved on with private ordering.
A new dimension of “political spending” scrutiny that has emerged in the last few years from shareholders and employees is “values alignment.” I blogged earlier this year on our “Proxy Season Blog” about how to respond to shareholder proposals on this topic.
In a sign that companies will continue to face these proposals in 2024, the Interfaith Center for Responsibility sent letters in late summer to the CEO members of the Business Roundtable that call for values alignment for political contributions, along with improved board oversight and public disclosure. Here’s an excerpt:
We believe that BRT companies would benefit from a thoughtful assessment of their political spending and lobbying. We recommend two resources to help guide company policy development and decision-making toward more responsible political engagement.
I. Erb Principles for Corporate Political Responsibility
The first key resource is the Erb Principles for Corporate Political Responsibility, released in March after a lengthy, deliberative stakeholder process by the Erb Institute of the University of Michigan. Developed as a complement to the BRT’s statement on the Purpose of the Corporation and the BRT’s actions to support the peaceful transfer of power in 2021, the Erb Principles propose a practical, non-partisan, and comprehensive definition of corporate political responsibility (CPR) as a first step in establishing CPR as a new norm that will reduce business risk, strengthen civic trust and foster collaborative problem-solving.
The Erb Principles do this by helping companies better align their political influences — including any political spending — with their values, purpose, commitments, and larger responsibilities to a healthy economy, civic institutions, and informed civic discourse. The Principles were designed to provide U.S. companies with a non-partisan, principled thought process for responsible engagement, without prescribing positions on specific issues.
Next week is Election Week. Maybe you have some important local items on your ballot this year, but in my neck of the woods, most people are already bracing themselves for the polarized U.S. Presidential election cycle that will soon be in full swing. That means that corporate “political spending” activities (which are broadly defined!) will continue to attract scrutiny. A recent scandal shows that misplaced contributions can create financial & reputational risks for companies.
In that vein, The Center for Political Accountability recently published this 10-page guide to corporate political spending. The guide suggests solutions to 5 common challenges that arise from contributions to political candidates, trade associations, and other third-party groups. This HLS blog summarizes the key elements:
– Recognize the heightened risks that a company faces from contributions to third-party groups, specifically 501(c)(4) organizations engaged in political spending, trade associations, super PACs and 527 committees. The company needs to know where its money ultimately ends up, what causes and candidates it advances and what risks it is assuming.
– Understand that public companies can no longer publicly claim to support some aspects of a candidate’s platform while disavowing others. The challenge facing a company is that when it supports a candidate, all of the candidate’s actions and positions will be associated with the company.
– Align the company’s political spending with its core values, policies and positions.
– Avoid siloed decision-making. Political spending should fairly reflect the views and interests of the company’s various stakeholders. Companies benefit from active and dynamic engagement among public affairs, government relations and other internal actors responsible for promoting the company’s values, policies and positions and those making political spending decisions.
– Direct corporate contributions to politicians who refrain from punitively targeting companies for their policy decisions, personnel practices, public statements, or other values important to the company’s success and integrity.
– Protect the democratic institutions and rule of law that companies depend upon to operate, compete, and thrive.
I expect that this year’s CPA-Zicklin Index, which rates companies annually on the transparency of their corporate political spending, will be published any day. Last year, the Index expanded to cover Russell 1000 companies.
Check out our “Political Contributions” Practice Area for more benchmarking & practical checklists. We also covered this topic at our recent “Proxy Disclosure Conference” – you can still get access to the video archives & transcripts by emailing sales@ccrcorp.com. The program is also eligible for on-demand CLE credit!
With all the new rules and their associated compliance & effective dates, it is getting difficult to keep track of what will need to change in your next Form 10-K. This memo from Bryan Cave Leighton Paisner is a helpful resource for doing that, with summaries for each of these new 10-K/proxy statement disclosures:
1. Annual cybersecurity disclosures
2. 10b5-1 plan quarterly disclosures
3. Clawback policy and disclosures
4. Share repurchase disclosures
The memo also runs through other “hot topics” that may warrant extra attention as you prepare your reports. And, it looks ahead to additional items that will be required in 2025! Also check out Meredith’s blog from earlier this week on our Proxy Season Blog about potential D&O questionnaire updates (visit our “D&O Questionnaire” Practice Area for our handbook, memos, and samples).
Earlier this week, I jokingly referenced the Commission’s “customary year-end enforcement spree” – a reliable addition to the government’s bottom line. On the final business day this year, the SEC raked in $218 million in fines!
New research in the Journal of Accounting & Economics looks at 20 years of data to figure out whether the “September Spike” is really a thing – and if so, whether it can be explained away by market or other factors. Here’s an excerpt about the case volume at the SEC’s FYE:
We find that the average number of cases (of any category) filed in September is almost double the average in other months, and that the median percentage of total annual cases filed in September is 16%. We refer to higher case volume in September relative to other months as the “September spike” and document variation in the size of this spike across time.
Our results are consistent with trends described in the financial press and examined by legal scholars. The Wall Street Journal, for example, reported an uptick in case volume in September 2013 (Eaglesham, 2013b), and subsequent legal research has shown similar upticks over longer sample periods (Velikonja, 2017; Choi, 2020). We extend the descriptive and graphical evidence in these articles by showing that the September spike is robust to controlling for various factors that may influence case volume, such as trailing securities class actions, SEC investigations, and other market factors.
The researchers found that the spike is larger when case totals are lagging the prior year, and smaller when the Chair is in their first year in office. It’s also larger when the SEC’s spending exceeds its budget authority and when the Enforcement Division has more resources. Does it matter? The authors suggest that in “high-spike” years, the resolutions of complex and possibly egregious cases are getting kicked down the road:
Regarding case selection, we create measures of case complexity and find that SEC staff prioritize less complex cases at fiscal year-end. Specifically, the standalone cases filed in September are significantly more likely to reference defendant cooperation and to only name companies as defendants, and are less likely to include a fraud allegation and to reference parallel criminal proceedings. For instance, September cases are approximately 11% less likely to include fraud allegations than cases filed in other months.
The annual year-end pressure might also give companies more leverage for settlements:
We find that defendants receive lower financial sanctions—both disgorgement and civil penalties—when they settle in September. On average, our results suggest the SEC discounts financial sanctions for cases filed as settled charges in September by approximately $132,000—an economically meaningful discount, given that the average financial sanction is $270,000. We also find an 11% lower likelihood of a large financial sanction in September.
As far as whether companies need to be on their best behavior in September, a graph on pg. 45 shows that the number of investigations remains steady year-round. Fiscal year end is just a good time to negotiate a settlement.
Speaking of disclosures to watch in your upcoming reports, we’ve posted the transcript for our recent “Corporate DEI Programs After Students for Fair Admissions v. Harvard” webcast featuring J.T. Ho, Partner at Orrick, Ngozi Okeh, DEI Editor of PracticalESG.com, and Travis Sumter, Labor & Employment Attorney at NextRoll. Our panelists offered their insights about how to navigate the increasingly complex surroundings in which corporate DEI programs operate.
The webcast covered:
– Overview of the Students for Fair Admissions v. Harvard Decision
– Legal Framework Governing Corporate DEI
– Potential Vulnerabilities of Corporate DEI Programs
– Mitigating DEI Legal Risks
– Dealing With Pro- and Anti-DEI Activism
This was a joint webcast with PracticalESG.com. If you are not a member of TheCorporateCounsel.net or PracticalESG.com, email sales@ccrcorp.com to sign up today and get access to the full transcript – or sign up online.
Programming note: In observance of the federal holiday on Monday, we will not be publishing a blog. We will be back on Tuesday!
This HLS blog details recent CEO succession trends among the Russell 3000 and S&P 500 – with data & analysis from The Conference Board, Heidrick & Struggles, and ESGAUGE. Here’s one trend that jumped out:
The rate of inside promotions to the CEO position in the Russell 3000 increased from the prior years, reaching 73.5 percent of incoming CEOs in 2022—the highest since The Conference Board and ESGAUGE began tracking these statistics. In the S&P 500, the rate of inside promotions is projected at 84.6 percent for 2023, one of the highest ever recorded and higher than the historical average (78.8 percent since 2011). In 2022, Real Estate, Utilities, and Financial companies reported the highest rate of internal promotions to the EO role (93.3 percent, 91.7 percent, and 86 percent, respectively), while Communication Services companies had the highest percentage of outside CEO hires (64.3 percent).
What’s more, companies aren’t just promoting internal executives, they are awarding the golden ticket a few years sooner than has been the case historically:
While a critical source of CEO talent continues to be long-serving executives promoted from within, data suggests that after the pandemic, boards fast-tracked inside promotions to the chief executive post. As of the end of 2022, the average tenure-in-company of internally promoted CEOs was 12 years in the S&P 500 and 10 years in the Russell 3000, lower than the historical averages of 16 years and 11 years, respectively. The share of “seasoned executives”—or those with at least 20 years of company service—was also lower than the historical averages (17.3 percent in the S&P 500, compared to a 32.2 percent 5-year average; and 15.0 percent in the Russell 3000, down from a 17.8 percent historical average).
The blog points out that there’s significant variance across industries but says the data could suggest changing perceptions of leadership. Specifically, boards might be embracing new leadership traits around innovation & adaptability. Lastly, the more rapid ascent of executives makes leadership development even more important. The blog gives these final thoughts:
The decline of tenure-in-company and “seasoned executives” in a year where the overall rate of CEO succession increased may also suggest that companies accelerated their leadership development process to expand their pool of CEO candidates. To help mitigate human capital risks, the entire board should review, at least annually, the leadership development process within their companies and scrutinize internal succession candidate lists.
A fun project that often accompanies board meeting preparation is “benchmarking.” This used to mean combing through peer SEC filings to find information from other companies on whatever specific data point your boss or the board had inquired about. If you were lucky, secondary commentary would exist and give you a starting point. Good news! While peer disclosures & trend summaries absolutely remain valuable as sources for context and analysis, there are new tools these days to add to your toolbox.
Here’s a handy dashboard from The Conference Board, ESGAUGE, and Heidrick & Struggles that is updated weekly with info on CEO succession announcements in the Russell 3000 and S&P 500. I’ve also recently been using these dashboards to track trends on compensation, board practices, shareholder proposals, and ESG. You can filter by index, company size, and business sector – and browse data about:
1. Succession Rates – generally, across performance quartiles, across age groups, and share of forced successions
2. CEO Profile – various demographic categories and tenure
3. Departing CEOs – similar demographic categories, tenure, reasons for departure, and number of forced CEO departures (and why)
4. Incoming CEOs – demographics
5. Placement Types & Other Practices – inside appointments, non-executive directors appointed as CEOs, interim CEOs, practices for announcement & effectiveness dates, outside hires, and more
