This 20-page Mayer Brown memo looks at where cyber disclosures are appearing – and what they’re saying. Samples include:
– Risk Factors: “general” cyber risk disclosures, risks specific to e-commerce, disclosures that cover the intersection of cybersecurity and data privacy, and disclosures about actual or known breaches.
– Description of Business: “general” disclosures, financial services industry, actual or known breaches, and ongoing litigation about breaches.
– MD&A: “general” disclosures, risk management, actual or known breaches, internal controls or material weaknesses from failure to address cyber risks, ongoing litigation about breaches.
The memo suggests ways to improve your required cyber disclosures – including consideration of whether to disclose the costs of managing & combating risks, and how to balance the need to make specific disclosures with the need to safeguard sensitive info.
I blogged a few months ago about the idea of using “risk ratings” to help convey the appropriate level of information. ISS Corporate Solutions has now also announced that it’ll be making its Cyber Risk Scores available on OneTrust Vendorpedia – so these scores might start to get more use.
– Liz Dunshee
We’ve posted the transcript from our recent webcast for members, “Insider Trading Policies & Rule 10b5-1 Plans.” Meredith Cross of WilmerHale, Alan Dye of Hogan Lovells and Section16.net, Dave Lynn of Morrison & Foerster and TheCorporateCounsel.net, and Haima Marlier of Morrison & Foerster covered these topics:
1. The New Enforcement Environment (including Focus on Rule 10b5-1 Plans)
2. Rule 10b5-1 Plan Considerations for Share Buybacks
3. Intersection of Insider Trading Policies & Rule 10b5-1 Plans
4. Pre-clearance Procedures and Blackout Period Trends
5. Pledging, Hedging & Short-Selling Transactions
6. Cybersecurity & Other Materiality Considerations
7. Latest Developments with Compliance Training
8. Defending an Insider Trading Action
– Liz Dunshee
Earlier this week, I asked my first-grader what sport he’d want to compete in if he could be an Olympian. When he responded that he wants to do whatever earns money so that he could buy video games, I feared the Games had lost their luster. But the very next day, our faithful correspondent Nina Flax sent in her latest “list” – and it’s heartening to see that the event is still imparting plenty of inspiration and self-reflection. From Nina:
I must admit that I do not remember my first Olympics exposure as a child (though I do very fondly remember my first viewings of Cool Runnings and Miracle). A few days into the Olympics, I thought I might share some of what I love about the Olympics more generally.
1. The Games are Inspiring. Seeing the culmination of all of the hard work put in by these athletes, and the amazing display of expertise is simply inspiring. (Side note: Yes, for those of you who have read some of the previous lists, I sometimes cry because I am so inspired.)
2. They also provide a reality check. Some people are just born with natural talents. I do not feel bad that I was not able to become an Olympic figure skater, and I will not feel bad as a parent if my child does not become an Olympic volleyball player (let’s be honest, I’m 5’1” and my husband is 5’10”). (Also a side note: Yes, I will feel like a failure if my child does not love reading.)
3. I appreciate the importance of personal interests. See item 1 above. These athletes grew into their sports out of personal interest – and that interest has helped define who they are in different moments. It is also refreshing to hear the stores about athletes who take breaks because of a falling out of love, and sometimes find their way back to joy in their sports. On a more personal/achievable note, our own game during the opening ceremony was to call my dad for the entire parade of athletes. Otro Papa – have you been to this place? Otro Papa – what about this other place? (My son speaks Spanish, and when he was first starting to speak and we were explaining that his abuelo was also a father just like his Papa was a father, it stuck that my parents are “other” mom and “other” dad. We think it’s cute.) We listed every single country/territory/represented area to see how many he has visited, and then we looked up which officially recognized countries do not have representatives at the games to add those. He has been to most, and he did not start traveling until later in life. His personal passion has driven joy and years to his life. Even if you are not an Olympian, there are ways personal interests can enrich and “purpose-fy” your life. Appreciating the personal interests of others and the impact of those interests on their lives also inspires me. Which is a nice reinforcing loop.
4. I always learn something new. Like about the pictograms! I had no idea that they were first introduced when Japan hosted the Games in 1964. Genius. If you haven’t watched this part of the opening ceremony, you should (and also the drones!).
My night-time work productivity and sleep will admittedly likely decrease this week and next as I continue to watch recaps and replays. Like watching the replay of the US vs. Sweden women’s soccer game – where my son routed for Sweden because he liked the color of their shirts. Which I was okay with – because I kept pointing out how the US kept playing and trying their hardest to the very end, and how they would need to move on from this loss because they had more games to play and could not let one setback get in their way. Great don’t-give-up, learn-but-don’t-beat-yourself-up moment. Or watching the recap of the women’s gymnastics qualifiers – and appreciating that even women like Simone Biles have off days, and that does not make her any less spectacular. We are all human. I hope everyone is able to enjoy and appreciate the reasons they love the Olympics as well!
– Liz Dunshee
Between news of salary wars, breathless recruiter messages and celebratory LinkedIn announcements, you’ve probably gathered that it’s a hot job market – and congrats to all of our readers who are taking this moment to advance and/or “right-size” their careers! This Think Advisor article says that the SEC hasn’t been immune from the attrition that many of us are facing. It also suggests that the aggressive enforcement environment that I blogged about earlier this week could also be contributing to turnover, at least in that particular Division.
According to the article, the reason for that is two-fold. First, departures are common in times of transition & leadership changes – and there have been a lot of changes at the Commission this year. Second, the Enforcement Division’s initiatives are creating high demand for litigators, which means firms are trying to recruit Staffers. Ironically, that means that the very initiatives that are creating this demand could leave the Staff short-staffed on its cases.
As we all know, SEC Chair Gary Gensler also has an ambitious agenda. That means he not only plans to fill open roles, but also wants to add even more hard workers to the SEC’s roster – in Enforcement and elsewhere. Here’s an excerpt from the article:
Gensler is potentially counting on adding more Staff that will get behind his vision of a watchdog with sharper teeth. In his FY 2022 budget request, Gensler asked for nine additional positions in the enforcement division and in total wants to raise staff from its current 1,316 to 1,330.
In testimony in front of a House appropriations subcommittee on May 26, Gensler said enforcement in 2020 had 6% fewer staff on board than it did in 2016.
Don’t forget to check out our free “Jobs Board” if you’re hiring or looking…and let us know if it helps you find a match!
– Liz Dunshee
If your company is subject to the CCPA, your compliance efforts are probably about to get more complicated. Here’s the intro from this Hogan Lovells memo:
On July 19, California’s recently appointed Attorney General, Rob Bonta, announced the launch of an interactive tool to aid consumers with drafting notices of non-compliance for businesses who fail to publish the “Do Not Sell My Personal Information” link (DNS link) required by the California Consumer Privacy Act (CCPA).
According to the AG, the consumer notice “may trigger” the 30-day cure period businesses enjoy before becoming subject to enforcement actions for non-compliance. Questions remain about use of resident-led notices of non-compliance, including whether this novel approach satisfies CCPA notice requirements or whether it may foster spamming and other abuses.
– Liz Dunshee
Most of you who read this blog, subscribe to our sites, or even just follow the “who’s who” of securities law are very familiar with our long-time Senior Editor Dave Lynn. I’m thrilled to say that you’ll be seeing more of his name right here in the coming weeks!
Dave will be rejoining our blogging lineup for the time being and will be imparting the wisdom he’s accumulated from his years as a Partner at Morrison & Foerster – and before that, as Corp Fin’s Chief Counsel (among other SEC roles). When Dave was at the SEC, he led the rulemaking team that revised the executive compensation & related party disclosure rules, provided interpretive advice, formulated policy decisions, and published CDIs.
Tell your friends! Remember that you can subscribe here to receive either daily or weekly blog updates in your email inbox.
– Liz Dunshee
Lynn blogged recently that smaller companies are less likely to use Big Four audit firms. For an even more detailed breakdown of audit firm market share based on filer status, take a look at this recent Audit Analytics blog. Here’s an excerpt:
– Large Accelerated Filers: EY audits almost 30%, and the Big Four collectively audit almost 91% of this market
– Accelerated Filers: the Big Four, together with Grant Thornton and BDO, audit over 72% of these filers
– Non-Accelerated Filers: the Big Four and Marcum account for 57.5% of this market
– Smaller Reporting Companies: BF Borgers, M&K CPAs, Boyle CPA, Prager Metis, RBSM, Turner Stone & Company and Baker Tilly collectively audit 25% of this market, the remaining 77% is audited by 177 other firms
– Liz Dunshee
The July-August issue of “The Corporate Counsel” newsletter is in the mail. It’s also available now online to members of TheCorporateCounsel.net who subscribe to the electronic format – an option that many people are taking advantage of in the “remote work” environment (subscribe here to be “in the know”). The issue includes articles on:
– Universal Proxy: Takeaways From the Reopened Comment Process
– Can It Wait Until the Next 10-Q?
Dave & John also have been doing a series of “Deep Dive with Dave” podcasts addressing the topics we’ve covered in recent issues. We’ll be posting one for this issue soon. Be sure to check it out on our “Podcasts” page!
– Liz Dunshee
Are you a fellow securities law geek who’s always wondered what it’s like to be on the other side of this operation? Now’s your chance to get involved! With Lynn departing (*sniff*), we are looking to bring in one or two self-starters to keep our resources up-to-date and a steady stream of useful info flowing to all our members. Here are the job listings:
– Associate Editor – approximately 4 years of securities law experience preferred
– Editor – 8+ years of securities law & corporate governance experience preferred
We’re fully remote and a few states are preferred, but we’re open to almost anywhere in the US. Our team is small but mighty. I won’t toot my own horn, but I will say that it’s pretty awesome to work with John, Lawrence, our cast of consulting Editors – and all of the great members who keep us in the know.
– Liz Dunshee
SEC Chair Gary Gensler made his Twitter debut earlier this week – joining Commissioners Peirce and Lee on one of the world’s best platforms for arguing with strangers. I’m pretty sure he’s the first SEC Chair to be active on Twitter during his term, and he’s amassed over 61k followers (including yours truly). No doubt he’ll be inundated with “mentions” from the blockchain crowd.
– Liz Dunshee
