Category: Corporate Governance
SEC Chief Accountant has advice for audit committees on lead auditors’ use of other auditors
In this new statement, SEC Chief Accountant Paul Munter—no longer “acting” Chief, he got the job—discusses some of the issues arising out of the increased use by lead auditors of other accounting firms and individual accountants (referred to as “other auditors”) on many issuer audit engagements. While, in this context, much of the responsibility falls on the lead auditors, audit committees also have an important oversight role, and Munter has some useful advice for audit committee members.
McDonald’s court dismisses Caremark claims against directors
Here we have another in a string of McDonald’s cases—all of them arising out of workplace misconduct at McDonald’s, none even dipping its toe into employment law. First, you’ll remember, there were settled charges brought by the SEC against McDonald’s and its former CEO, Stephen Easterbrook, arising out of disclosure about the termination of Easterbrook on account of workplace misconduct. Then there was the derivative Caremark litigation for breach of fiduciary duty against David Fairhurst, who formerly served as Executive Vice President and Global Chief People Officer of McDonald’s, for consciously ignoring red flags about workplace misconduct and engaging in some pretty extensive workplace misconduct himself. Now, we have a new decision out of Delaware regarding the derivative Caremark litigation against the company’s directors alleging that they ignored red flags about the company’s culture that condoned workplace misconduct. But this case turned out to be different—VC Laster of the Delaware Chancery Court dismissed the complaint against the directors. The Court held that, in this case, the directors did not ignore the numerous red flags: the facts cited in the pleadings did “not support a reasonably conceivable claim against them for breach of the duty of oversight.” Once again, the case reinforces that high bar described by former Chief Justice Leo Strine for Caremark claims: “Caremark claims are difficult to plead and ultimately to prove out,” and constitute “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment.” (See this PubCo post.)
SEC charges DXC with misleading non-GAAP disclosures and absence of non-GAAP disclosure controls
The SEC has announced settled charges against DXC Technology Company, a multi-national information technology company, for making misleading disclosures about its non-GAAP financial performance in multiple reporting periods from 2018 until early 2020. According to the Order, DXC materially increased its reported non-GAAP net income “by negligently misclassifying tens of millions of dollars of expenses ” as non-GAAP adjustments related to strategic transactions and integration and improperly excluding them from its reported non-GAAP earnings. In addition to misclassification, DXC allegedly failed to accurately describe the scope of the expenses included in the company’s non-GAAP adjustment, with the result that “its non-GAAP net income and non-GAAP diluted EPS in periodic reports and earnings releases were materially misleading.” What’s more, the SEC alleged, DXC’s disclosure committee “negligently failed to evaluate the company’s non-GAAP disclosures adequately,…and failed to implement an appropriate non-GAAP policy” or adequate disclosure controls and procedures specific to its non-GAAP financial measures. Consequently, DXC “negligently failed to evaluate the company’s non-GAAP disclosures adequately.” DXC agreed to pay a civil penalty of $8 million. According to the SEC’s Associate Director of Enforcement, “[i]ssuers that choose to report non-GAAP financial metrics must accurately describe those metrics in their public disclosures….As the order finds, DXC’s informal procedures and controls were not up to the task, and, as a result, investors were repeatedly misled about its non-GAAP financial performance.”
Ransomware attack—SEC charges misleading disclosures and disclosure control failure—again!
Last week, the SEC announced settled charges against Blackbaud, Inc., a provider of donor data management software to non-profit organizations, for misleading disclosures and disclosure control failures. According to the SEC, in May 2020, employees at the company discovered evidence of a ransomware attack. After an investigation, the company announced the incident and advised affected customers—specifying that sensitive donor data was not involved. But just a couple of weeks later, the SEC alleged, company personnel learned that the attacker had, in fact, accessed sensitive donor data for a number of customers—including bank account and social security numbers. But—you guessed it—it’s disclosure controls again! The personnel with knowledge of the scope of the breach “did not communicate this to Blackbaud’s senior management responsible for disclosures, and the company did not have policies or procedures in place designed to ensure they do so.” As a result, the SEC claimed, the company filed a Form 10-Q that still omitted mention of the exfiltration of sensitive donor data and framed its cybersecurity risk factor disclosure as purely hypothetical. The SEC viewed Blackbaud’s disclosure as misleading and its disclosure controls as inadequate and imposed a civil penalty of $3 million. According to the Chief of SEC Enforcement’s Crypto Assets and Cyber Unit, “Blackbaud failed to disclose the full impact of a ransomware attack despite its personnel learning that its earlier public statements about the attack were erroneous….Public companies have an obligation to provide their investors with accurate and timely material information; Blackbaud failed to do so.”
SEC posts NYSE and Nasdaq proposals for clawback listing standards
It was just November last year when the SEC finally adopted rules to implement Section 954 of Dodd-Frank, the clawback provision. (Remember that Dodd-Frank dates to 2010 and the clawback rules were initially proposed by the SEC back in 2015.) The new rules directed the national securities exchanges to establish listing standards requiring listed issuers to adopt and comply with clawback policies and to provide disclosure about their policies and implementation. Under the rules, the clawback policy must provide that, in the event the listed issuer is required to prepare an accounting restatement—including a “little r” restatement—the issuer must recover the incentive-based compensation that was erroneously paid to its current or former executive officers based on the misstated financial reporting measure. (See this PubCo post.) The final rules required any covered exchanges to file proposed listing standards with the SEC no later than February 27, with the listing standards to be effective no later than one year after publication. On Tuesday, the SEC posted the listing standards proposed by Nasdaq and by the NYSE. They’re largely the same, with some differences, both tracking the SEC requirements closely. Both proposals are open for comment until 21 days after publication in the Federal Register.
Be on the alert for California’s Climate Corporate Data Accountability bill
If you’re waiting with bated breath to find out what the SEC has in store for public companies in its final version of its climate disclosure regulations (see this PubCo post, this PubCo post and this PubCo post), you might also want to take a look at this California bill—the Climate Corporate Data Accountability Act (SB 253)—previously known as the Climate Corporate Accountability Act when it went belly up last year after sailing through one chamber of the legislature but coming up shy in the second (see this PubCo post). In fact, this year, the press release announces, the bill is part of California’s Climate Accountability Package, a “suite of bills that work together to improve transparency, standardize disclosures, align public investments with climate goals, and raise the bar on corporate action to address the climate crisis. At a time when rising anti-science sentiment is driving strong pushback against responsible business practices like risk disclosure and ESG investing,” the press release continues, “these bills leverage the power of California’s market to continue the state’s long tradition of setting the gold standard on environmental protection for the nation and the world.” If signed into law this time, the bill, which was introduced at the end of January and has a hearing scheduled in March, would mandate disclosure of GHG emissions data—Scopes 1, 2 and 3—by all U.S. business entities with total annual revenues in excess of a billion dollars that “do business in California.” The bill’s mandate would exceed, in several key respects, the requirements in the current SEC climate proposal. Whether this new bill will face the same fate as its predecessor remains to be seen.
ISS study finds percentage of racial/ethnic minority directors finally hits 20% mark
A study of companies in the Russell 3000 just released by ISS showed that, for the first time, directors who self-identified as racial and ethnic minorities accounted for 20% of all board directorships. The study found that each of the minority groups analyzed experienced growth in the percentage of director seats held, with the greatest growth (90% over the study period) occurring among African-American directors, who now hold 8.3% of all board seats in the study group. According to the Head of ISS Corporate Solutions, these percentages “represent a watershed moment for minority corporate directors broadly and Black directors in particular….The analysis shows the impact of increasing and continual institutional investor engagement with portfolio companies on matters around board diversity coupled with growing stakeholder pressure from various quarters over the past two years.” Still, as she told Reuters, “[w]hile this is a huge sea change in terms of the percentages, it still falls short of the ethnic breakdown of the U.S. population….It’s a watershed moment but probably not something to pat ourselves on the back too much about.”
How do companies view the current political environment and what can they do about it?
According to a new survey and related report from The Conference Board, 78% of US companies characterized the current political environment as “extremely challenging” or “very challenging” for companies—and 20% more described the environment as merely “challenging.” That totals 98%. (Who are the 2% who don’t find the political environment challenging?) Most striking about that data point is the stark contrast with the results of a survey conducted in 2021, which showed that only—only?—47% of companies attached one of the “extremely challenging” or “very challenging” labels to the political environment. What’s more, 42% said that they expected a “more challenging landscape in the next three years.” What’s fueling this shift in perspective? The Conference Board explores the reasons underlying this political environment and suggests ways for companies to address it.
Delaware VC Laster finds a “black swan”—a fiduciary duty of oversight for officers
In In re McDonald’s Corporation, defendant David Fairhurst, who formerly served as Executive Vice President and Global Chief People Officer of McDonald’s Corporation, contested a stockholders’ claim that he had breached his fiduciary duty of oversight by arguing that there is no fiduciary duty of oversight for officers, only for directors. VC Laster of the Delaware Chancery Court responded this way: “That observation is descriptively accurate, but it does not follow that officers do not owe oversight duties. For centuries dating back to the Roman satirist Juvenal, Europeans used the phrase ‘black swan’ as a figure of speech for something that did not exist. Then in the late eighteen century, Europeans arrived on the shores of Australia, where they found black swans. The fact that no one had seen one before did not mean that they could not or did not exist…. Framed in terms of the issue in this case, decisions recognizing director oversight duties confirm that directors owe those duties; those decisions do not rule out the possibility that officers also owe oversight duties.” With that—and a lengthy exposition—Laster confirmed that Fairhurst did indeed have a duty of oversight, much like the Caremark duties applicable to corporate directors.
Has the “internal affairs” doctrine been stretched too thin?
In this paper, Ann Lipton, an Associate Professor at Tulane Law School, contends that the “internal affairs” doctrine has gradually expanded its reach and, perhaps as a result, is now facing new challenges. As applied in Delaware—where it is applied most often—the doctrine, she argues, is “on a collision course with the legitimate regulatory interests of other states (and indeed the federal government).” Of course, many will strongly disagree with her argument, especially given the practical implications. Still, it may be worthwhile to gain some insight into her perspective. Is it time to rethink the internal affairs doctrine? The author suggests that a more balanced, targeted approach would be more appropriate and more effective.
You must be logged in to post a comment.