All posts by Cydney Posner

Some highlights of the 2023 PLI Securities Regulation Institute

This year’s PLI Securities Regulation Institute was a source for a lot of useful information and interesting perspectives. Panelists discussed a variety of topics, including climate disclosure (although no one shared any insights into the timing of the SEC’s final rules), proxy season issues, accounting issues, ESG and anti-ESG, and some of the most recent SEC rulemakings, such as pay versus performance, cybersecurity, buybacks and 10b5-1 plans. Some of the panels focused on these recent rulemakings echoed concerns expressed last year about the difficulty and complexity of implementation of these new rules, only this time, we also heard a few panelists questioning the rationale and effectiveness of these new mandates. What was the purpose of all this complication? Was it addressing real problems or just theoretical ones? Are investors really taking the disclosure into account? Is it all for naught?  Pay versus performance, for example, was described as “a lot of work,” but, according to one of the program co-chairs, in terms of its impact, a “nothingburger.”  (Was “nothingburger” the word of the week?) Aside from the agita over the need to implement the volume of complex rules, a key theme seemed to be the importance of controls and process—the need to have them, follow them and document that you followed them—as well as an intensified focus on cross-functional teams and avoiding silos. In addition, geopolitical uncertainty seems to be affecting just about everything. (For Commissioner Mark Uyeda’s perspective on the rulemaking process presented in his remarks before the Institute, see this PubCo post.) Below are just some of the takeaways, in no particular order.

Commissioner Uyeda has some suggestions about the rulemaking process

In remarks this week before PLI’s 55th Annual Institute on Securities Regulation, SEC Commissioner Mark Uyeda shared his views about the disclosure rulemaking process. He observed that, since becoming a commissioner 16 months ago, the SEC has adopted five major disclosure rules—pay versus performance, clawbacks, amendments to rule 10b5-1, share repurchases and cybersecurity—and has identified four more that are in the works.  He focused on four key issues: determining purpose, the need for re-proposals, scaling disclosure and considering rulemaking costs and burdens on a cumulative basis. As you might guess, Uyeda had some thoughtful criticisms of the rulemaking process and offered some potential remedies.

New Corp Fin intake system for no-action requests related to shareholder proposals

Corp Fin has announced a new intake system for requests from companies for no-action positions from the staff regarding companies’ intentions to exclude shareholder proposals under Rule 14a-8. In the announcement, Corp Fin indicates that Rule 14a-8 submissions and related correspondence must now be submitted using Corp Fin’s online shareholder proposal form, available at, and that emailed materials will no longer be accepted. The announcement—and the form itself—emphasize that staff responses to these requests are only “informal, non-binding staff views” regarding exclusion of shareholder proposals.

Will the SEC’s shadow trading theory fall to SCOTUS’s major questions doctrine?

In August 2021, the SEC filed a complaint in the U.S. District Court charging Matthew Panuwat, a former employee of Medivation Inc., an oncology-focused biopharma, with insider trading in advance of Medivation’s announcement that it would be acquired by a big pharma company.  But it wasn’t your average run-of-the-mill insider trading case. Panuwat didn’t trade in shares of Medivation or shares of the acquiror, nor did he tip anyone about the transaction.  No, according to the SEC, he engaged in what has been referred to as “shadow trading”; he used the information about his employer’s acquisition to purchase call options on another biopharma, which the SEC claimed was comparable to Medivation.  (See this PubCo post.)  Since then, we’ve seen the usual moves on the chess board (discussed briefly below). But what’s particularly interesting, as Alison Frankel pointed out in Reuters, is the amicus brief filed by the Investor Choice Advocates Network, a self-described “nonprofit, public interest organization focused on expanding access to markets by underrepresented investors and entrepreneurs.”  In its brief, ICAN contended that the SEC’s invocation of the novel “shadow-trading” theory made this a “major questions” case—a judicial torpedo that we might begin to see fired with some regularity.  

SEC approves Nasdaq rule change regarding reverse stock splits

In August, the SEC posted a proposed Nasdaq rule change that would establish listing standards related to notification and disclosure of reverse stock splits.  According to the Nasdaq proposal, the volume of reverse splits processed by Nasdaq has increased substantially from 94 in 2020, 31 in 2021and 196 in 2022 to 164 reverse splits—just as of June 23, 2023.  In most cases, Nasdaq observed, the purpose of the reverse splits was to comply with Nasdaq’s $1 minimum bid price requirement to remain on the Capital Market tier. In light of this increased volume, Nasdaq proposed amendments to its listing rules to “enhance the ability for market participants to accurately process these events, and thereby maintain fair and orderly markets.” Failure to comply could result in a trading halt. Last week, the SEC approved the proposed rule change. It’s worth noting that, as a corollary to the new reverse split listing standards, Nasdaq has also submitted to the SEC a separate rule proposal to adopt a new regulatory halt procedure specific to securities in the process of a reverse split.

Fifth Circuit grants Chamber’s petition for review of buyback rule—will the Court ultimately vacate the rule?

In May this year, the SEC adopted final rules intended to modernize and improve disclosure regarding company stock repurchases. The rule requires quarterly reporting of detailed quantitative information on daily repurchase activity and revises and expands the narrative requirements, including disclosure regarding the rationale for the buyback. (See this PubCo post.) It didn’t take long for the Chamber to object.  Just over a week following adoption, the U.S. Chamber of Commerce, along with two Texas co-plaintiffs, submitted a petition to the Fifth Circuit for review of the final rule. Petitioners made three arguments: that “(1) the rationale-disclosure requirement violates the First Amendment by impermissibly compelling their speech; (2) the SEC acted arbitrarily and capriciously in adopting the final rule by not considering their comments or conducting a proper cost benefit analysis; and (3) the SEC did not provide the public with a meaningful opportunity to comment.”   On Halloween, the three-judge panel issued its opinion. The Court granted the petition, holding that the SEC violated the Administrative Procedure Act. But the Court did not vacate the rule—not yet anyway. Instead, the Court remanded the rule back to the SEC for 30 days to attempt to repair the analytical defects. Will the SEC adequately repair the defects? Will the Court ultimately vacate the rule? That all remains to be seen.

SEC charges SolarWinds and CISO with securities fraud and control failures

You remember the 2020 SolarWinds hack, perhaps one of the worst cyberattacks in history?  As NPR described it in 2021, we all regularly receive routine software updates like this one:

“‘This release includes bug fixes, increased stability and performance improvements’…. Last spring, a Texas-based company called SolarWinds made one such software update available to its customers. It was supposed to provide the regular fare—bug fixes, performance enhancements—to the company’s popular network management system, a software program called Orion that keeps a watchful eye on all the various components in a company’s network. Customers simply had to log into the company’s software development website, type a password and then wait for the update to land seamlessly onto their servers. The routine update, it turns out, is no longer so routine. Hackers believed to be directed by the Russian intelligence service, the SVR, used that routine software update to slip malicious code into Orion’s software and then used it as a vehicle for a massive cyberattack against America. ‘Eighteen thousand [customers] was our best estimate of who may have downloaded the code between March and June of 2020,’”

according to the Company’s CEO. And not just any customers—the Company determined that many very well-known companies and about a dozen government agencies were compromised, including the Treasury, Justice and Energy departments, the Pentagon and, ironically, the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security. On Monday, the SEC announced that it had filed a complaint against SolarWinds and its Chief Information Security Officer, Timothy G. Brown, charging ‘fraud and  internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”  In the complaint, the SEC charges that “SolarWinds’ public statements about its cybersecurity practices and risks painted a starkly different picture from internal discussions and assessments about the Company’s cybersecurity policy violations, vulnerabilities, and cyberattacks.” According to Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, the SEC’s enforcement action “underscores our message to issuers: implement strong controls calibrated to your risk environments and level with investors about known concerns.”

Gensler talks climate with the Chamber

In his introduction to a conversation late last week with SEC Chair Gary Gensler on “Climate Disclosure Developments: The SEC, California, and EU Extraterritoriality,” the President and CEO of the U.S. Chamber of Commerce’s Center for Capital Markets, observed that, although companies have voluntarily responded to investors by increasingly disclosing information on climate, now policymakers in different states and across the globe are working to impose a plethora of mandatory reporting requirements for climate disclosure. The thing is, they’re not consistent. While the Chamber supported disclosure of material climate information, he cautioned that the actions by these policymakers have created a real risk that companies will face duplicate, differing, overlapping and even conflicting requirements. The SEC’s proposal to enhance standardization of climate disclosure might offer some real relief on that score, and that makes it all the more important, he said, for the SEC to act within its authority. The potential for public companies to become ensnared in this labyrinth of overlapping and conflicting regulation was the apparent subject of this conversation.  In the end, however, Gensler’s steady focus was on the remit of the SEC under U.S. law. Risks to issuers arising out of inconsistency with California and the EU—well, not so much.

It’s not over till it’s over: Petition filed for rehearing en banc on Nasdaq board diversity rule

As discussed in this PubCo post, on October 18, a three-judge panel of the Fifth Circuit denied the petitions filed by the Alliance for Fair Board Recruitment and the National Center for Public Policy Research challenging the SEC’s final order approving the Nasdaq listing rules regarding board diversity and disclosure. The new listing rules adopted a “comply or explain” mandate for board diversity for most listed companies and required companies listed on Nasdaq’s U.S. exchange to publicly disclose “consistent, transparent diversity statistics” regarding the composition of their boards.  (See this PubCo post.)  Given that, by repute, the Fifth Circuit is the circuit of choice for advocates of conservative causes, the decision to deny the petition may have taken some by surprise—unless, that is, they were aware, as discussed in the WSJ and Reuters, that the three judges on this panel happened to all be appointed by Democrats.  Yesterday, the Petitioners filed a petition requesting a rehearing en banc by the Fifth Circuit, where Republican presidents have appointed 12 of the 16 active judges.  Not that politics has anything to do with it, of course.

Is there an alternative to Scope 3?

As you know, the SEC has proposed a sweeping set of regulations for disclosure on climate (see this PubCo post, this PubCo post and this PubCo post), and we anxiously wait to see what the final rules have in store (obviously not happening in October as the SEC had previously targeted). One controversial part of that proposal draws on the Greenhouse Gas Protocol, requiring disclosure of a company’s Scopes 1 and 2 greenhouse gas emissions, and, for larger companies, Scope 3 GHG emissions if material (or included in the company’s emissions reduction target), with a phased-in attestation requirement for Scopes 1 and 2 data for large accelerated filers and accelerated filers. There haven’t been many complaints about the Scope 1 and Scope 2 requirements, but Scope 3 is another matter. According to the SEC, some commenters indicated that, for many companies, Scope 3 emissions represent a large proportion of overall GHG emissions, and therefore, could be material. However, those emissions result from the activities of third parties in the company’s “value chain,” making collection of the data much more difficult and much less reliable. In two articles published in the Harvard Business Review—“Accounting for Climate Change” and “We Need Better Carbon Accounting. Here’s How to Get There”—Robert Kaplan and Karthik Ramanna from Harvard Business School and the University of Oxford, respectively, propose another idea—the E-liability accounting system. The GHG protocol is, at this point, deeply embedded. Would the E-liability system work? Should the SEC or other regulators make room for a different concept?