We’ve posted the transcript for our recent “SEC Enforcement: Priorities and Trends” webcast featuring Hunton Andrews Kurth’s Scott Kimpel, Locke Lord’s Allison O’Neil, and Quinn Emanuel’s Kurt Wolfe. The webcast covered:
SEC Enforcement Activities in 2023 and Priorities for 2024
Monetary and Non-Monetary Penalties
Accounting and Disclosure Actions
Actions Targeting Gatekeepers
Whistleblower Developments and Trends
Self-Reporting and Cooperation Credit
Coordination with DOJ Investigations
Our panelists referred to the SEC’s fiscal 2023 as “the year of the whistleblower” and stressed “how successful the [whistleblower] program continues to be” as “it really is driving enforcement investigations and enforcement actions [and] changed the way that the SEC originates cases and pursues cases.” They linked this back to the SEC’s recent Rule 21F-17 enforcement actions that “strike at efforts to chill whistleblowers.” Scott Kimpel said, “that’s why the SEC does it. They want the word to spread. They don’t want to have to keep bringing those cases. They would prefer for companies to change their language.”
If you are not a member of TheCorporateCounsel.net, email sales@ccrcorp.com to sign up today and get access to the full transcript – or sign up online.
The SEC adopted its human capital disclosure rules in 2020, and this Gibson Dunn memo reviews the results of a survey of S&P 100 Form 10-K disclosures since the rules were adopted. Overall, the survey found that companies were generally tailoring the length & topics covered in their disclosures and those disclosures were becoming slightly more quantitative in some areas. Here are some of the key takeaways concerning disclosure trends during the most recent year:
– Length of disclosure. Forty-eight percent of companies increased the length of their disclosures, four percent of companies’ disclosures remained the same, and the remaining 48% of companies decreased the length of their disclosures (with the decreases generally attributable to the removal of discussion related to COVID-19).
– Number of topics covered. Twenty-two percent of companies increased the number of topics covered (with the categories seeing the most increases being diversity statistics by race/ethnicity and gender, employee mental health, monitoring culture, talent attraction and retention, and talent development), while 34% decreased the number of topics covered (the majority of which were attributable to the removal of disclosures related to COVID-19), and the remaining 46% covered the same number of topics.
– Breadth of topics covered. The prevalence of 16 topics increased, seven decreased, and four remained the same. The most significant year-over-year increases in frequency involved the following topics: quantitative diversity statistics on gender (60% to 65%), employee mental health (46% to 50%), culture initiatives (22% to 26%), efforts to monitor culture (60% to 64%), and talent attraction and retention (90% to 94%). The most significant year-over-year decrease involved COVID-19 disclosures, which declined in frequency from 69% to 34%. Other year-over-year decreases involved discussion of governance and organizational practices (56% to 51%) and diversity targets and goals (23% to 19%).
– Most common topics covered. The topics most commonly discussed this most recent year generally remained consistent with the previous two years. For example, diversity and inclusion, talent development, talent attraction and retention, and employee compensation and benefits remained four of the five most frequently discussed topics, while quantitative talent development statistics, supplier diversity, community investment, and quantitative statistics on new hire diversity remained four of the five least frequently covered topics.
The memo also addresses industry trends in human capital disclosure, the potential for new rulemaking and the IAC’s recommendations to the SEC concerning that rulemaking, Staff comments on human capital disclosure, and the implications of recent SCOTUS cases on corporate DEI programs and related disclosures.
The last time we blogged about the Payroll Protection Plan loan program, the SBA Inspector General was reporting that the levels of fraud in the program were truly mind-blowing. Since that’s the case, it’s probably not surprising that according to this McDermott Will memo, many PPP borrowers find themselves ensnared by red tape when it comes to trying to get their loans forgiven, and many of those whose loans have previously been forgiven are now facing audits. This excerpt addresses the predicament of borrowers who have won appeals of SBA denials of forgiveness:
Some businesses are facing an increasingly common predicament: They appealed an unfavorable Final Decision to the [SBA’s Office of Hearings & Appeals]. The OHA granted their appeal, agreeing with the borrower that the SBA’s decision was based on clear error. The OHA then remanded the loan back to the SBA to conduct a new review, and the business is forced to wait for months for the SBA to act on the loan.
Other borrowers are in a similar situation after filing an appeal with the OHA only to have the SBA withdraw the challenged Final Decision and place the loan back under review with no further communication from the SBA regarding the status of the loan. These businesses have been waiting and waiting for months—and in some cases more than a year—for the SBA to issue a new decision.
The memo says that once a Final Decision has been withdrawn, the borrower faces what feels like a “black hole” of SBA review. It suggests that the problem stems from both a lack of resources & a lack of a sense of urgency on the part of the the SBA to resolve outstanding loans in a timely manner. On another happy note, the memo says that there’s been an uptick in audits of borrowers who have had their loans forgiven years ago. The most significant issues in these audits are whether the borrower correctly calculated its initial PPP loan amount and whether the borrower was “small” enough to qualify for the loan.
With the 2024 proxy season just around the corner, many companies are considering potential updates to their D&O questionnaires. This Bryan Cave memo identifies areas where questionnaires may need updating. This excerpt addresses a potential tweak that may be necessary to address the universal proxy rules:
Under the new universal proxy card rules that became effective in 2023, a company may be required to include a dissident’s nominees on its proxy card and, in turn, the dissident may be required to include the company’s nominees on the dissident’s card. In light of this possibility, companies should review the consent language in their D&O questionnaires to ensure it includes the consent of the director or nominee to be included in the company’s proxy materials, as well as a nominee in a dissident’s proxy materials, should that become applicable.
The memo says that other topics that may need attention in D&O questionnaires this year include cybersecurity and human capital management expertise, Section 16 reporting, Rule 10b5-1 plans, and board diversity information.
Last night, Cooley’s Cydney Posner blogged that the Chamber has filed a motion to vacate the repurchase disclosure rule. The motion followed the SEC’s submission late last week, acknowledging that it could not correct the defects in the rule by the Court-imposed deadline. Here’s more from the blog:
In its 13-page motion, the Chamber observes that the “Court withheld vacatur for 30 days to give the [SEC] a chance to correct the multiple defects the Court identified in the Rule. That period expired a week ago, and this Court denied the SEC’s motion for an extension of time. The SEC has conceded it has not corrected the Rule and has given no indication that any correction is forthcoming.” What’s more, the Chamber highlights, “when Petitioners notified the SEC that they would be filing this motion to vacate the Rule and sought its position, counsel responded that the Commission takes no position on it. Thus, the only remaining step for this Court is to vacate the Rule.” Although the Court’s October 31 opinion did not explicitly state the “consequences of failing to correct the rule within that period,” the Chamber argues, “the Court’s directive only makes sense if it intended vacatur to take effect at that time.”
Late last month, FASB announced that it issued final ASU 2023-07 intended to improve segment reporting, which had been proposed in October of last year. The new guidance applies to annual periods ending after December 15, 2023, which means that calendar-year companies will first need to follow the new guidance for their Form 10-K filed in 2025, for the 2024 fiscal year. FASB’s press release lists the key amendments, which are generally consistent with the proposed ASU, apart from one transition disclosure requirement that FASB removed.
This Deloitte Heads Up reviews the new requirements in detail with illustrative examples. Entities with a single reportable segment should take particular note of this point from the alert:
Before adopting this ASU, entities with a single reportable segment were not explicitly required to provide segment disclosures beyond those provided on an entity-wide basis. Such entities will now be required to expand their segment footnote disclosures by providing all the disclosures currently required for multiple-segment entities as well as those required by the ASU. As part of this requirement, the entity’s segment revenue and profit or loss measure should be clearly disclosed and the entity must review information regularly provided to the [chief operating decision maker (CODM)] for significant segment expenses and other segment items.
Based on the alert and the spirited conversation during the Securities Registration Subcommittee Meeting at the Winter Meeting for the ABA Federal Regulation of Securities Committee, I think we’ll hear much more about this ASU as the accountants and auditors work through the changes. The issue that seems to be creating the most confusion is the following change and the interplay with MD&A disclosure and non-GAAP compliance.
Clarify that if the CODM uses more than one measure of a segment’s profit or loss in assessing segment performance and deciding how to allocate resources, a public entity may report one or more of those additional measures of segment profit. However, at least one of the reported segment profit or loss measures (or the single reported measure, if only one is disclosed) should be the measure that is most consistent with the measurement principles used in measuring the corresponding amounts in the public entity’s consolidated financial statements.
I love those one-page desktop reference guides to Form 8-K. I think they’re so handy for in-house corporate counsel, internal accounting folks, the disclosure committee — really anyone internally who plays a role in 8-K disclosure controls — and new law firm associates. This Desktop Reference: Form 8-K Filing Events from Latham is the first I’ve seen listing soon-to-be-effective Item 1.05 regarding material cybersecurity incidents.
As I poked around further, I saw that WilmerHale has released the 2023 update to its practical guide to Keeping Current With Form 8-K, and it’s been updated throughout to reflect that new Item 1.05 will be effective December 18, 2023 for companies other than smaller reporting companies. This is a longer-form resource and devotes a few pages to each triggering event, the required disclosure and related practice tips. It also discusses filing mechanics — like when to use “Titan” language that investors should not rely on reps and warranties in the exhibited agreement, which items contemplate a subsequent amendment and Form 8-K cover page considerations. Here are some of the guide’s “practice tips” for new Item 1.05:
– Because the definition of “information systems” covers electronic information resources “owned or used by the registrant,” a company is required to disclose a cybersecurity incident suffered by a third-party service provider’s system if that incident has a material impact on the company. Depending on the circumstances of a cybersecurity incident involving a third-party service provider, disclosures may be required by either or both of the service provider and its customer.
– Notwithstanding the obligation to report on third-party systems that experience a cybersecurity incident that materially impacts a company, the SEC noted in the adopting release that companies need only disclose information made available to them, and are generally not required to conduct additional inquiries beyond their regular communications with third-party service providers and in accordance with the company’s disclosure controls and procedures.
– While the materiality of a cybersecurity incident is being assessed, companies should consider whether trading windows should be closed.
– The SEC staff’s 2011 guidance (“2011 Staff Guidance”) and the Commission’s 2018 Interpretive Release (“2018 Interpretive Guidance”) remain applicable and should be used to inform potential disclosure obligations relating to cybersecurity incidents that are not specifically addressed by Item 1.05 or the new annual cybersecurity disclosures called for by Item 106 of Regulation S-K (which was added at the same time as Item 1.05).
Yesterday, the Fall 2023 Reg Flex Agenda was released. With two down and three to go, the list of rulemaking we’ve been tracking in the final rule stage is quite a bit shorter since the spring. All three have been pushed out to April. The proposed rulemaking we’ve been tracking is holding steady.
As a reminder, despite the title of this blog, these dates signify general timeframes! New final or proposed rules could come before the dates suggested in the agenda or be pushed out. This only gives insight into the priorities of the Chair as of the date it was submitted — it’s not a definitive guide for anyone trying to predict SEC rulemaking for purposes of specific board agendas, budget and workflow. But we’ll take any insight we can get!
The SEC’s Office of Chief Accountant recently released this statement with timely reminders for issuers and auditors. The gist of the announcement is that the OCA doesn’t think the statement of cash flows is getting the attention it deserves from either financial statement preparers or auditors. In support, it cites the SEC’s observations that the statement of cash flows is consistently a leading area for material weaknesses in ICFR and for financial restatements. A significant majority of these restatements are “little r” restatements, but the OCA sometimes finds the materiality analyses presented to be unpersuasive:
In certain instances, the staff in OCA have been presented with analyses that conclude an error in the statement of cash flows is not material because it is an error in classification only. We have not found such analyses and their corresponding arguments persuasive since classification itself is the foundation of the statement of cash flows. Accurately classifying cash flows as operating, investing, or financing activities is paramount to investors understanding the nature of the issuer’s activities that generated and used cash during the reporting period. Therefore, issuers and auditors must consider all relevant facts and circumstances to thoroughly and objectively evaluate the total mix of information and determine if such classification errors are material to a reasonable investor.
The statement suggests specific improvements in disclosure, presentation and internal controls related to the statement of cash flows. The OCA also has a reminder for the auditors:
The risks of material misstatement related to the statement of cash flows, such as inaccurate classification of cash flows and incomplete supplemental disclosure of noncash items, are distinct from those in the other financial statements. We expect auditors to design and implement audit procedures that are specifically responsive to those risks in the statement of cash flows, rather than simply reconciling reported cash flows to the balance sheet or income statement.
The November-December Issue of the Deal Lawyers newsletter was just posted and sent to the printer. This month’s issue includes the following articles:
– Delaware Court Addresses Ability to Sue Buyers for Lost Premiums in M&A Deals
– Delaware Chancery Addresses Section 271 of DGCL’s ‘Substantially All of the Assets’ Requirement
The Deal Lawyers newsletter is always timely & topical – and something you can’t afford to be without in order to keep up with the rapid-fire developments in the world of M&A. If you don’t subscribe to Deal Lawyers, please email us at sales@ccrcorp.com or call us at 800-737-1271.
