With all the emphasis on increased candor in disclosures about cybersecurity in recent years, it’s a little surprising that, according to this recent ProPublica report, there’s one type of cyber breach that companies are unwilling to call by its name – specifically, a ransomware attack. Here’s an excerpt:
Each year, millions of ransomware attacks paralyze computer systems of businesses, medical offices, government agencies and individuals. But they pose a particular dilemma for publicly traded companies, which are regulated by the SEC. Because attacks cost money, affect operations and expose cybersecurity vulnerabilities, they sometimes meet the definition used by the SEC of a “material” event — one that a “reasonable person” would consider important to an investment decision. Material events must be reported in public filings, and failure to do so could spur SEC action or a shareholder lawsuit.
Yet some companies worry that acknowledging a ransomware attack could land them on the front page, alarm investors and drive down their share price. As a result, although many companies cite ransomware in filings as a risk, they often don’t report attacks or describe them in vague terms, according to experts in securities law and cybersecurity.
The report points out that ransomware attacks are often featured in risk factor disclosure, but many companies victimized by these attacks seem to take the position that they aren’t material because customer data hasn’t been compromised.
There may be an argument for that position, but companies that consider adopting it should take a hard look at the language of their risk factor disclosure about ransomware. As Facebook found out last year, while it’s prudent to warn about risks that haven’t happened, disclosure that suggests an event is merely a risk when it has actually occurred may well be misleading.
Oscar Wilde once said (well, sort of) that the U.S. and the U.K. are two peoples separated by a common language. Now, it looks like their regulators’ approach to auditor independence may be another area in which they differ. While the SEC recently proposed to loosen the reins on auditor independence, this FT article says that the U.K.’s Financial Reporting Council is taking the opposite approach. Here’s an excerpt:
UK regulators have banned audit firms from providing a number of advisory services to listed companies and financial institutions in an effort to strengthen auditor independence after a series of scandals. The Financial Reporting Council on Tuesday issued a “radical” update to its ethical standards for audit firms, which have been scrutinised over poor audits and possible conflicts of interest in the wake of corporate collapses such as at Carillion, BHS and Thomas Cook.
The regulator banned accounting firms from providing all recruitment and remuneration services and due diligence from the public interest entities they audit — mostly listed companies, banks and insurers. It also prohibited them from giving tax advice, advocacy and acting in any management role.
In fairness, some of these services are already prohibited under U.S. independence rules, but it certainly suggests a more skeptical regulatory climate when it comes to independence issues than the one that’s currently prevailing here.
CEO Leadership: Don’t Hate Me Because I’m Beautiful
A recent study says that I’m putting a real crimp in my wife’s chances to succeed as a CEO. How come? Not to brag, but it’s my smokin’ hotness that counts against her. If that’s not bad enough, it turns out that – here’s a shock – it works the other way for men. Here’s an excerpt from the study’s abstract:
Study 1 found that while partner’s attractiveness enhanced the perceived leadership of male CEOs, female CEOs’ leadership was downgraded in the presence of an attractive partner. Study 2 validated that the leadership penalty for female CEOs increased when they were seen with more attractive males than with less attractive males.
I suppose that some of you may take issue with my view of myself as a “trophy husband.” Well, I can assure you that despite my strong resemblance to The Addams Family’s Uncle Fester, I radiate an inner beauty – or at least that’s what my mother says.
Spanking brand new. By popular demand, this comprehensive “Secondary Offerings Handbook” covers the entire terrain, from the basics to how to deal with selling shareholders. This one is a real gem – 23 pages of practical guidance – and its posted in our “Secondary Offerings” Practice Area.
Smaller Reporting Companies: Some Stats
Recently, the SEC’s “Office of the Small Business Advocate” – which covers emerging, privately-held companies up to small public companies – released its inaugural Annual Report. Stats for smaller reporting companies begin on page 24 – here’s the main takeaways:
– The pre-exit holding period for a company in a PE or VC portfolio is now 6-7 years – so companies are choosing to enter the public markets after maturing beyond the smaller reporting company thresholds
– Average proceeds for small company IPOs & other registered offerings were $47 million last year
– 61% of small exchange-traded companies have no research coverage
The SEC also recently announced that it had published the report of findings from its Annual Small Business Forum. See this blog for a summary of the recommendations & SEC responses.
Cybersecurity: COSO’s New Guidance
Here’s 32 pages of new guidance from COSO – in partnership with Deloitte – that’s intended to help boards, audit committees and executives comply with COSO’s ERM Framework to protect companies against cyber attacks. This “Accounting Today” article gives an overview of how these resources work together:
COSO’s ERM Framework was updated in 2017 to spotlight the importance of applying ERM throughout an organization, particularly in strategic planning. One of the main drivers behind the 2017 update was to address the need for organizations to improve their approach in managing cyber risks. The new guidance aims to provide context on the fundamental concepts of cyber risk management to help organizations leverage their existing technical cybersecurity frameworks.
What will 2020 hold for BlackRock? Last year at this time, environmental activists were pegged as the pranksters behind a phony annual letter from BlackRock’s Larry Fink. Maybe we’ll see more of that “creativity” again this year (in the last few months, the asset manager has also faced protests as well as scrutiny from Al Gore). But for now – despite some reports that BlackRock’s shareholders have been appeased by its increased disclosure about engagements – a couple of proponents are revisiting the more traditional type of pressure for “walking the talk” on E&S issues. This Reuters article suggests that BlackRock may press companies harder this year as a result.
First, Mercy Investment Services (the asset management arm for the 9000 nuns of “Sisters of Mercy of the Americas”) filed this resolution:
Proposal requesting that the Board of Directors initiate a review assessing BlackRock’s 2019 proxy voting record and evaluate the company’s proxy voting policies and guiding criteria related to climate change, including any recommended future changes. A summary report on this review and its findings shall be made available to shareholders and be prepared at reasonable cost, omitting proprietary information.
This Guardian article provides some details on the supporting statement – e.g. BlackRock supported only 6 of 52 climate-related resolutions last year, according to the nuns. Meanwhile, As You Sow is questioning BlackRock’s commitment to “stakeholders” – with this resolution:
BE IT RESOLVED: Shareholders request our Board prepare a report based on a review of the BRT Statement of the Purpose of a Corporation signed by our Chairman and Chief Executive Officer and provide the boards perspective regarding how our Companys governance and management systems should be altered to fully implement the Statement of Purpose.
According to this Cooley blog, the proponent takes issue with BlackRock’s tendency to support management and vote against E&S shareholder proposals. The blog summarizes the “stakeholder” pressures that other companies are also facing – including calls for a reduced gap between CEO and worker pay.
Critical Audit Matters: What’s Your Auditor’s Average?
If you’re looking for “CAM” stats to share with your audit committee, check out the “CAM Counts by Auditor” available in this Audit Analytics blog (as well as the data from this earlier blog).
Right now, KPMG leads the way in terms of count – with 52 CAMs disclosed within the audit reports of 22 companies – averaging 2.4 CAMs per opinion. This is one area where being “below average” could provide some reassurance to directors.
A Fond Farewell To Broc
Many of us are still coming to terms with the fact that Tuesday was Broc’s last day as an Editor here at TheCorporateCounsel.net. Words aren’t adequate to express how much I’ve learned from him and how grateful I am for his mentorship. Here’s what I posted on LinkedIn last month (and also check out this well-stated DealLawyers.com blog from John):
Over the last 17 years, Broc has worked around the clock to make securities law & corporate governance accessible – and even entertaining! – to *everyone* in our community. Truth be told, I was star struck when I first met the human behind the guidance that I relied on every day, and was thrilled to be invited to the first “Women’s 100” Conference seven years ago. And although I loved private practice, when Broc suggested that I join him, John and the rest of the team here – and train to be his eventual successor – I couldn’t believe my luck.
Thank you, Broc, for giving me the opportunity and for teaching me so much over my career – especially during these last few years. Not just about the law, but about valuing people, embracing creativity and being unafraid to jump into new adventures. I’ll miss your daily presence but look forward to carrying on what you’ve been building.
For more details about what things will look like around here in the coming months and years, see our press release. Like Broc, I’m always open to suggestions, so feel free to email me any time at liz@thecorporatecounsel.net. I appreciate everyone who’s reached out so far!
John blogged a few months ago that 70% of restatements are now “Little r” revisions, according to data from Audit Analytics. This WSJ article reports on a couple of studies that analyze the potential connection between the presence of clawback provisions & performance awards, on the one hand, and management’s discretion to “restate” versus “revise” financials, on the other. Here’s an excerpt (also see earlier work from Francine McKenna, which the study cites, and CLS “Blue Sky” blog):
A study by Ms. Thompson found that almost half—45%—of Little r revisions from August 2004 through 2015 that she analyzed met at least one of the guidelines for them to be considered Big R restatements.
Her research points to one potential motivation: “clawbacks” that allow companies to recoup compensation from executives in the event of a Big R restatement. Companies with such clawbacks were more than twice as likely as others to use revisions for potentially material errors, her analysis found.
Although the article tries to also draw a link between “Little r” revisions and performance awards, the data doesn’t directly connect declines in performance award metrics like EPS to a company’s decision to carry out a “Big R” restatement versus a “Little r” revision. The article points out that in at least one situation, Corp Fin was deferential to a company’s decision to correct an accounting error via a revision even though the error had flipped one quarter’s earnings per share from negative to positive and the company used an annual EPS metric in its long-term incentive plan.
Also see this article suggesting that executives who are subject to clawback policies are more likely to push for tax savings – e.g. through use of tax havens. It wouldn’t seem there’s much downside to that for shareholders, but for companies that follow GRI Sustainability Reporting Standards, it’s relevant to know that GRI is recently announced a new “tax disclosure standard” to promote transparency of tax practices that could impact funding of government services & sustainability initiatives.
Corporate Governance Ratings: Internal Audit Enters The Game
Recently, the Institute of Internal Auditors announced a new “corporate governance index” that annually rates listed companies – based on surveys of Chief Audit Execs. Here are the results of the inaugural review.
While I’m not sure I can get behind the claim that this is “the first to truly probe – and grade – core actions and responsibilities that are crucial to successful, ethical, and sustainable organizational practices among American businesses,” it’s somewhat unique in highlighting auditors’ views (see page 7 for a take on that group’s role in corporate governance). Since my mom spent most of her career as an internal auditor, I can attest that these folks often have different perspectives & opinions than those of us on the legal side.
But don’t take my word for it! This note accompanies the finding that companies are vulnerable to corporate governance weaknesses because they have no formal monitoring or evaluation mechanism (which incidentally is the category of “worst performance”):
CAEs also reported that, if the evaluation is not conducted by internal audit, it is most often done by the general counsel’s office or under the direction of the nominating/governance committee, at which point it is more likely to be a compliance “check-the-box” exercise relative to listing exchange requirements and other laws and regulations.
Anyway, the surveyed companies averaged a “C+” grade and the report is pretty emphatic that there’s room for improvement (with all due respect to my auditor friends, if there’s anyone more “glass half empty” than us lawyers, my money is on CAEs). The grading is based on eight “Guiding Principles of Corporate Governance” – and helpfully, you can see the actual survey questions and the overall grade that each question generated. Here’s a finding that we can probably all agree is troubling:
When presented with specific scenarios in which the CEO wants to delay reporting negative news, respondents believed that only 64% of board members at their company would push back on the CEO, meaning more than one-third (36%) of board members would not. Similarly, CAEs gave a D (67) to the issue that board members should be asking whether information presented to them is accurate and complete.
Our January Eminders is Posted!
We have posted the January issue of our complimentary monthly email newsletter. Sign up today to receive it by simply inputting your email address!
Yesterday, the SEC announced this New Year’s gift: proposed amendments to Rule 2-01 of Reg S-X that would “modernize” the auditor independence rules and codify Staff consultations – which have been influencing how the rules are interpreted since they were adopted in 2000 and last amended in 2003. If adopted, the proposed amendments would:
– Amend the definitions of affiliate of the audit client, in Rule 2-01(f)(4), and Investment Company Complex, in Rule 2-01(f)(14), to address certain affiliate relationships, including entities under common control
– Amend the definition of the audit and professional engagement period, specifically Rule 2-01(f)(5)(iii), to shorten the look-back period, for domestic first time filers in assessing compliance with the independence requirements
– Amend Rule 2-01(c)(1)(ii)(A)(1) and (E) to add certain student loans and de minimis consumer loans to the categorical exclusions from independence-impairing lending relationships
– Amend Rule 2-01(c)(3) to replace the reference to “substantial stockholders” in the business relationship rule with the concept of beneficial owners with significant influence
– Replace the outdated transition and grandfathering provision in Rule 2-01(e) with a new Rule 2-01(e) to introduce a transition framework to address inadvertent independence violations that only arise as a result of merger and acquisition transactions
– Make certain miscellaneous updates
The announcement runs through a couple of hypos that show how the proposal would address interpretive issues that have been popping up. As always, there’ll be a 60-day comment period that runs from when the proposing release is published in the Federal Register. Also see the summary in this Cooley blog…
Audit Committee Role & Reminders: Statement from SEC & Corp Fin
Also yesterday, this statement from SEC Chair Jay Clayton, Chief Accountant Sagar Teotia and Corp Fin Director Bill Hinman was issued to remind audit committees of their oversight responsibilities in financial reporting – and to remind companies that audit committees need adequate resources & support to fulfill their obligations. Here’s an excerpt:
– Non-GAAP Measures – Non-GAAP measures and other metrics used to gauge company performance, when used appropriately in combination with GAAP measures, can provide decision-useful information to investors on the company’s performance from management’s perspective. It is important that audit committees understand whether—and how and why—management uses non-GAAP measures and performance metrics, and how those measures are used in addition to GAAP financial statements in the company’s financial reporting and in connection with internal decision making. We encourage audit committees to be actively engaged in the review and presentation of non-GAAP measures and metrics to understand how management uses them to evaluate performance, whether they are consistently prepared and presented from period to period and the company’s related policies and disclosure controls and procedures.
– Reference Rate Reform (LIBOR) – The expected discontinuation of LIBOR could have a significant impact on financial markets and may present a material risk for many companies. The risks associated with this discontinuation and transition will be exacerbated if the work necessary to effect an orderly transition to an alternative reference rate, a process often referred to as reference rate reform, is not completed in a timely manner. We encourage audit committees to understand management’s plan to identify and address the risks associated with reference rate reform, and specifically, the impact on accounting and financial reporting and any related issues associated with financial products and contracts that reference LIBOR.
– Critical Audit Matters – Beginning in 2019, certain public companies’ auditors are required to communicate critical audit matters (CAMs) in the auditor’s report. While the independent auditor is solely responsible for writing and communicating CAMs, we encourage audit committees to engage in a substantive dialogue with the auditor regarding the audit and expected CAMs to understand the nature of each CAM, the auditor’s basis for the determination of each CAM and how each CAM is expected to be described in the auditor’s report. In short, we would expect that the discussion of the CAM in the auditor’s report will capture and be consistent with the auditor-audit committee dialogue regarding the relevant matter. We encourage audit committees to continue their efforts to understand the new standard and remain engaged with auditors in the implementation process.
We’re Gonna Party Like It’s…
Who else is in shock that we’re 20 years into this century?! Our flip from 2019 to 2020 feels momentous in its own right – but we’re lacking in catchy tunes to celebrate. When in doubt, tune to Prince:
My resolution this year is to finally visit Paisley Park…I live just down the road and I’m still kicking myself for never making it to one of “The Artist’s” impromptu parties. I did, however, join thousands of my closest friends outside First Ave the night he died, where he was honored by lots of local talent, including Lizzo before many people knew who Lizzo was – quite the scene with everyone singing along to “Purple Rain.”
Last week, the SEC issued this notice to approve changes to FINRA Rule 5110. This Mayer Brown blog gives a high-level overview of topics covered by the amendments – which are intended to reduce compliance costs:
(1) filing requirements; (2) filing requirements for shelf offerings; (3) exemptions from filing and substantive requirements; (4) underwriting compensation; (5) venture capital exceptions; (6) treatment of non-convertible or non-exchangeable debt securities and derivatives; (7) lock-up restrictions; (8) prohibited terms and arrangements; and (9) defined terms
Corporate Musicals: Ready for a Revival?
If you haven’t watched “Bathtubs Over Broadway” on Netflix, make it your New Year’s resolution. In this review for The New Yorker, Richard Brody concludes that high-budget corporate musicals like J&J’s “sunscreen disco” inspired countless “mid-level business people” to be heroes in their profession.
Is a revival of this genre the key to positive corporate culture that so many companies & shareholders say they want? For enough money, I’m pretty sure Kristin Chenoweth would sing about insurance policies, medical devices or self-driving vehicles. For some “short form” entertainment, check out Blackstone’s holiday video – 6 minutes and in the style of “The Office,” with a joke for us SEC geeks around the 4:30 mark.
Songs For Our Time
On second thought, maybe over-the-top, optimistic musicals aren’t a good fit for this day & age. What today’s workers would identify with is an album with songs like “The Perils of Mobile Connectivity” – from a derivatives trader who’s spent the best years of his life in an office tower. I’m here to report that Jason Pilling’s “White Collar Melodies” has all that & more…
We’ve blogged a lot about the BRT’s redefined “statement of corporate purpose.” Many are frustrated that the topic is getting so much attention, given that the vast majority of directors & companies already view themselves as catering to multiple stakeholders in order to achieve long-term value. I blogged recently on “The Mentor Blog” about that disconnect and the resulting communications opportunity. One tangible thing that some companies are doing – regardless of whether their CEOs signed the BRT statement – is adopting a “statement of purpose” that shows the link between the company’s strategy and its consideration of stakeholder groups.
Last week, Prudential went one step further and also announced a “multi-stakeholder framework” that supports the company’s updated statement of purpose – and shows how the board considers shareholders, employees, customers and society. The press release emphasizes the board’s role in the stakeholder commitments and says that the company will report on the progress of its purpose-driven goals in its annual & sustainability reports. Here’s the infographic:
We’ll be covering more on this issue during our January 21st webcast – “Deciphering ‘Corporate Purpose.’” Join us to hear Morrow’s John Wilcox, Freshfields Bruckhaus’ Pam Marcogliese and Morris Nichols’ Tricia Vella discuss what the debate over “shareholder primacy” means for directors’ fiduciary duties and corporate accountability, and how companies can effectively set & communicate “stakeholder” commitments.
ESG Ratings Draw Nearly Universal Contempt
If there’s one thing that most people in our community can agree on, it’s that the proliferation of “ESG” ratings and funds is causing frustration and confusion. However:
ESG scores can play a key role in determining whether fund managers or exchange-traded funds buy a stock, how much companies pay on loans, and even if a supplier bids for a contract. They can also help verify whether a bond is really “green” or if a company is eligible for a stock benchmark. Investments in about $30 trillion in assets have relied in some way on ESG ratings.
That’s according to this recent Bloomberg article, which cites an MIT working paper. But ratings are difficult to compare and can vary widely. And the variation in how they’re employed – by “ESG” funds, in particular – only compounds the problem. Maybe that’s why the SEC is reportedly looking into these investors:
The SEC initiative is based out of the agency’s Los Angeles office, according to a person familiar with the matter. It has focused on advisers’ criteria for determining an investment to be socially responsible and their methodology for applying those criteria and making investments.
One letter the SEC sent earlier this year to an investment manager with ESG offerings asked for a list of the stocks it had recommended to clients, its models for judging which companies are environmentally or socially responsible, and its best- and worst-performing ESG investments, according to a copy of the letter viewed by The Wall Street Journal. It follows a similar examination letter sent last year to other asset managers, suggesting the regulator decided to broaden its examination.
It’s not clear what the end game would be for this type of examination. Increased disclosure? A standardized reporting framework? That’s a concept I’ve blogged about for companies. The EU already requires large companies to report on their sustainability policies – and within the next couple years will also encourage indexes and benchmark providers to disclose their ESG methodologies (see this White & Case memo and this Bloomberg article).
Government Shutdown Averted!
Good news – the Staff will be returning to work later this week. Congress passed spending bills that the President has now signed, averting a shutdown and keeping the federal government funded through next September. Here’s a short CBS News article about it.
Last year around this time, the government began what ended up being the longest shutdown in history. The SEC went down to a “skeletal staff” for most of January – which put companies in a real bind when it came to negotiating with shareholder proponents, trying to get through the registration process and resolving any Corp Fin comments.
We were blogging about it almost daily (here’s one of the later ones) – and fielded many posts in our “Q&A Forum.” For a reminder about what that was like at the SEC, see Broc’s blog about the deep hole Corp Fin found itself in after the shutdown and my blog wondering whether the shutdown led to Corp Fin reconsidering the Rule 14a-8 no-action request process.
Yesterday, Corp Fin added to its “CF Disclosure Guidance Topic” series with two new topics. “Topic No. 8: Intellectual Property & Technology Risks Associated with International Business Operations” explains the Staff’s views on what companies should consider disclosing about their reliance on technology & intangible assets if they conduct business in places that don’t have robust IP laws – and where that disclosure would appear. Here’s an excerpt:
Although there is no specific line-item requirement under the federal securities laws to disclose information related to the compromise (or potential compromise) of technology, data or intellectual property, the Commission has made clear that its disclosure requirements apply to a broad range of evolving business risks in the absence of specific requirements. In addition, a number of existing rules or regulations could require disclosure regarding the actual theft or compromise of technology, data or intellectual property if it pertains to assets or intangibles that are material to a company’s business prospects. For example, disclosure may be necessary in management’s discussion and analysis, the business section, legal proceedings, disclosure controls and procedures, and/or financial statements.
The guidance includes examples of risks that might arise from business relationships – e.g. idiosyncratic license terms that favor the other party or compromise the company’s control over proprietary info, regulatory requirements that require companies to store data locally or use local services or technology. It also includes a laundry list of questions companies should ask themselves to assess risks. We’ll be posting memos in our “Cybersecurity” Practice Area.
Corp Fin’s New “Disclosure Guidance”: Confidential Treatment Requests
RIP, Staff Legal Bulletins No. 1 and 1A. Yesterday’s new “CF Disclosure Guidance Topic No. 7: Confidential Treatment Applications Under Rules 406 & 24b-2” supersedes that guidance. It addresses how and what to provide when submitting a “traditional” confidential treatment request – i.e. outside of the accommodations from earlier this year that now allow companies to simply redact immaterial confidential information from exhibits. The new disclosure guidance also applies to filings where traditional CTRs remain the only available method to protect private information – e.g. Schedule 13D or exhibits required by Item 1016 of Reg M-A.
After filing the exhibit on Edgar with redactions that show where confidential info is omitted, here’s what companies now need to do for written applications (we’ll be posting memos in our “Confidential Treatment Requests” Practice Area):
1. Provide one unredacted copy of the contract required to be filed with the Commission with the confidential portions of the document identified;
2. Identify the Freedom of Information Act[6] exemption it is relying on to object to the public release of the information and provide an analysis of how that exemption applies to the omitted information. Often, this is the exemption provided by Section 552(b)(4)[7] of the FOIA, which protects “commercial or financial information obtained from a person and privileged or confidential.” If this is the case, the Supreme Court’s decision in Food Marketing Institute v. Argus Leader Media, 139 S.Ct. 2356 (2019) addresses the definition of confidential and may be helpful in providing this analysis;
3. Justify the time period for which confidential treatment is sought;
4. Explain, in detail, why, based on the applicant’s specific facts and circumstances, disclosure of the information is unnecessary for the protection of investors. This generally is encompassed in a materiality discussion, addressed below;
5. Provide written consent to the furnishing of the confidential information to other government agencies, offices or bodies and to the Congress;
6. Identify each exchange, if any, with which the material is filed (required in applications under Rule 24b-2 relating to Exchange Act filings only); and
7. Provide the name, address and telephone number of the person with whom the Division should communicate and direct all issued notices and orders.
What’s the Deal with “CF Disclosure Guidance”?
A while back, Corp Fin was on a roll with this format for guidance – issuing six topics from 2011 to 2013 (here’s Broc’s blog from when this format first debuted). But yesterday’s new topics were the first in over six years.
They’ve always included a “Supplementary Information” disclaimer at the beginning to emphasize that the guidance isn’t a rule and hasn’t been approved by the Commission. Of course, lately there’s been even more back & forth about the role of “guidance” versus rules – and as Broc blogged last month, a recent executive order severely restricted most federal agencies’ ability to practice “regulation by guidance.” So to be extra clear that these publications aren’t rules, the disclaimer for yesterday’s two topics includes this new sentence:
This guidance, like all staff guidance, has no legal force or effect: it does not alter or amend applicable law, and it creates no new or additional obligations for any person.
SEC & Edgar Closed Tuesday & Wednesday
This executive order announces that all federal agencies – including the SEC – will be closed on Tuesday for Christmas Eve (Christmas Day was already designated as a Federal Holiday, so the SEC is closed that day too). The SEC announced that this means Edgar will be closed too – so you’ve got until December 26th to make filings that would be due on Tuesday or Wednesday.
This blog from Alan Dye points out that it isn’t clear whether the 24th is still counted as a “business day” for purposes of calculating filing deadlines that fall later in the week. Based on last year’s precedent, it wouldn’t be considered a “business day” for purposes of calculating filing deadlines – and Alan was told in a phone call with the Staff that they’d take the same position this year.
As anticipated, yesterday the SEC voted to propose amendments to the definition of “accredited investors.” The proposed amendment, issued upon a 3-2 vote, will allow more investors to participate in private offerings by adding more natural persons that will qualify based on their professional knowledge, experience or certifications. Interestingly, the proposal contemplates that these categories could be established by the SEC by order, rather than the rule itself – which would allow the SEC to establish the criteria in the future without notice & comment. Also, the proposed amendments expand the list of entities that may qualify as accredited investors.
During the summer, Liz blogged about the SEC’s concept release that included discussion of the accredited investor definition. As the concept release generated a flurry of comment letters, it’s hard to say whether this proposal will please everyone. As this Cooley blog notes, the statements of dissent from Commissioners Rob Jackson and Allison Lee – compared to the statements of support from Commissioners Hester Peirce and Elad Roisman – highlight the differences in views that exist about the fundamental purposes of the securities laws.
The proposal doesn’t raise the income and wealth thresholds that have existed since 1982 or suggest adjustments for inflation in the future. This WSJ article says that the lack of an inflation adjustment has contributed to the current number of qualifying households rising over time – from 1.3 million in 1983 to 16 million this year. And among the 69 questions that the SEC specifically requests people to comment on is whether the standards should be tied to geographic reasons to account for potentially lower costs of living.
We’ll be posting memos in our “Accredited Investor” Practice Area to help everyone stay up to date with the latest on the proposed changes.
SEC Proposes Expanding QIB Def’n
As mentioned in the press release about the proposed expansion of the “accredited investor” definition, the SEC also proposed expanding the definition of “qualified institutional buyers” under Rule 144A. The expanded definition would add LLCs and RBICs (Rural Business Investment Companies) to the types of entities eligible for QIB status if they meet the securities owned and investment threshold in the definition. There’s also a new ‘catch-all’ category that would permit institutional accredited investors under Rule 501(a), of an entity type not already included in the QIB definition, to qualify as QIBs when they satisfy the $100 million threshold.
Keeping step with the fast-approaching year-end rush, yesterday the SEC also voted to propose rules requiring mining companies to disclose payments made to foreign governments or the U.S. government for the commercial development of oil, natural gas or minerals.
The Commission is statutorily obligated to issue a rule in this area. And, as outlined in the SEC press release about the proposed rules and in Broc’s blog back a couple of years ago, the path to these new proposed rules has been anything but smooth. Here’s an excerpt from the SEC press release:
The Commission first adopted rules in this area in 2012, as mandated by the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”). The 2012 rules were vacated by the U.S. District Court for the District of Columbia. The Commission then adopted new rules in 2016, which were disapproved by a joint resolution of Congress pursuant to the Congressional Review Act.
As Liz blogged last week, the NYSE proposal to allow “direct listings” for primary offerings has been revised and is back on the table, and it’s led to a lot of chatter and head-scratching about how exactly this path would work. This 12-page memo from Gibson Dunn is a good up-to-date resource that outlines benefits, issues to consider and current rules that apply. The memo has a nice tabular overview of the various listing standards so that you can compare different alternatives (as Liz also blogged last week, Nasdaq now has a rule that allows secondary direct listings on its Global Select, Global and Capital Markets).
At this point, we still don’t know why the SEC rejected the first NYSE proposal – was it something that the NYSE adequately addressed in its revised proposal, or does the SEC think there’s a fundamental problem with primary direct listings, for investor protection or other reasons? Stay tuned, we’ll be blogging more on this topic as it develops.
Improving Board Oversight of Risk
The board’s role in risk oversight continues to be top of mind – not only for directors, but also for shareholders, legislatures & proxy advisors. If you’re looking for a pretty comprehensive resource, Wachtell recently issued a 24-page memo on the topic. It includes these recommendations:
– Assess whether the company’s strategy is consistent with agreed-upon risk appetite and tolerance for the company
– Review with management whether adequate procedures are in place to ensure that new or materially changed risks are properly and promptly identified, understood and accounted for in the actions of the company
– Review the risk policies and procedures adopted by management, including procedures for reporting matters to the board and appropriate committees and providing updates, to assess whether they are appropriate and comprehensive
– Review with management the quality, type and format of risk-related information provided to directors
– Review with management the primary elements comprising the company’s risk culture, including establishing “a tone from the top” that reflects the company’s core values and the expectation that employees act with integrity and promptly escalate non-compliance in and outside of the organization
Over Confidence about Risk Management?
As reported in a recent Navex blog, a survey from the Institute of Internal Auditors found that boards are over confident about the effectiveness of an organization’s risk management program. According to the survey results, the board “has more faith in the company’s ability to manage risks than the company’s executives do.”
As the blog high-lights, this can present problems when the board believes the company is effectively managing a risk, such as third-party risk, and the board then voices approval for growing the business in an area that relies heavily on effective third-party risk management. As the business expands or grows, a breakdown can occur and then questions will arise about an apparent weakness in risk management, and perhaps whether management was transparent with the board prior to the breakdown.
Navex offers tips for aligning management’s and the board’s views on risk management. Tips for starting a conversation with the board include:
– Discuss whether the board has the right structure and right people
– Evaluate whether the company has good escalation procedures so that the right information gets delivered to the board
– Does management speak in a unified way about risk to help ensure transparency?
– Does the company have a single, trusted source of risk information – starting with the same data set of information is key