SEC Chief Accountant has advice for audit committees on lead auditors’ use of other auditors
In this new statement, SEC Chief Accountant Paul Munter—no longer “acting” Chief, he got the job—discusses some of the issues arising out of the increased use by lead auditors of other accounting firms and individual accountants (referred to as “other auditors”) on many issuer audit engagements. While, in this context, much of the responsibility falls on the lead auditors, audit committees also have an important oversight role, and Munter has some useful advice for audit committee members.
Corp Fin posts update to tender offer CDIs
Corp Fin has posted an update to the CDIs related to the tender offer rules and schedules. Below are brief summaries.
McDonald’s court dismisses Caremark claims against directors
Here we have another in a string of McDonald’s cases—all of them arising out of workplace misconduct at McDonald’s, none even dipping its toe into employment law. First, you’ll remember, there were settled charges brought by the SEC against McDonald’s and its former CEO, Stephen Easterbrook, arising out of disclosure about the termination of Easterbrook on account of workplace misconduct. Then there was the derivative Caremark litigation for breach of fiduciary duty against David Fairhurst, who formerly served as Executive Vice President and Global Chief People Officer of McDonald’s, for consciously ignoring red flags about workplace misconduct and engaging in some pretty extensive workplace misconduct himself. Now, we have a new decision out of Delaware regarding the derivative Caremark litigation against the company’s directors alleging that they ignored red flags about the company’s culture that condoned workplace misconduct. But this case turned out to be different—VC Laster of the Delaware Chancery Court dismissed the complaint against the directors. The Court held that, in this case, the directors did not ignore the numerous red flags: the facts cited in the pleadings did “not support a reasonably conceivable claim against them for breach of the duty of oversight.” Once again, the case reinforces that high bar described by former Chief Justice Leo Strine for Caremark claims: “Caremark claims are difficult to plead and ultimately to prove out,” and constitute “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment.” (See this PubCo post.)
Gensler remarks on market stability
In remarks at an open meeting of the SEC this week (focused on proposals related to cybersecurity and data protection in the markets), SEC Chair Gary Gensler’s opening remarks addressed the bank failures of last week in the context of enforcement and market stability.
SEC charges DXC with misleading non-GAAP disclosures and absence of non-GAAP disclosure controls
The SEC has announced settled charges against DXC Technology Company, a multi-national information technology company, for making misleading disclosures about its non-GAAP financial performance in multiple reporting periods from 2018 until early 2020. According to the Order, DXC materially increased its reported non-GAAP net income “by negligently misclassifying tens of millions of dollars of expenses ” as non-GAAP adjustments related to strategic transactions and integration and improperly excluding them from its reported non-GAAP earnings. In addition to misclassification, DXC allegedly failed to accurately describe the scope of the expenses included in the company’s non-GAAP adjustment, with the result that “its non-GAAP net income and non-GAAP diluted EPS in periodic reports and earnings releases were materially misleading.” What’s more, the SEC alleged, DXC’s disclosure committee “negligently failed to evaluate the company’s non-GAAP disclosures adequately,…and failed to implement an appropriate non-GAAP policy” or adequate disclosure controls and procedures specific to its non-GAAP financial measures. Consequently, DXC “negligently failed to evaluate the company’s non-GAAP disclosures adequately.” DXC agreed to pay a civil penalty of $8 million. According to the SEC’s Associate Director of Enforcement, “[i]ssuers that choose to report non-GAAP financial metrics must accurately describe those metrics in their public disclosures….As the order finds, DXC’s informal procedures and controls were not up to the task, and, as a result, investors were repeatedly misled about its non-GAAP financial performance.”
After bank failures, SEC Chair reassures that the SEC is on the job
So far, the SEC has been rather quiet about the impact of last week’s bank failures. Here is a brief statement from SEC Chair Gary Gensler.
Ransomware attack—SEC charges misleading disclosures and disclosure control failure—again!
Last week, the SEC announced settled charges against Blackbaud, Inc., a provider of donor data management software to non-profit organizations, for misleading disclosures and disclosure control failures. According to the SEC, in May 2020, employees at the company discovered evidence of a ransomware attack. After an investigation, the company announced the incident and advised affected customers—specifying that sensitive donor data was not involved. But just a couple of weeks later, the SEC alleged, company personnel learned that the attacker had, in fact, accessed sensitive donor data for a number of customers—including bank account and social security numbers. But—you guessed it—it’s disclosure controls again! The personnel with knowledge of the scope of the breach “did not communicate this to Blackbaud’s senior management responsible for disclosures, and the company did not have policies or procedures in place designed to ensure they do so.” As a result, the SEC claimed, the company filed a Form 10-Q that still omitted mention of the exfiltration of sensitive donor data and framed its cybersecurity risk factor disclosure as purely hypothetical. The SEC viewed Blackbaud’s disclosure as misleading and its disclosure controls as inadequate and imposed a civil penalty of $3 million. According to the Chief of SEC Enforcement’s Crypto Assets and Cyber Unit, “Blackbaud failed to disclose the full impact of a ransomware attack despite its personnel learning that its earlier public statements about the attack were erroneous….Public companies have an obligation to provide their investors with accurate and timely material information; Blackbaud failed to do so.”
SEC posts NYSE and Nasdaq proposals for clawback listing standards
It was just November last year when the SEC finally adopted rules to implement Section 954 of Dodd-Frank, the clawback provision. (Remember that Dodd-Frank dates to 2010 and the clawback rules were initially proposed by the SEC back in 2015.) The new rules directed the national securities exchanges to establish listing standards requiring listed issuers to adopt and comply with clawback policies and to provide disclosure about their policies and implementation. Under the rules, the clawback policy must provide that, in the event the listed issuer is required to prepare an accounting restatement—including a “little r” restatement—the issuer must recover the incentive-based compensation that was erroneously paid to its current or former executive officers based on the misstated financial reporting measure. (See this PubCo post.) The final rules required any covered exchanges to file proposed listing standards with the SEC no later than February 27, with the listing standards to be effective no later than one year after publication. On Tuesday, the SEC posted the listing standards proposed by Nasdaq and by the NYSE. They’re largely the same, with some differences, both tracking the SEC requirements closely. Both proposals are open for comment until 21 days after publication in the Federal Register.
Commissioner Uyeda’s prescription for addressing decline in number of public companies
The public/private company dichotomy has been a perennial discussion topic. (See, e.g., this PubCo post, this PubCo post, this PubCo post, this PubCo post and this PubCo post.) A statistic frequently tossed around is that there are about half as many public companies today as there were in 1996, and those that are around today are older and larger. And while the IPO market was in a bit of funk last year, the private markets have been viewed as consistently vibrant, with more capital raised in the private markets than in the public. But the question of why and how to address the decline in the number of public companies has been a point of contention: is excessive regulation of public companies a deterrent to going public or has deregulation of the private markets juiced their appeal, but sacrificed investor protection in the bargain? At the end of January, we heard from SEC Commissioner Caroline Crenshaw addressing the question of whether the securities laws governing private capital raises might be too lax. Now, SEC Commissioner Mark Uyeda is speaking his mind on the topic, presenting remarks at the at the “Going Public in the 2020s” conference at Columbia Law School.
DOJ and SEC bring charges for insider trading and fraudulent scheme using purported 10b5-1 plans
Government officials, especially those in SEC Enforcement, have been making noise about the potential for insider trading abuse of Rule 10b5-1 plans since at least 2007, when then-SEC Enforcement Chief Linda Thomsen expressed concern that “executives are taking advantage of a legal safe harbor to sell their stock and profit before their companies report bad news….[A]cademic studies suggest that the rule may be a cover for improper activity, Thomsen said. ‘We’re looking at this hard….If executives are in fact trading on inside information and using a plan for cover, they should expect the ‘safe harbor’ to provide no defense.’” (See this Cooley News Brief.) Now, in 2023, DOJ has unsealed an indictment against Terren Peizer, the executive chair of Ontrak, Inc., representing the first time, according to the press release, that DOJ has brought “criminal insider trading charges based exclusively on an executive’s use of 10b5-1 trading plans.” (Note, however, that the SEC did bring a case last year against executives of Cheetah Mobile related to sales under a purported 10b5-1 trading plan entered into while in possession of material nonpublic information. See this PubCo post.) DOJ charged that Peizer entered into a fraudulent scheme using 10b5-1 plans and engaged in insider trading, both of which charges carry stiff criminal penalties. DOJ said that the FBI is continuing to investigate this case. Not to be completely outdone—although it’s hard not to be outdone by the threat of serious jail time—the SEC has also filed a civil complaint against Peizer, charging that he engaged in insider trading in Ontrak shares using 10b5-1 plans as part of a scheme to evade insider trading prohibitions: when Peizer entered into the plans, the SEC alleged, he was aware of material nonpublic information about the company. As you probably know, to be effective in insulating an insider from potential insider trading liability, the 10b5-1 plan must be established when the insider is acting in good faith and not aware of MNPI. Creating the plan once the insider has learned of MNPI, as alleged in this case, would seem to defeat the whole purpose of the rule—to ensure an even playing field for all investors. The SEC alleged that Peizer sold more than $20 million of Ontrak stock, avoiding more than $12.7 million in losses. At the end of last year, Bloomberg reported that the SEC and DOJ were using data analytics “in a sweeping examination of preplanned equity sales by C-suite officials.” (See this PubCo post.) That effort appears to have paid off in this case; DOJ advises that this investigation was “part of a data-driven initiative led by the Fraud Section to identify executive abuses of 10b5-1 trading plans,” suggesting perhaps that this may not be the last prosecution we will see for abuse of 10b5-1 plans.
You must be logged in to post a comment.