SEC issues Section 21(a) investigative report regarding the implications of cyberscams for internal controls
Today, the SEC issued an investigative report under Section 21(a) that advises public companies subject to the internal accounting controls requirements of Exchange Act Section 13(b)(2)(B) of the need to consider cyber threats when implementing internal accounting controls. The report investigated whether a number of defrauded public companies “may have violated the federal securities laws by failing to have a sufficient system of internal accounting controls.” Although the SEC decided not to take any enforcement action against the nine companies investigated, the SEC determined to issue the report “to make issuers and other market participants aware that these cyber-related threats of spoofed or manipulated electronic communications exist and should be considered when devising and maintaining a system of internal accounting controls as required by the federal securities laws. Having sufficient internal accounting controls plays an important role in an issuer’s risk management approach to external cyber-related threats, and, ultimately, in the protection of investors.”
As discussed in this PubCo post and this PubCo post, the role of proxy advisory firms has once again risen to the forefront as a sizzling corporate governance topic, just in time for the SEC Proxy Roundtable on November 15. In advance of the event, interested parties are marshalling their arguments and beginning to present their cases.
The public debate about hedge-fund activism has long been informed by academic literature that found increases in shareholder value and operating performance after activist interventions. But do hedge-fund activists actually do any long-term good for the companies that they target? Long-Term Economic Consequences of Hedge Fund Activist Interventions, from the Rock Center for Corporate Governance, examines just that question. The answer? Not so much. But not so much harm either.
A new rulemaking petition advocating that the SEC mandate environmental, social and governance disclosure under a standardized comprehensive framework has just been submitted by two academics and multiple institutional investors, representing over $5 trillion in assets. Not only is ESG disclosure material and relevant to understanding long-term risks, the petition contends, but the variety of approaches currently employed highlight the need for a more coherent standard that will provide clarity, completeness and comparability. In the past, concerns have been raised about whether uniform disclosure rules could really be effective for ESG. Can those concerns be overcome?
Are we just reading the wrong newspapers and reports or does it seem that auditors—although they spend hours and hours performing audits—rarely identify instances of fraud? Most companies rely on their auditors to uncover irregularities and breathe a sigh of relief when the audit comes up “clean.” Is that reliance misplaced? Probably so, according to this article from CFO.com. “Audits almost never find fraud,” the author writes; the data shows that “external audits find it 4% of the time, and internal 15%.” Instead, the author suggests, to detect fraud, management should look in a different direction.
As discussed in this PubCo post from February, a California bill, SB 826, addressing the issue of board gender diversity, has been making its way through the California legislature. On Sunday, Governor Jerry Brown signed that bill into law. Interestingly, one factor apparently influential in his decision to sign the bill was the recent hearing in Washington. As you may have heard, the legislation requires, as Brown phrases it, a “representative number” of women on boards of public companies, including foreign corporations with principal executive offices located in California. Will other states now follow suit? Will corporations incorporated in other states observe its provisions or challenge the application of this California law?
The specter of the possible imposition of mandatory universal proxy has long been with us. The SEC apparently considered requiring universal proxies back in 1992 and, in 2014, the Council of Institutional Investors filed a rulemaking petition asking the SEC to reform the proxy rules to facilitate the use of universal proxies in proxy contests. Then, in 2016, the SEC proposed amendments to the proxy rules that would have mandated the use of universal proxy cards in contested elections. And there it sat. With the change of administrations in the White House, followed by the change of administrations at the SEC, the proposal for universal proxy fell off the SEC’s near-term agenda and was relegated to the long-term agenda. Moreover, disfavored by House Republicans, universal proxy would have been prohibited by various bills, including the Financial Choice Act of 2017 (which passed the House but not the Senate). (See this PubCo post.) Then, in July of this year, “several people familiar with the matter” advised Reuters that SEC Chair Jay Clayton “has in fact shelved the proposal.” (See this PubCo post.) The specter of mandatory universal proxy had been transfigured into more of a spectral presence.