At the PLI Securities Regulation Institute last week, the plethora of SEC rulemaking took some hits. It wasn’t simply the quantity of SEC rules and proposals, although that was certainly a factor. But the SEC has issued a lot of proposals in the past. Rather, it was the difficulty and complexity of implementation of these new rules and proposals that seemed to have created the concern that affected companies may just be overwhelmed. Former Corp Fin Director Meredith Cross, a co-chair of the program, pronounced the SEC’s climate proposal “outrageously” difficult, complicated and expensive for companies to implement, and those problems, the panel worried, would only be compounded by the adoption of expected new rules in the EU that would be applicable to many US companies and their EU subsidiaries. (See this Cooley Alert.) The panel feared that companies would be bombarded with a broad, complicated and often inconsistent series of climate/ESG disclosure mandates. Single materiality/double materiality anyone? But it wasn’t just the proposed climate disclosure that contributed to the concern. Recent rulemakings or proposals on stock buybacks, pay versus performance and clawbacks were also singled out as especially challenging for companies to put into effect.
If you haven’t already done so, please be sure to vote!
[Based on my notes and limited by my imperfect attendance, so standard caveats apply.]
ESG was ubiquitous, a presence in just about every corporate panel. Of course, there were the obligatory panels on climate, as well as the social and governance aspects of ESG, but the topic also made an appearance throughout the agenda—even the accounting panel mentioned the proliferation of ESG metrics and the need for controls to ensure accuracy.
With the SEC’s climate disclosure proposal still pending, what should companies do now? Since it’s not really very clear when the SEC’s proposal will go into effect or exactly what it will require, that put something of a crimp in the nature of the advice the panel could offer. Generally, the panelists suggested that companies begin by taking process steps, leveraging existing functions and capabilities, such as establishing a cross-functional team—including subject-matter experts, legal, financial reporting, internal audit and management. (That was a big item on everyone’s list of recommendations.) Companies will also need to educate team members who are not familiar with financial reporting about the need for controls, process and scrubbing of data and educate team members who are not familiar with climate science about the basics of that discipline. This process, panelists advised, will involve a new language for all. The board will also need to be educated (although the panel did not seem to believe that boards had to include directors who were climate experts). In addition, companies may want to set up internal and disclosure controls and processes and establish appropriate governance structures, perhaps leveraging the experience of the audit or other appropriate committees. The panel cautioned that significant decisions affecting the business will need to be elevated for buy-in (or not) by the board.
Internationally, one panel noted, standards are also expected from both the International Sustainability Standards Board and, in the EU, as a result of a new Corporate Sustainability Reporting Directive. The ISSB (created by the IFRS Foundation), a voluntary standard-setter, has recently released two exposure drafts on climate and general sustainability, both of which use single materiality. In the EU, agreement has been reached on a new CSRD, which will provide for reporting on a broad set of ESG topics and will apply to EU and non-EU companies that meet specific presence tests. The CSRD calls for, not only climate reporting, but also reporting on the environment generally (e.g., pollution, biodiversity) and the company’s impact on workers, consumers and communities. Notably, the CSRD uses a double materiality standard.
One panel observed that a company’s EU subs will need to be integrated into the company’s controls, if they aren’t already. But the looming integration question is how rules from the CSRD (and perhaps elsewhere) will ever be integrated with US rules? That’s when Cross asserted that the SEC’s proposed rules were outrageously complicated and difficult to implement—so much so that some commenters had advised the SEC to just start over. Adding in the expansive mandate of the CSRD raised fears that the impact on companies would be enormous—overwhelming. It was hard to envision how, with so many differences in the standards, it would all ultimately connect for a path forward.
The panel observed that there has been a great deal of public pushback on the SEC’s proposal, especially on Scope 3 emissions disclosure and financial statement metrics, which would impose a 1% materiality standard. While it was widely hoped that the SEC would revise that standard, one speaker acknowledged that “hope is not strategy.” Cross also observed that the SEC can’t just hand over rulemaking to a non-US regulatory body; perhaps the result will be a separate stand-alone report that could be used internationally.
Panelists also observed that recent SEC comments frequently ask companies why information in their voluntary reports is not also reported in their Forms 10-K (leading many companies to avoid the use of the “material” in their voluntary reports). In prior years, many companies simply responded that they did not consider the information material. Recently, however, those questions have evolved into more “pointed” questions about how the company assesses materiality, often necessitating more rounds of comments that require companies to show their work and provide data in support. Or questions may be more specific, for example, asking companies the extent to which climate risk has driven up the cost of their insurance, forcing companies to do the math—if it’s even possible to isolate that information. Companies will want to maintain back-up for their responses. Panelists also pointed to recent cases charging false disclosure brought by the SEC’s Climate and ESG Task Force in the Division of Enforcement. (See this PubCo post, this PubCo post and this PubCo post.)
The panels observed that companies are now beginning to provide more climate information in their periodic reports, especially in risk factors—the days of 10-Ks without climate information were over. One panel pointed to Corp Fin’s 2021 sample letter regarding climate change disclosure, which discussed physical risks and transition risks (see this PubCo post). Keir Gumbs, a co-chair of the program, suggested that companies begin to include information that would be required by the TCFD framework, standards on which the SEC’s climate disclosure proposal is modeled in part. (The TCFD framework establishes eleven disclosure topics related to four core themes that provide a structure for the assessment, management, and disclosure of climate-related financial risks: governance, strategy, risk management, and metrics and targets.) (See this PubCo post, this PubCo post and this PubCo post.)
ESG—social and governance developments. A panelist noted that over 90% of the S&P 500 publish voluntary ESG reports. The panel considered authenticity and consistent communications to be important in these reports. Panelists suggested that companies start with an ESG “materiality assessment,” a process through which a company determines the aspects of ESG that are most critical to its business and stakeholders and which metrics will best measure the company’s performance. (Materiality assessments were also on a lot recommendation lists.) Board input here can be important. How do these key elements align with the company’s enterprise risk management framework and its related board discussions?
In these assessments, the panel noted, the issue of diversity, equity and inclusion often emerges as a top factor, one which is also often tied to executive comp. A number of companies are now disclosing their EEO-1 diversity data, and requests for disclosure of that data is a popular shareholder proposal. With regard to board diversity disclosure, the EU and UK require diversity disclosure, and some NYSE-listed companies are starting to observe the Nasdaq disclosure requirements. What is the value of board diversity? A panelist said that many investors believe that more diversity leads to higher quality decisions. In addition, employees do pay attention; many want to work at companies with managements and boards that look like them, so diversity can also be helpful for recruiting purposes.
How does human capital management translate to a material risk? In recent times, a panelist said, 85% of company assets are intangibles—patents, brand, goodwill and human capital. Companies need to attract talent. One panelist observed that, surprisingly, during the pandemic, productivity was generally the same as prior to the pandemic; it was “after” the pandemic—is the pandemic over?—in 2022 that productivity plunged. (Quiet quitting?) The panelists noted that the perception that a company treats its employees badly can really affect corporate reputation, impact value and tank the stock price, and there are certainly well-known examples of that impact. So HCM can be a material risk. According to the panel, 31% of human capital management shareholder proposals passed last year.
What information metrics are relevant here? The panel cited workforce composition, cost, turnover/attrition (including the contingent workforce) and diversity. Training and culture are also critical factors, but how do you assess culture? One illustrative example discussed was the way a company handles internal complaints. If internal complaints are not addressed, it suggests that the company does not attribute value to accountability and rule enforcement. A history of failure to address complaints can be indicative of a culture problem, illustrating how “s” ties to “g.” One panelist observed that “culture” eats “governance” for breakfast.
The panel noted that, currently, the SEC’s rules on HCM disclosure are principles-based, but many investors have complained that they are not receiving enough useful data. (A proposal for more prescriptive disclosure is anticipated. See this PubCo post.) The challenge is that investors want slightly different information, making it more difficult for companies to respond. Is the information requested useful and how can it be tailored? Sometimes companies try to “chase scores” by answering all questions submitted by rating agencies, but a panelist suggested that companies just focus on what is important to them.
Other disclosure developments
Sample letters and comments. Panelists pointed to recent sample letters from Corp Fin, including a recent letter regarding the impact of the war in Ukraine. (See this PubCo post.) The panel suggested that companies consider updating their risk factors and MD&A, as well as their forward-looking statement language. The accounting panel noted that a number of the sample comments were related to accounting issues, including, potentially, critical accounting estimates. Even if companies are not directly impacted as a result of operations in Russia, they may be affected indirectly, through their supply chains, as a result of increased cyber risk, volatility or otherwise. With regard to inflation and supply chain issues, the panel noted the need for more robust disclosure in risk factors and MD&A, including the impact on the company (e.g., increased interest rates, strong dollar) and any efforts to mitigate the impact.
Cicely La Mothe, Acting Deputy Director for Disclosure Operations, discussed the SEC’s recent comments asking companies to enhance their disclosures on board oversight. After surveying companies’ disclosures in that regard, the staff noted a substantial amount of boilerplate—even across different industries. As a result, LaMothe said, Corp Fin had recently sent out comment letters to elicit more tailored and nuanced disclosure of board risk oversight. The letters suggested any changes be made in future filings and, unusually, did not require a staff preview. The goal was to provide more transparency in this area and offer some guideposts designed to generate more thoughtful responses, she said, not to establish a template or checklist. Given that Item 407 is not prescriptive, LaMothe pointed to the adopting release as a source for points to consider in taking a fresh look at the existing disclosure. Some of the comments related to combined CEO/Chair roles, the role of lead independent directors representing the board and how the board administers its risk oversight function, such as the use of a board versus a committee for oversight of specific strategic risks, the timeframe for risk evaluations, the use of outside experts, frequency of re-assessment of the risk environment, interactions with management and how the risk oversight process aligns with disclosure controls. Some panelists questioned whether some of the comments were clearly contemplated by the Item 407 adopting release, such as a question about whether the lead independent director could ever override the CEO on any risk matters.
Interestingly, one point that the various panels made repeatedly was that there was a regular progression to SEC rulemaking: first, the staff posts guidance on a topic; if the issuer response is inadequate, the SEC itself may issue guidance; the staff may post a sample comment letter; if the disclosure remains insufficient, in some instances, the SEC may adopt principles-based regulation; and if that still fails to do the trick, the SEC will often adopt more prescriptive rules.
Cybersecurity proposal. With regard to the cybersecurity proposal, panelists noted that companies have historically evaluated whether an 8-K should be filed in the event of a material cybersecurity incident; the challenge and concern in this proposal is the requirement that companies disclose incidents on Form 8-K within four business days after they have determined that they have experienced a material cybersecurity incident—companies may not have the information necessary to satisfy the proposed timeframe and could be challenged with the benefit of hindsight. One panelist noted that it took the SEC six months to disclose its own cyber incident.
The proposal would also require disclosure in periodic reports about a company’s cybersecurity policies and procedures, management’s role in assessing cybersecurity risk and implementing cybersecurity policies, as well as board oversight of cybersecurity. (See this PubCo post.) One panelist described this element of the proposal as normative. The proposal would impose a greater burden on companies’ control processes to determine whether the incident is material. Often, companies do not know enough about the incident to assess materiality at an early stage. Panelists advised that legal be involved early in the process to help make this evaluation. In addition, the rule would require disclosure in periodic reports about an aggregation of immaterial incidents that together become material.
A panelist observed that a recurrent theme in many of these recent proposals is “what is the board doing?” Questions in this case, for example, include whether and how risk affects business strategy and financial oversight, how the board is kept informed on cybersecurity risk and the frequency of its discussions on this topic. The panel advised companies to bring in counsel and experts as needed and to beef up their controls and processes in connection with this reporting.
Insider transactions. This topic pertains to the SEC proposals on Rule 10b5-1 and insider trading (see this PubCo post) and company buybacks (see this PubCo post). The new proposal on company repurchases would require daily repurchase disclosure on a new Form SR before the end of the first business day following the day on which the company executes a share repurchase —in itself a daunting requirement.
The new 10b5-1 proposal would require companies to disclose their insider trading policies and procedures, which panelists advised be revisited. There is a range in practice as to who is subject to the policy, window periods, what processes are required prior to trading (e.g., preclear?) and whose accounts are covered (e.g., family?). Panelists advocated that policies should be tailored for the particular company—sometimes companies will want to cover administrative staff who are in touch with inside information. Perhaps company data is transparent for all employees?
Panelists suggested that companies may also want to consider policies regarding company trades; can the company be in the market when executives are prohibited from doing so? Companies may have historically engaged in share buybacks using 10b5-1 plans, but the limitations contained in the proposed rule—e.g., cooling-off periods—could make that challenging.
Pay-versus-performance proposal. Panelists described this proposal (see this PubCo post) as requiring a set of tables comparable to a Russian nesting doll and stressed that it would be a challenge to retrofit companies’ current practices to meet these requirements. Under the proposal, companies will need to determine their peer group and selected metrics, perform complex calculations of executive compensation actually paid and other metrics, as well as determine various valuations. One panelist advised that special consultants will be necessary for some of the valuation calculations. Companies may want to consider providing their comp committees with a mocked up table to review. In light of all the complex work required, the question plaguing the panel was whether investors will even care? They already receive lots of comp information. A panelist reported that ISS and Glass Lewis don’t yet know how they will use the information. Panelists were skeptical that the information would even be helpful, comparing the rulemaking to the pay-ratio rules—lots of work but, in the end, not particularly useful for most.
Clawbacks. A panelist view the SEC’s proposal on clawbacks (see this PubCo post) as perhaps the most frightening because it would require companies to recoup real dollars on a pre-tax basis. Again, there would be a number of challenges in execution of the policy required by this proposal: determining who is an executive officer under the SEC’s broad definition; valuation questions in connection with TSR; providing for recouping comp from terminated executives; covering “little r” restatements and establishing process to ensure that finance alerts the legal team.
The moderator began by observing that ESG was top of mind during this past proxy season. There were more proposals this past season: 60% went to a vote and 26% were withdrawn (which often means that an agreement was reached between the company and the proponent). There were 50% more environmental proposals; more proposals were in the “social” category, and 35% of those were withdrawn. The number of governance proposals declined. Among the top 10 proposals were the right to call a special meeting, political contributions, GHG emissions disclosure and climate change. Also on the list, but near the bottom, were proxy access and anti-ESG proposals. Panelists noted that anti-ESG proposals, which have not gotten much traction so far, often mirrored language used in pro-ESG proposals, leading to some confusion. Panelists suggested that companies identify the main proponents.
The top environmental proposals were climate change and GHG emission disclosure (four times the number in 2022), However, these proposals received less support this past season because they were more prescriptive. (See this PubCo post and this PubCo post.) The top social proposals were political contributions/lobbying, labor issues, EEO diversity data disclosure and racial equity audits (with more favorable votes this season). With regard to EEO data, companies used to resist publishing this data on the basis of privacy concerns; however, it has become much more common. One panelist noted that the problem now was that the information could be humiliating.
The panel reported that, overall, voting in favor of say-on-pay proposals was relatively high, although there was an increase in failures in 2022, which some attributed to lack of performance-based comp and an increase in “one-off” comp, such as special retention bonuses. Notably, if ISS recommended against the proposal, the vote was 30% lower, a panelist said.
The change in Corp Fin policy reflected in new SLB 14L, panelists observed, has meant that fewer proposals have been excluded (see this PubCo post and this PubCo post). SLB 14L outlined Corp Fin’s most recent interpretations of Rule 14a-8(i)(7), the ordinary business exception, and Rule 14a-8(i)(5), the economic relevance exception, and rescinded three earlier SLBs—SLBs 14I, 14J and 14K. Generally, SLB 14L presented its approach as a return to the perspective that historically prevailed prior to the issuance of the three rescinded SLBs. The effect of SLB 14L was to make exclusion of shareholder proposals—particularly proposals related to environmental and social issues—more of a challenge for companies. The panel also mentioned the changes to the proxy advisory firm rules, which are being challenged in court (see this PubCo post). In addition, the panel noted that the SEC had finally adopted rules for universal proxy (see this PubCo post), leading to the potential for more election contests and split tickets.
With regard to annual meeting preparations, the panel advised that planning needs to begin many months ahead. Companies will need to decide whether to have their meetings in person, virtual or hybrid. If online, companies will need to decide how to handle the Q&A (how much time to allocate and how to prioritize) and presentations by shareholder proponents. At virtual meetings, the average number of questions was 39 and the highest was 603 (!). Panelists advised that best practice was to post rules of the meeting online or include them in the proxy and to agree to answer unanswered questions online. Also, companies need to allot sufficient time for voting, panelists suggested.
Panelists reported that ESG is now de rigueur for all roadshows, although it apparently did not have the same impact in 2022 as in 2020 and 2021. Now, it’s more of a checkmark.
To avoid scrutiny (and SEC regulation) many founder-led companies are putting off IPOs as long as possible, one panelist observed. But investors and employees want liquidity. (Not to mention that the SEC may considering a push for more disclosure by large private companies, based on an academic paper by Corp Fin Director Jones.) As a result, lots of companies are keeping their confidential submissions “warm.”
There has also been a slowdown in SEC reviews, in part as a result of staffing and new reviewers. The panel said that the SEC has become less accommodating in the timing of review, moving more toward a first-come, first-served approach, which could affect the timing of roadshows. In addition, the SEC is not granting as many waivers of WKSI eligibility, requiring companies to amend their shelf registration statements.
Many retail investors use social media to find information companies; the panelists advised that companies need to bring more rigor to their social media posts.
Panelists noted that many SPACs are still out there looking for de-SPAC targets. The panel expected SPACs to return to their prior status as rarely used tools. Why? The panel suggested that the advantages associated with the use of SPACs seemed to be declining: the potential expansion of underwriter liability and the efforts by some underwriters to distance themselves from that possibility (for example, by avoiding deferred fees); the lengthening of time to market as result of the increase in performance of due diligence, especially around projections; the failure of some de-SPACs to raise sufficient capital to survive; the extremely high percentage of stock redeemed in some recent de-SPAC transactions (and the possibility that the stock buyback excise tax will apply); and the poor performance of some de-SPACs in the market, leading to a concern among some companies that the approach may carry a “stain.” One panelist said that the approach to SPAC due diligence used to be one of “trust,” then “trust but verify,” and now just “verify.”
The panel discussed recent changes in Delaware law, such as the new amendments allowing officer exculpation (in more limited circumstances than is allowed directors), a provision that will require a charter amendment to take effect. The rationale was a “doctrinal imbalance”; the Delaware exculpatory provision would allow directors to be excluded from the litigation, but the officers remained, leaving the case to survive on that claim.
The panel also discussed “controlling shareholders.” Under applicable law, in fiduciary duty litigation, the business judgment rule—as opposed to the difficult “entire fairness” standard—can be applied, potentially allowing a successful motion to dismiss, if there is an independent, fully empowered board committee in place ab initio—before substantive economic negotiations occur—and fully informed minority shareholder approval is obtained. The notion of whether there is a “controller” or “control group” is fact dependent. It does not, however, require a majority of shares; equity ownership could be 20% or 30%—it was even suggested that there may be instances where no stock was owned. Indicia might include, in addition to equity, veto rights, board composition and relationships, contract rights. As Vice Chancellor Lori Will expressed it, the question is whether the controller owes fiduciary duties. One of the panelists advised that, even if the process was begun too late, it may still be helpful support to conduct the fully informed minority vote.