I continue to team up with Courtney Kamlet of Vontier to interview women (and their supporters) in the corporate governance field about their career paths – and what they see on the horizon. We recently celebrated our two-year anniversary of this series. Check out our latest episodes!
– Ginny Fogg, recently retired General Counsel of Norfolk Southern
– Michelle Leder, Founder of the financial news site footnoted*
– Karen Francis, Senior Advisor at TPG Capital, and Board Chair at Vontier Corporation
– Jackie Cook, Director of Sustainable Stewardship Research at Morningstar
– Lily Brown, Partner at WilmerHale
– Liz Dunshee
You know we love “fake SEC filings” around here – and this CNBC article recaps quite the scheme. Allegedly, a group of scammers scooped up shares from dormant shells that were still trading sporadically on the OTC. After using fake resignation letters and statements to reinstate the companies’ state corporate registrations and get the companies’ EDGAR codes, they filed 8-Ks to say that they were the new execs/directors, issued press releases about completely fabricated deals, and dumped the stock at an inflated price. Yesterday, the SEC announced that it had filed a complaint against the apparent ringleader.
Although I’m somewhat impressed and flattered that these folks would take the time to understand the mechanics of EDGAR and Secretary of State filings, I’m left thinking that these steps turned the pump & dump into an extra well-documented crime. They used their real names in the filings!
I’m also a little disappointed. If the alleged scammers were trying to appear legitimate, they should’ve gone all the way and made the other required filings, like the press releases and periodic reports. Maybe these filings were made and have since been removed – but if not, I’d like to know whether it was the time & effort that held them back from doing that, or if they simply decided that more securities fraud was a bridge too far.
While I’m nit-picking, here’s another suggestion for improvement: at least some of the companies also had suspended their Exchange Act filing obligations many years in advance of the Item 5.02 filing. It’s suspicious to drop a new Form 8-K out of nowhere. What legitimacy was gained from all this work?
I’m definitely not giving crime advice here, and I’m too risk averse to understand the appeal of any of this – especially for a mere $100k in trading profits! But what I’ve learned today is that it’s probably better to just stick to message boards and social media for your pump & dump.
– Liz Dunshee
A recent Gartner survey of 166 public & private companies found that 62% expect audit fees to increase this year. The survey also found that companies that automate at least a quarter of their internal controls paid 27% lower audit fees on average, and that companies have some success in keeping fees down through negotiation.
Dan Goelzer’s latest newsletter provides a nice summary of all the findings. Here are a few takeaways:
– Companies in the banking and insurance sectors had the highest percentage of fee increases – 69 percent of those respondents reported increases. The technology/telecom sector had the lowest percentage of fee increases – 41 percent of respondents in that sector reported increases in 2020.
– Of the companies in all industries that reported fee increases, 22 percent reported increases of 6 percent or more, compared to 2019.
– Companies that sought to negotiate fees with their auditor were frequently rewarded. Gartner reports that, of the respondents that undertook negotiation, 45 percent said their fees decreased by more than 6 percent, while half were able to decrease their fees by 3 to 6 percent.
– Companies with fewer controls were the greatest beneficiaries of automation. Respondents with less than 50 controls, and more than 25 percent of those controls automated, reported 52 percent lower audit fees, compared to companies with less than 25 percent of automated controls.
Dan says that other surveys also indicate that fees could jump this year – so audit committees may want to look at internal control automation & fee negotiation as cost-control tools.
– Liz Dunshee
Tune in tomorrow for the CompensationStandards.com webcast – “Proxy Season Post-Mortem: The Latest Compensation Disclosures” – to hear Mark Borges of Compensia, Dave Lynn of CompensationStandards.com and Morrison & Foerster and Ron Mueller of Gibson Dunn analyze this year’s wild say-on-pay results, key 2021 lessons, ongoing pandemic-related issues, ESG metrics, CEO pay ratios, status of SEC rulemaking, and what to start thinking about for next year.
If you attend the live version of this 60-minute program, CLE credit will be available! You just need to submit your state and license number and complete the prompts during the program.
Members of this site are able to attend this critical webcast at no charge. If you’re not yet a member, subscribe now. The webcast cost for non-members is $595. You can renew or sign up online – or by fax or mail via this order form. If you need assistance, send us an email at info@ccrcorp.com – or call us at 800.737.1271.
– Liz Dunshee
The Enforcement Division is contacting companies that may have been affected by the December 2020 SolarWinds cyberattack, according to an alert that Brian Breheny, Raquel Fox and others on the Skadden team sent to clients over the weekend. If you get an inquiry, you need to act fast if you want to get “cooperation credit” in exchange for info that you provide. Here’s an excerpt:
In broad strokes, the SEC is offering amnesty to companies who voluntarily disclose (i) how the company was impacted by the SolarWinds cyberattack, and (ii) any remedial actions the company implemented in response, to the extent that those voluntary disclosures show that the company failed to make prior required disclosures or maintain adequate internal controls. Companies must also preserve documents related to the SolarWinds cyberattack, and any other cyberattack since October 2019. Companies who learned of the SolarWinds cyberattack before September 2020 are ineligible for amnesty.
Companies must inform the SEC whether they intend to provide the requested information by June 24, 2021, and provide the information by July 1, 2021, although extensions may be requested for “extenuating circumstances.”
Amnesty will not extend to other securities violations related to the SolarWinds cyberattack (e.g., Reg FD violations, insider trading). If a Company chooses not to participate and the SEC otherwise learns that the company did not appropriately disclose or prevent/remediate the SolarWinds cyberattack, the SEC intends to pursue enforcement actions with heightened penalties.
Although the SEC did not disclose how it selected recipients of the voluntary request, SolarWinds previously disclosed DOJ, SEC and State AG investigations related to the cyberattacks (in addition to civil litigations) so the SEC may have SolarWinds data and documents, including customer lists.
– Liz Dunshee
Last week – by a single vote – the House passed the “Corporate Governance & Investor Protection Act.” Among other things, the bill would amend the Exchange Act to require new ESG-type disclosures. It consists of 5 parts:
– Title I, the “ESG Disclosure & Simplification Act”
– Title II, the “Shareholder Political Transparency Act”
– Title III, the “Greater Accountability in Pay Act”
– Title III, the “Climate Risk Disclosure Act”
– Title V, the “Disclosure of Tax Havens & Offshoring Act”
This Twitter thread from Ann Lipton walks through some of the nonsensical parts of the bill, while this Accounting Today article gives a more straight-faced recap of the tax component:
The ESG bill would require the Securities and Exchange Commission to create a standard definition of ESG metrics and mandate that the SEC require standardized ESG disclosures. The tax havens bill would provide investors and the public with greater transparency about corporations’ use of tax havens and tax incentives for outsourcing jobs abroad, requiring public companies to disclose their financial reporting on a country-by-country basis about the extent to which they are using tax havens or offshoring jobs.
The overall legislative package would impose greater requirements on companies to disclose their use of offshore tax havens and provide ESG disclosures in a standard way. The legislation comes at a time when various ESG standard-setters have begun working together more closely to align their varying standards, as the SEC and financial regulators in other countries take more of an interest in requiring ESG and climate risk disclosures from companies.
The G-7 finance ministers included language in their announcement this month backing recent moves by the International Financial Reporting Standards Foundation to establish an International Sustainability Standards Board. At the same time, the Organization for Economic Cooperation and Development and the G-7 have also been moving toward country-by-country reporting of taxes by multinational companies to curb tax avoidance strategies along with a global minimum tax rate.
The suggestion that this type of tax disclosure should be included in SEC filings struck me as onerous and unrelated to typical investor-focused disclosures – but Accounting Today notes that the info is already privately provided to the IRS. Making public disclosure about tax loopholes part of a “corporate governance” bill may be an early signal that aggressive tax planning could be flagged as being at odds with ESG, especially as the impact of tax disparities is getting attention internationally and domestically. However, the narrow margin of approval in the House suggests that this legislation is exceedingly unlikely to pass in the Senate.
– Liz Dunshee
Next April will mark the 10-year anniversary of the JOBS Act. WilmerHale’s recent “IPO report” devotes a couple of pages to analyzing the evolution of regulations & practices since “emerging growth companies” hit the scene.
In many ways, EGCs paved the way to greater relief for all issuers. Page 10 of the memo recaps how the confidential submission process has been expanded to allow all companies the opportunity for nonpublic review of registration statements – and how financial disclosure requirements have also been eased for all companies.
There’s also been an uptick in EGCs taking advantage of the accommodations that are available under the rules. Here’s an excerpt about delayed application of new accounting standards:
EGCs may choose not to be subject to any accounting standards that are adopted or revised on or after April 5, 2012, until these standards are required to be applied to nonpublic companies. In the past few years, a major shift in EGC practices has occurred.
– Through 2016, the vast majority of EGCs, regardless of industry, opted out of the extension of time to comply with new or revised accounting standards. This decision appears to have been motivated by the uncertain value of the deferred application of future, unknown accounting standards, and concerns that a company’s election to take advantage of the extended transition period could make it more difficult for investors to compare its financial statements to those of its peers.
– The percentage of EGCs adopting the extended transition period jumped from 11% through 2016 to 63% between January 1, 2017, and December 31, 2020. This trend has been most pronounced among technology companies, with the percentage electing the extended transition period spiking from 12% to 71% between these periods (including 94% in 2020), and life sciences companies, with the percentage increasing from 10% to 62% (including 90% in 2020). This change in behavior appears to have been motivated by the desire of many EGCs to delay the application of the new accounting standards for revenue recognition (ASC 606) and lease accounting (ASC Topic 842) or, at a minimum, to take more time to evaluate the effects of the new standards before adopting them.
– Liz Dunshee
Big thanks to member Sundance Banks for alerting us to what appears to be a pretty widespread whistleblower hoax, and to others who have provided more background over the last few days, including WilmerHale’s Susan Muck & Kevin Muck. Many companies maintain an email inbox at which employees can submit concerns about accounting or compliance matters, in addition to their third-party ethics hotline. An anonymous gmail account has been pinging those inboxes with a message that starts like this:
Dear Ethics Committee,
I am a long-time employee, but for the purpose of this report, I request to remain anonymous. I also do not want to name the person this report is about, at least for the time being. I would like to bring to your attention an incident that happened a while back to see whether it warrants any action on my part.
My boss, whom I’ve worked with for years now, and in any respect had been a stand-up person I look up to, has confided in me about stock trading they’ve made the past year. He/She shared with me the fact that they’ve bought and sold a significant amount of [our company’s shares/one of our major business partner’s shares]. When I asked how often they traded and how much money did they earn, he/she just smiled and said: “let’s just say I know something others don’t. That’s what working in this company for __ years will get you”, indicating how long they worked in the company. A couple of days later, he/she called me to their office for a quick chat. We began talking about normal work affairs, but towards the end of the conversation, the boss asked me to close the door. When I did, he/she brought up the conversation about the stock trading again, telling me it’s probably for the best I don’t share this with anyone. I immediately responded that I didn’t and had no intention to do so. I also mentioned that this is not my business. The boss looked at me for a while and said that they knew they could count on me. They also mentioned that I am a very good employee and that he/she really appreciates me. The boss has been nothing but nice to me since then.
The message continues for a few more paragraphs and honestly seems pretty believable. But it quickly came to light as a scam when several companies contacted outside counsel about next steps, and the lawyers recognized that multiple clients were receiving very similar submissions. At least 25 companies have received this – the full number is likely much higher. Until Snopes starts debunking fake whistleblower messages, what should you do – or not do – if you receive this email or something like it?
1. Contact your outside counsel – a key takeaway here is that outside counsel can be very helpful in spotting commonalities that could be red flags.
2. Don’t respond until you’ve verified that the submission is legit – this is tricky, because whistleblower submissions typically trigger a cascade of policies & procedures, including prompt notification of directors and outside auditors, and responding to the whistleblower to get more information. But if you get this exact email, know that even regulators agree that it isn’t genuine and companies shouldn’t spend resources responding. They don’t want you engaging with potential criminals, if you can help it.
3. Don’t provide additional info to the whistleblower until you’ve verified that the submission is legit – again, this is delicate, but even responding with seemingly benign info could give the scammer points of contact in the legal, compliance or finance departments for future phishing schemes or illegitimate requests for money transfers.
4. Don’t download files or click on links – this version of the email doesn’t contain any files or links, but if you’ve already responded and received any sort of follow-up communication, don’t open it.
5. Alert your directors & auditors – this incident underscores the need for strong cybersecurity training and good email hygiene, and they should be on the lookout for scams.
6. Don’t forward the email – the scammer may be able to collect more email addresses if you do that. Copy & paste the content into a new message – or take a screenshot – if you need to share something that seems suspicious.
A very troubling aspect of this hoax – in addition to it coming at a time when the White House has warned all companies to be on high-alert about cybercrime – is that it undermines an important system that companies and regulators rely on to prevent wrongdoing. I don’t want to suggest in any way that you ignore whistleblower complaints – but in light of this, it’s probably worth doing a gut-check with outside counsel before responding. I’ve been told that regulators are also taking this incident very seriously.
Quick Poll: What’s the Fake Whistleblower’s Endgame?
Like a chain email that just won’t stop, or one of those Facebook “warnings” from 2009 that periodically recirculates for no apparent reason, the endgame here is a bit of a mystery. Vote for your favorite theory in this anonymous poll:
bike trails
– Liz Dunshee
It is with a heavy heart that I share the sad news that we lost a legend of the SEC’s Division of Corporation Finance and the securities bar, Abbie Arms. Abbie passed away on May 19, 2021 at the age of 73 after a long and difficult battle with lung disease. For many years, Abbie served in key senior positions in Corp Fin, where she shaped regulatory policy on many important capital markets and public company issues.
Abbie was a brilliant securities lawyer who was highly skilled at analyzing complex issues and formulating appropriate regulatory responses that were consistent with the Commission’s investor protection mandate. Abbie loved working at the SEC and mentoring and teaching young lawyers in the Division. In my formative years at the SEC, I learned much about the operation of the Securities Act from being in meetings with Abbie, and I still use and value those insights to this day.
After leaving the SEC, Abbie practiced for many years at Shearman & Sterling LLP, where she was able to assist the firm’s clients with her extraordinary knowledge and skills as a securities lawyer. She also served as a Trustee of the SEC Historical Society from 2007-2013. Abbie was a loving and compassionate person who was loved and admired by her family, friends, co-workers and community. We will greatly miss Abbie and we offer our sincerest condolences to her family and many friends.
– Dave Lynn
This Equilar blog shares the result of the latest Gender Diversity Index. Progress on that aspect of representation has accelerated over the past several years. Check out these stats, collected as of March 31st:
– 24.3% of all board seats in the Russell 3000 were occupied by women – The percentage of women in board seats rose 3.4% from Q4 2020 and 10.5% from one year ago.
– For the first time, the percentage of boards with zero women has dropped below 5%.
– Seventy boards had gender parity in Q1 2021, which was one fewer than the previous quarter but 10 more than in Q1 2020.
– There were 256 Russell 3000 boards with at least 40% women in Q1 2021, or 8.8% of the index, in comparison to just 6.5% of boards (189) with at least 40% women a year earlier in Q1 2020. This is nearly four times the number of boards with at least 40% women compared to four years ago.
– In California, which has the highest number of boards of any state by a long stretch (489), just one lacked a woman (0.2%). Overall, the state of California has seen a gradual uptick in the percentage of women directors since its board gender diversity statute went into effect (17% in 2018 to 28% in 2021).
The blog points out that women held only 15% of board seats at the end of 2016, when Equilar’s Gender Diversity Index was first published. At that time, even 20% representation seemed like a stretch, in light of minuscule gains in prior years. State laws, investor pressure and shifts in public opinion have led to big advancements since then.
However, these nudges aren’t standalone solutions. Parity is still a distant possibility in light of the fact that only 41% of new board seats are going to women, especially because board turnover is infrequent.
– Liz Dunshee
