Author Archives: Liz Dunshee

Recently, the PCAOB published its anticipated focus areas for auditor inspections. Being familiar with the inspection priorities can help audit committees understand auditor work plans and areas of sensitivity – and can also give advance notice of which areas could present accounting or reporting challenges in the upcoming year. I blogged last October about the findings from the 2021 inspection cycle.

This blog from Dan Goelzer summarizes the 10 topics that the PCAOB plans to scrutinize. Here’s info from Dan (who is a SASB member, retired Baker McKenzie partner, former Acting Chair of the PCAOB, and former GC at the SEC):

The staff discusses ten areas on which 2022 inspections will focus:

Fraud and Other Risks. The inspection staff will emphasize audit procedures that address risks of material misstatement, including fraud. Some specific risk areas are IPOs or significant M&A activities, including SPAC transactions; the effects of supply chain disruption; and volatility due to fluctuations in interest rates and inflationary trends. Industries prone to supply chain disruption risks include electronic components and equipment, automobile, retail, and materials. Industries prone to COVID-19 related risks include airlines, hospitality, and entertainment. Inspectors will also review the auditor’s assessment of fraud risk, including whether the company’s controls sufficiently address identified risks, such as the risk of management override of controls.

The Spotlight lists five specific accounting and auditing risks:

o Unreasonable assumptions affecting revenue recognition due to the negative effects of the COVID-19 pandemic and supply chain disruptions.

o Unreasonable assumptions used in projections to account for business combinations or in testing goodwill or other intangibles for impairment.

o Earnings manipulation as a reaction to margin pressures driven by rising costs.

o Inventory existence and valuation (e.g., challenges in observing in-transit inventory and in valuation due to supply chain disruptions and rising costs).

o Financial, economic, and business uncertainties that impact the assessment of the company’s ability to continue as a going concern.

IPOs and M&A Activity. IPOs and M&A, including SPAC transactions, present reporting and audit risks due to transaction complexity and variations in company readiness to comply with public company financial reporting and internal control requirements. For SPAC and de-SPAC transactions, inspectors will focus on the auditor’s work in the areas of financial instrument valuation; determination of whether a business combination should be accounted for as a reverse merger; internal controls; financial statement presentation and disclosures; and restatements.

Audit Firms’ Execution Challenges. Inspectors will review firm policies and procedures for assigning professionals with appropriate qualifications to audit engagements and whether firms are modifying their supervision and review procedures appropriately. The Board also plans to select engagements for review where the lead engagement partner is new to the engagement, including those resulting from partner turnover.

Broker-Dealer-Specific Considerations. In inspections of securities broker-dealer audits, the staff will examine how auditors addressed the risk of misappropriation of customer assets at broker-dealers that hold customer funds.

Independence. Independence will remain a focus area in 2022. In particular, inspectors may:

o Analyze audit firm independence assessments, including relationships that present threats to objectivity and impartiality, and firm-identified violations of independence rules.

o Evaluate compliance with the independence rules related to permissible non-audit services and their preapproval.

o Review audit firm communications with audit committees concerning independence.

o Review audit firm responses to independence-related quality control concerns identified in past inspections (e.g., high rates of exceptions in independence compliance testing).

Use of Service Providers in the Confirmation Process. Inspectors will review procedures for maintaining control over confirmation requests and responses, particularly in cases where the auditor arranges for service providers to assist in the confirmation process by electronically sending and receiving confirmations.

Critical Audit Matters (CAMs). Inspection procedures will include: (1) engaging in discussions about CAMs with engagement teams and certain audit committees; (2) reviewing CAMs in the auditor’s report; (3) reviewing whether certain matters communicated to the audit committee were included in the audit firm’s procedures to determine CAMs; and (4) reviewing the engagement team’s determination of whether a matter was a CAM.

Audit Areas With Continued Deficiencies. Inspectors will focus on areas in which audit deficiencies commonly recur, including revenue recognition and related risk assessment; allowance for loan losses and other accounting estimates; and internal control over financial reporting, particularly controls with a review element.

Firms’ Quality Control Systems. Inspectors will assess audit firms’ compliance with the PCAOB’s quality control standards. Among other things, they will consider the impact of the COVID-19 pandemic and of the current economic environment in gaining an understanding of firm quality control systems.

Technology. Inspectors will focus on three technology-related areas:

o Auditing digital assets. Companies with material digital asset holdings and transactions will be selected for inspection, where appropriate, with an emphasis on assertions related to existence, valuation, rights and obligations, and financial statement disclosures.

o Responding to cyber threats. Inspection procedures will evaluate the auditor’s response to identified cybersecurity breaches and known security vulnerabilities.

o Use of data and technology in the audit. Inspectors may inquire about changes in the use of technology and seek to obtain an in-depth understanding of how auditors are using technology in identifying and responding to risks of material misstatement.

Visit our “Audit Committees” Practice Area for more PCAOB commentary, checklists, and other practical guidance for committee practices & emerging challenges.

– Liz Dunshee

It’s that time of year: take care of the housekeeping tasks that will put a bow on your successful annual shareholder meeting. A member recently posed this question in our “Q&A Forum” (#11,190):

Is it good governance practice to have the board of directors review and approve minutes of the annual stockholder meeting?

John responded:

Yes. The annual meeting of stockholders is a statutory requirement, and it is important to ensure that an accurate record of the event is prepared. Board review of the minutes and related materials in order to ensure that they demonstrate that the meeting has been duly called and noticed and that they accurately and completely reflect the matters addressed at the meeting is a good practice.

We have over 30 checklists that offer practical, step-by-step guidance on handling annual meeting issues. Find them in our “Annual Shareholders’ Meetings” Practice Area or under the “Checklists” tab in the blue navigation bar on our home page. If you aren’t already a member with access to those resources, sign up now and take advantage of our no-risk “100-Day Promise” – During the first 100 days as an activated member, you may cancel for any reason and receive a full refund.

– Liz Dunshee

My family & I recently visited the Smithsonian’s National Museum of American History, where we joined other sweaty tourists in marveling over the prehistoric (2014) copy of Bitcoin Magazine that has made its way into the “Value of Money” exhibit. The SEC has taken a big interest in crypto as well – and in some ways, from job postings to recent Congressional testimony, they’re making exactly zero attempts to hide it. On the other hand, the agency hasn’t come out and proposed rules.

To that end, late last week, the Commission made a big splash by announcing the first-ever insider trading case involving digital assets, which was predicted earlier this month in this Dechert memo. According to the SEC’s complaint, a former Coinbase product manager – who had access to confidential listing announcements – was allegedly passing tips to his brother and friend to trade in certain crypto assets before Coinbase announced that those tokens would be available for trading on their platform. The DOJ brought a parallel criminal action out of the Southern District of New York, based only on wire fraud allegations (i.e., theft of Coinbase’s information).

This Simpson Thacher memo outlines & elaborates on these key takeaways:

1. SEC takes the position that some of the tokens were securities

2. DOJ & SEC pursue different charges

3. Blockchain anonymity poses no obstacle

4. Crypto policing efforts ramping up

Much of the SEC’s case turns on whether certain tokens that were involved here are “securities” under the Howey test. Because the success (or failure) of those claims will have broader repercussions for the crypto industry – as explained in this Wachtell Lipton memo – lots of folks are up in arms about this case being a “back door” approach to rulemaking. People who want the market to remain unregulated have even gained an ally in another agency that is jockeying for position – with a CFTC Commissioner calling the case “regulation by enforcement.”

Georgetown Law prof Adam Levitin pushed back on that criticism in a Twitter thread that makes some good points. Here’s what the WLRK folks have to say:

While we have previously called for measures to enhance cryptoasset market integrity, the SEC’s allegation that the cryptoassets at issue are securities — against the backdrop of other recent enforcement actions — underscores the need for clarity about whether and how the securities laws apply to particular cryptoassets. While the SEC has promulgated a complex, fact-intensive framework for determining whether a particular cryptoasset is a security, and SEC officials have informally expressed the view that many cryptoasset platforms are trading securities, the agency has generally refrained from opining on the legal status of specific cryptoassets (with notable exceptions including Bitcoin and XRP) and even has avoided stating which cryptoassets constitute securities in a previous enforcement action against a cryptoasset promoter. For their part, a number of centralized U.S. cryptoasset exchanges have explicitly noted that they only list assets that they determine not to be securities.

We express no view here as to the legal status of any of the cryptoassets in question. But the SEC’s allegation that nine of the traded cryptoassets are securities poses important issues beyond this case. Most significantly, it spotlights the risk that cryptoassets may be presumed to be securities — with substantial legal and economic consequences — on the basis of civil enforcement actions in which cryptoasset developers, exchanges, and users are not litigants. That presumption raises a number of practical questions for market participants that typically would be addressed in a rulemaking process under the Administrative Procedure Act. Without such a process, market participants must confront the risks of continuing to develop, list, or transact with cryptoassets with limited transparency on how the SEC may apply the securities laws.

We’re posting memos in the “SEC Enforcement” subsection of our “Crypto” Practice Area. If you aren’t already a member with access to those resources, sign up now and take advantage of our no-risk “100-Day Promise” – During the first 100 days as an activated member, you may cancel for any reason and receive a full refund.

– Liz Dunshee

Late yesterday, Bloomberg broke news that the SEC is investigating whether Coinbase allows trading in digital assets that should be registered as “securities.” The charges haven’t been publicly confirmed by the Commission or the company.

This would be an even more direct enforcement attack on the crypto space than last week’s insider trading action. If the SEC pursues the claim & wins this interpretive issue, it would trigger a cascade of rules and may require Coinbase to register as an exchange. Here’s an excerpt:

The US Securities and Exchange Commission’s scrutiny of Coinbase has increased since the platform expanded the number of tokens in which it offers trading, said two of the people, who asked not to be named because the inquiry hasn’t been disclosed publicly. The probe by the SEC’s enforcement unit predates the agency’s investigation into an alleged insider trading scheme that led the regulator last week to sue a former Coinbase manager and two other people.

In a 32-page petition submitted last week (the same day as this blog that the company’s CLO posted in response to the SEC’s insider trading complaint), Coinbase called on the SEC to propose and adopt rules to govern the regulation of digital assets, and accused the Commission of an enforcement-first approach to regulatory challenges. Coinbase – which has enlisted quite a lot of brainpower to analyze these issues – takes the position that the tokens that it lists on its platform aren’t “securities.” Its petition includes 50 multi-part questions for the Commission to consider and seek public input on.

– Liz Dunshee

In our “Insider Trading Policies” Handbook, we’ve long noted that the SEC has touted its use of data analytics to identify suspicious trading patterns. A year ago, I blogged that those tools seem to be getting even more advanced. That’s a useful point to know & share if you’re on the compliance side, trying to instill fear & obedience. If you’re a bad guy, it’s not such happy news.

Yesterday, the SEC announced that it’s added a few more notches to its “data analytics” belt. Here’s more detail:

The Securities and Exchange Commission today filed insider trading charges against nine individuals in connection with three separate alleged schemes that together yielded more than $6.8 million in ill-gotten gains. Those charged include a former chief information security officer (CISO), an investment banker, and a former FBI trainee, all of whom allegedly shared confidential information with their friends, who then traded on that confidential information. Each of the three actions announced today originated from the SEC Enforcement Division’s Market Abuse Unit’s (MAU) Analysis and Detection Center, which uses data analysis tools to detect suspicious trading patterns.

The SEC also announced insider trading charges yesterday against a retired US Congressional Representative and former prosecutor who allegedly traded on MNPI he received as a consultant after leaving Congress. Insider trading: don’t do it! See our “Insider Trading Policies” Practice Area for lots of resources that can help you convince your colleagues, friends & clients to stay on the right side of the law.

– Liz Dunshee

In 2019, SCOTUS set the stage for expansive “scheme liability” under Exchange Act Rule 10b-5(a) & (c) in Lorenzo v. SEC. Unlike primary liability under Rule 10b-5(b), scheme liability under subsections (a) & (c) can attach to someone who didn’t “make” the misrepresentation or omission. When the 10th Circuit applied Lorenzo later that year, it put an exec on the hook for “disseminating” false & misleading statements.

In what’s good news for those involved with preparing disclosures and supporting documentation, the 2nd Circuit – which has been called the “Mother Court” of securities law in another SCOTUS decision, according to this Paul Weiss memo – recently held that an actionable claim under subsections (a) and (c) must be based on more than alleged misrepresentations & omissions alone. There must be “something extra.”

This MoFo memo summarizes the holding of the new case – SEC v. Rio Tinto – here’s an excerpt:

“individuals who helped draft, research, print, or wordsmith [a] statement at some point in time, but who lacked ultimate control, cannot be primarily liable.” Read alongside the Supreme Court’s Janus decision, the Rio Tinto Court explained, Lorenzo “signaled that it was not giving the SEC license to characterize every misstatement or omission as a scheme.” The Second Circuit reasoned that Janus would be undermined if scheme liability were expanded to encompass mere participation.

The Rio Tinto Court further cautioned that expanding scheme liability to reach actors other than the “makers” of misstatements would lower the bar for private plaintiffs, who face a heightened pleading standard for Rule 10b-5(b) cases under the Private Securities Litigation Reform Act that does not apply to scheme liability cases.

Similarly, limiting statements cases to subsection (b) would maintain the distinction between cases the SEC could pursue from those private plaintiffs could bring — i.e., the SEC, but not private plaintiffs, may pursue aiders and abettors of Section 10(b) violations. Embracing the “SEC’s reading of Lorenzo,” the Second Circuit explained, would be contrary to Supreme Court precedent and would undermine “Congress’ determination that this class of defendants should be pursued by the SEC and not private litigants.”

While this is encouraging news in the short term, the “something extra” that can trigger scheme liability remains undefined. The MoFo memo emphasizes that more cases are in the hopper. Corruption of the audit process or concealment of info from auditors could be examples of actions that would trigger liability under these provisions. Stay tuned to our “Securities Litigation” Practice Area for instructions on how these complex cases could affect your processes for preparing SEC filings and your guidance to clients.

– Liz Dunshee

When it comes to being sued for alleged misstatements or omissions, forward-looking statements can be fertile ground for plaintiffs and the SEC. This Woodruff Sawyer blog recounts a Tesla case from last year that took issue with production estimates.

As anyone who’s spent their early associate years combing through “cautionary statements” knows, there’s an art to making sure the forward-looking statements are reasonable and that cautionary language accompanies the statements and is specific enough to protect the company under the Private Securities Litigation Reform Act. Now is a good time to audit your process and ensure you’re keeping up with best practices. The blog walks through these pointers:

1. Review your forward-looking statements disclaimers often.

A company is best served to regularly review the cautionary statements included in its forward-looking statements disclaimers. This will help ensure that the cautionary statements reflect the risks and circumstances impacting the company at any given time. While a quarterly review of the forward-looking statements disclaimers is a good practice, reviewing in conjunction with ongoing public disclosures is a best practice. That is, companies should be mindful to consider updating forward-looking statements disclaimers to account for new risks related to its business, market, or other conditions (e.g., the COVID-19 pandemic, global conflict).

2. Pressure-test forward-looking statements.

This one may be obvious, but it’s still important to stress that there must be a reasonable basis underlying each of the forward-looking statements your company expects to make and to confirm in advance of repeating those statements. For example, if your management team is slated to provide an update on the company’s strategy and financial outlook at a company-sponsored investor day, there should be a robust internal review and confirmation of each forward-looking statement included in the slide presentation, as well as any related scripts and talking points.

3. Ensure the forward-looking statements are appropriately qualified by cautionary statements.

Forward-looking statements should be accompanied by cautionary statements tailored to your company’s circumstances. These cautionary statements should help investors understand how your forward-looking statements may differ materially from the company’s expectations. For example, if your company is a clinical-stage pharmaceutical company and you expect to make forward-looking statements regarding the timing of clinical trial results as part of an investor presentation, the disclaimer should include cautionary statements that speak to clinical trials. Certain risks that may be appropriate for your disclaimer to reference may include anticipated challenges or delays in conducting your clinical trials; difficulty obtaining scarce raw materials and supplies; resource constraints, including human capital and manufacturing capacity; and regulatory challenges.

4. The forward-looking statements disclaimer should be reviewed/managed by a cross-functional team.

Most companies delegate management of the forward-looking statements disclaimer to its legal function. As a best practice, companies should ensure that other functions (e.g., Finance, Investor Relations, Accounting) are also involved in the review and commenting process. A robust process will help to establish that the cautionary statements included in your forward-looking statements disclosure can stand up to claims that the disclaimer was not reflective of the current risks and/or circumstances that could impact your business.

5. State at the outset of events where forward-looking statements will be made that such statements will be made and where to find the associated cautionary statements.

As noted earlier, in the case that your company will be making oral forward-looking statements, ensure that a company representative orally states that the company will be making forward-looking statement and reference that cautionary language is contained in a “readily available” written document. This oral statement should be consistent across different settings. There may be a tendency to truncate the oral statement that is used during earnings calls when it comes to more informal events like a company town hall or fireside chat. That should be avoided.

6. Include forward-looking statements disclaimers in certain internal presentations and communications.

As discussed earlier, certain internal presentations may call for the inclusion of forward-looking statements disclaimers. Certain internal communications, like company-wide emails, may fall into the same category. Best practice would be to establish guidelines regarding which internal presentations and communications call for these disclaimers. These guidelines can then be shared with the functional teams that organize internal presentations and communications with the instruction that they involve Legal early in the planning process.

7. Don’t forget about your website and social media presence.

Many companies include forward-looking statements disclaimers on their websites. These disclaimers are typically linked to via a section in the footer or included in the website’s terms of use. Social media is another area where companies make forward-looking statements. If you are one of these companies, it is a good idea to identify who manages your company’s website and social media presence. Best practice would be to educate those teams as to the importance of forward-looking statements disclaimers and establish a process whereby those teams can easily collaborate with Legal to ensure compliance with securities laws.

Visit our “Forward-Looking Statements” Practice Area for more practical guidance on crafting cautionary statements – including examples and court opinions that show how disclosures can be challenged.

– Liz Dunshee

With the soon-to-be-effective universal proxy rules being a hot topic for anyone who advises boards or activists or who has a hand in proxy season, I wanted to highlight this recent “Deal Lawyers Download” podcast that John taped with Goodwin’s Sean Donahue about the rules. This is a follow-up to the popular DealLawyers.com webcast – “Universal Proxy: Preparing for the New Regime” – that we held earlier this year.

Topics addressed in this 19-minute podcast include:

– How will universal proxy change the dynamic of proxy contests?

– What strategic and tactical opportunities does universal proxy create for activists?

– What are some vulnerabilities that public companies may not have focused on?

– What should public companies do between now and September 1 to put themselves in the best position to deal with the universal proxy rules?

A lot of folks expect universal proxy to redefine the rules of the game – and on such a high-profile topic, you don’t want to be caught flat-footed. In addition to the webcast and podcast I already mentioned, visit the DealLawyers.com “Proxy Fights” Practice Area for more guidance. Also, stay tuned for additional members-only content on DealLawyers.com that will help you prepare to hit the ground running.

If you aren’t already a member of DealLawyers.com, sign up now and take advantage of our “100-Day Promise” – During the first 100 days as an activated member, you may cancel for any reason and receive a full refund! You can sign up online, by calling 800-737-1271, or by emailing sales@ccrcorp.com.

John’s also having a blast with these “Deal Lawyers Download” podcasts – here are all the episodes he’s taped so far. If you have something you’d like to talk about, don’t hesitate to email him at john@thecorporatecounsel.net. He’s wide open when it comes to topics – an interesting new judicial decision, other legal or market developments, best practices, war stories, tips on handling deal issues, interesting side gigs, or anything else you think might be of interest to the members of our community are all fair game. We view these sites as a resource that the community participates in, and hearing from members is one of the best parts of any day!

– Liz Dunshee

Early last year, I blogged that business had emerged as a beacon of trust in stormy times. Eighteen months later, we’re stuck in disinformation quicksand – and we’ve now reached record-low average confidence across all institutions. That’s according to the latest edition of a Gallup poll that’s been measuring sentiment for over four decades. Here’s more detail on business-related institutions (ranked from highest to lowest confidence):

– Organized Labor: Unions held steady with 28% of participants having a “great deal” or “quite a lot” of confidence in organized labor both this year and last year.

– Banks: Banks garnered confidence from 27% of participants – down from 33% last year. Republicans have lost more confidence in banks than the other party groups have.

– Big Tech: 26% of participants have confidence in large technology companies. This is also a low point, but Gallup has only measured confidence in this category for the past 3 years.

– Newspapers: Newspapers dropped by 5 points, to 16%.

– Big Business: Only 14% of survey participants have a “great deal” or “quite a lot” of confidence in “big business” – down from 18% last year. This is the lowest level since at least 1979.

– TV News: Televised news also dropped by 5 points, to 11%.

The poll doesn’t analyze what’s driving the decline in confidence for each specific institution. For big business, sentiment is lowest among Democrats and Independents (both at 13%), whereas confidence among Republicans is hovering at 19% (just 1 point lower than last year). And although “big business” is bottoming out, 68% of Americans have a lot of confidence in “small business” – more than any other institution. It sure would be nice if we could bottle up that confidence and sprinkle it everywhere else.

– Liz Dunshee

What gives? Why is confidence in “big business” dropping while “small business” continues to win friends & influence people? Please participate in this anonymous poll to share your thoughts:

– Liz Dunshee