We received a bunch of memos over the weekend on the Silicon Valley Bank situation, and we are posting those memos and other materials relating to SVB’s closure in our “Financial Institutions Practice Area.” There’s also a brief post on The Mentor Blog this morning about some of the 8-K filings that companies made on Friday concerning the situation.
Hopefully, the joint statement issued by the Fed, FDIC & Treasury last night that depositors will be made whole and have access to their money today will take the edge off the crisis that erupted late last week, but we’ll stay tuned and post additional resources when we receive them.
Last month, Liz blogged about the SEC’s recent enforcement action against Activision-Blizzard, which is the latest action premised solely on an issuer’s alleged deficient disclosure controls unaccompanied by a related disclosure violation. This Shearman memo reviews that proceeding and another recent SEC action premised solely on deficient controls and offers up some lessons that public companies should draw from those enforcement actions. This excerpt says that companies should look at the relationship between disclosure controls and the disclosures contained in their SEC filings as a two-way street:
Treat the relationship between disclosure controls and disclosure content as an open feedback loop rather than as a one-way communication channel. Disclosure controls are often viewed as informing disclosure content, but not the other way around. Consider reviewing your existing disclosure content with an eye towards identifying key topics and risks and then compare those to your disclosure processes.
Is each of these topics and risks covered by a corresponding stakeholder on your disclosure committee? Are disclosure committee members collecting information relevant to assessment of these topics and risks? What information are you collecting from business unit leaders who are not directly represented on the disclosure committee, and what procedures do you have in place to ensure that relevant information is fed into the disclosure process? Allowing feedback from disclosure content to disclosure controls also means being mindful of the disclosure controls implications when adding new risk factors.
The memo disagrees with contentions that the Activision-Blizzard proceeding will require companies to collect all information that could potentially be relevant to disclosures about an operational risk once it decides that the risk merits a reference in the risk factors section of its filings. Instead, the authors expect that the SEC will pursue these purely disclosure controls related proceedings selectively, “in matters (1) of broader public interest, or (2) where the SEC sees a specific opportunity to highlight an example of information it believes is getting insufficient attention for disclosure purposes.”
Inflation, rising interest rates, recession concerns & market volatility have provided activists with a target-rich environment this year, and the implementation of universal proxy gives them a key tool to help capitalize on those opportunities. That raises the stakes when it comes to shareholder engagement, and this Wilson Sonsini memo has some thoughts about how boards and management teams can most effectively structure their engagement efforts. This excerpt addresses two of the key components for successful engagement in 2023:
– Proactively enhancing governance practices. Governance is almost never the central feature of an activism campaign, but it is frequently used as a wedge issue by activists to paint a board of directors as entrenched and out of touch. As such, companies should regularly evaluate their governance practices and look for proactive measures—such as the adoption of majority voting in director elections, the elimination of supermajority vote provisions, and even, in appropriate circumstances, voluntary declassification of the board—that can be taken to show the board’s deliberate approach to governance. Shareholder engagement is a long game, and years of thoughtful evolution can reassure shareholders that the board prioritizes good governance and has sufficient internal will to make changes when they are warranted.
– Focusing on board composition and refreshment. A robust approach to board refreshment has become table stakes for the most sophisticated companies when it comes to engagement. Institutional shareholders appreciate seeing changes in board composition and view a regular cadence of new directors joining a board as evidence of a healthy boardroom dynamic. As noted above, the universal proxy rules have cast a brighter light on the skills and qualifications of each director individually. As such, boards should be conscious of, and seek to proactively address, weaknesses that an activist might seek to exploit. This is particularly true at companies that have seen an erosion in investor support for directors and say-on-pay proposals.
Other areas of emphasis in shareholder engagements include clearly articulating the company’s strategy for value creation, considering efforts to boost shareholder value, and understanding the views of the company’s shareholder base. Perhaps most important of all, the memo says that companies need to listen actively and be open to change, because shareholders—especially activist shareholders—want to know that the board takes their views seriously and isn’t “willfully blind” to alternatives.
The latest issue of the Shareholder Service Optimizer has some timely tips for making your annual meeting run smoothly this year. Here are a couple of important ones:
– Make sure that no one on your Meeting Team agrees to accept “Floor Votes” as a way to head off a formal shareholder proposal: Please be sure to review our article on this crazy process, which a few naïve companies foolishly agree to every year – based on the often-mistaken notion that there will be too few voters to worry about. Brush up here: The Best, Worst and Weirdest Things We’ve Seen in the 2019 Meeting Season to Date
– Beware: Shareholder Proponents, and activists in general, will be monitoring VSMs and paying special attention to the Q&A period, and to whether shareholders are being given a fair chance to ask questions and suffcient time to cast or change their votes online. Here’s a sample ‘run of show’ and tips for the Q&A to avoid being publicly named and shamed: A Sample “Run-Of-Show” For A Satisfying And Successful VSM & The Virtual Shareholder Meeting Q&A – and How to Tackle It
The article also says that the vast majority of companies that went the virtual-only route last year are doing the same this year, and it also reminds companies to identify their shareholder proponents by name. This year, failing to identify the lead proponent could result in a negative recommendation from Glass-Lewis on the chair of the governance committee.
Speaking of annual meetings, don’t forget to attend our “Conduct of the Annual Meeting” webcast on March 30th for more timely tips to help you manage your annual meeting.
The Jim Hamilton Blog recently flagged the competing efforts of Democrats & Republicans on Capitol Hill to influence the substance of the SEC’s climate disclosure rules. Republicans continue to fixate on questioning the SEC’s authority to adopt these rules as proposed, while this excerpt indicates that some Democratic lawmakers continue to push hard for Scope 3 disclosures:
Democrat lawmakers’ recent letter to the SEC specifically addressed another topic the SEC may be mulling as it finalizes the climate risk disclosure regulation—Scope 3 emissions, or what might be considered the proverbial electrified third rail of climate disclosure. The Democrats’ letter said overall that they want the SEC to move forward with a “strong climate disclosure rule without delay.”
While the letter worried about the SEC potentially raising the threshold for disclosure (the proposal pegged the threshold at 1 percent of the specified line-item financial metric), the letter was even more concerned about the prospect that the SEC could weaken or even eliminate Scope 3 emissions disclosures from the final regulation.
The Democrats’ letter references recent Wall Street Journal and Politico reports that the SEC is considering easing the final version of its rules – including possibly eliminating the proposed Scope 3 disclosure requirement – and is clearly an attempt to keep the agency from going wobbly on the final version of its rules.
But with recent reports suggesting that political support for Scope 3 disclosures among Democrats may be on the wane, perhaps it’s worth noting that the letter was signed by only eight senators and 43 members of Congress. That’s a lot fewer than the 130+ Dems who signed an earlier letter supporting the SEC’s rulemaking last summer,
If you’ve worked on more than a handful of private placements over the years, you know that in many situations, issuers opt not to file a Form D with the SEC. I’ve heard a lot of reasons for that over the years, most of which seem to be one version or another of, “well, it’s not a condition of the exemption . . .” followed by some kind of mutterings about confidentiality or concerns about sharing information with the “gubmint.” However, Keith Bishop recently blogged about a new study that suggests another reason why issuers so often don’t file a Form D – the desire to avoid “patent trolls.” Here’s the abstract:
We document that the majority of venture-capital backed financing rounds are not accompanied by a Form D filing. We show that filing behavior is predictable and is related to both the ability to fly below the radar and the benefits of withholding information. Financing rounds that are harder to hide, larger offerings and those previously covered by media, are more likely file a Form D while financing rounds by firms with greater proprietary information, early stage firms or companies in biotech, pharmaceutical, and high tech industries, are less likely to file a Form D.
We document one adverse outcome to the filing of a Form D, patent litigation, and show that protection from this type of litigation through the enactment of anti-patent trolling laws subsequently increases the rate of filing. Firms are less likely to file a Form D once the form is required to be filed on Edgar. Finally, we note that reliance on Regulation D is stronger as the firm nears an exit from the private market. Our results suggests that some firms view even minimal disclosure and regulatory oversight as costly.
Keith points out that one of the authors’ conclusions is that the Form D filing rate among California issuers is particularly low, and that these issuers typically don’t file a limited exemption notice filing at the state level either – which the authors suggest means that at least some issuers may be relying on Reg D as an exemption but not filing the form to ensure their privacy.
If you’re considering not making a Reg D filing, bear in mind a few cautionary points. First, although Securities Act Rules CDI Question 257.07 says that a Form D filing isn’t a condition of the exemption, it is still required by Rule 503. In addition, Rule 507 provides that failure to file a Form D may form the basis for disqualifying an issuer from using the exemption in the future. In addition to potential SEC enforcement proceedings, some states may get their noses out of joint if a state Form D isn’t filed and pursue enforcement actions of their own unless you’ve scoped out a non-filing exemption that you can hang your hat on.
The SEC and other regulators have taken a lot of heat for their approach to cryptocurrency regulation, with the SEC in particular being singled out by various crypto-evangelists for its allegedly unreasonably antagonistic approach to regulating digital assets & alleged reliance upon regulation by enforcement.
The crypto industry & its advocates complain that the SEC’s approach stifles innovation, but this FT Alphaville blog says that by being fuddy-duddies, the SEC & other regulators may have helped prevent the crypto meltdown from turning into a 2008-style financial crisis. The Financial Times doesn’t like it when people excerpt its stuff, so you’ll have to read the blog yourself – but it says that the burden isn’t on regulators to accommodate crypto, but on crypto advocates to prove their vaunted tech is more than just tulips & vaporware.
The blog lauds US regulators for their surprising effectiveness at curtailing crypto’s growth and preventing the ongoing crypto meltdown from spreading its contagion to the broader financial system – noting that even at the peak of crypto mania last year, the entire “value” of bitcoin was a mere drop in the bucket of the overall US capital markets.
In January, the Delaware Chancery Court dropped a bit of a bombshell on Corporate America when it refused to dismissCaremark claims against a former McDonald’s officer premised on failures of oversight that resulted in a corporate culture that condoned sexual harassment and misconduct. The plaintiffs also asserted Caremark claims premised on the same alleged oversight failures against McDonald’s current and former directors, but last week, Vice Chancellor Laster dismissed those claims. This excerpt from Fried Frank’s memo on the decision lays out some of the key takeaways:
On the one hand, McDonald’s appears to expand the potential for Caremark liability beyond the parameters many legal analysts had understood to apply. In the two decisions issued in the case, the court has articulated or clarified, for the first time, that: (i) Caremark duties of oversight apply not only to directors but also to officers; (ii) Caremark duties apply not only to a company’s “mission critical risks” but, depending on the facts, may apply to other key risks even if not rising to the level of “mission critical”; and (iii) sexual harassment and similar issues—and, indeed, “maintaining workplace safety” and “tak[ing] care of the corporation’s workers”—are mission critical risks for companies.
On the other hand, however—and perhaps most importantly as a practical matter— McDonald’s reinforces that there is a high bar to a finding of Caremark liability. The court emphasized that it is only when directors or officers act in bad faith that Caremark liability arises. The court stressed that directors or officers who acted to address a problem of corporate misconduct once they learned of it generally would not be deemed to have acted in bad faith, even if the actions they took were insufficient or reflected poor decision-making (so long as they were not so off the mark as to suggest bad faith).
The memo says that this decision is not inconsistent with the prior decision involving the McDonald’s officer because unlike the corporate officer, the directors took action to address the company’s sexual harassment problem when they were made aware of it. Kevin LaCroix weighed-in on this decision this morning on The D&O Diary, and you should be sure to check out his commentary as well.
Many commenters expressed concern about the implications of the earlier decision, particularly the expansion of Caremark beyond oversight of existential risks. UCLA’s Stephen Bainbridge – who has always been dubious of Caremark – has some insightful & colorful thoughts on that decision as well as this one. Prof. Bainbridge gets a lot of points from me for mentioning Arch Oboler, one of the truly great writers of the radio era and a guy to whom I think shows like HBO’s “True Detective” owe an unacknowledged debt.
In one of its more recent rounds of corporate criminal enforcement guidance, the DOJ noted that in assessing the effectiveness of corporate compliance programs, “prosecutors should consider whether the corporation has implemented effective policies and procedures governing the use of personal devices and third-party messaging platforms to ensure that business-related electronic data and communications are preserved.”
This Perkins Coie memo follows up on the DOJ’s guidance and suggests some practice pointers when it comes to personal device policies for corporate directors. This excerpt addresses some key points to consider in implementing such a policy:
1. A plain English policy on devices. First, a policy is a must. The DOJ’s guidance specifically tells prosecutors that a company should be examined to see if it had—and was effectively implementing—policies and procedures about the use of personal devices.
If I am a director, I want to see a policy written in plain English so I can tell my chief compliance officer and general counsel that I could understand it. And as a GC, I want to make sure that the author has drafted it in truly plain English.
2. Data access, not ownership. The company probably doesn’t want to own my device and all the data on it. However, it does want to have reasonable access to my device for appropriate purposes, including assistance with any future investigations.
In some instances, I’m fine owning my own cellphone. Some companies will want to give me a phone with a request that I use it only for corporate business. This is normal; I will respect any requested limits of use on that company phone. In either case, I want to make sure that I’m maintaining the data in a way that follows the policy.
For example, if I’m using a messaging program, my company may tell me to limit my communications to business matters and send messages solely on an approved platform that enables retention of the messages. I won’t be permitted to use non-approved messaging channels to send business-related messages.
The memo also emphasizes the importance of appropriate training, board oversight and the need to keep an eye on how state privacy laws continue to evolve. In particular, the memo points out that the California Privacy Act will soon require companies to identify personal or personally identifiable information and be able to separate such information from business records.
Check out the latest edition of our “Timely Takes” Podcast featuring my interview with Orrick’s J.T. Ho on the Staff’s comments on board risk oversight disclosure. These podcasts are intended to provide a forum through which experts can share their views on recent developments or emerging trends that we think our members would be interested in learning more about. In this 20-minute podcast, J.T. addressed the following topics:
– Background of Item 407(h)’s board risk oversight disclosure requirement
– Reasons for the Staff’s focus on board risk oversight disclosures
– Do the Staff’s comments reflect its view that there’s a “right way” to do board risk oversight?
– Key takeaways for boards and their advisors
While we’re on the topic of risk oversight, be sure to check out our March 21st webcast – “Managing Enterprise-Wide Risks: The Intersection of ERM & Legal” – where our expert panelists (including J.T.) will address how companies are dealing with the increasing demands for enhanced oversight.
If you have insights on a securities law, capital markets or corporate governance trend or development that you’d like to share, I’m all ears – just shoot me an email at john@thecorporatecounsel.net.
