Category: Corporate Governance

SEC votes to propose new rules for cybersecurity disclosure and incident reporting

In remarks in January before the Northwestern Pritzker School of Law’s Annual Securities Regulation Institute, SEC Chair Gary Gensler addressed cybersecurity under the securities laws. (See this PubCo post.) Gensler suggested that the economic cost of cyberattacks could possibly be in the trillions of dollars, taking many forms, including denials-of-service, malware and ransomware. In addition, he said, it’s a national security issue. Gensler reminded us that “cybersecurity is a team sport,” and that the private sector is often on the front lines. (As reported by the NYT, that has been especially true in recent weeks, where “the war in Ukraine is stress-testing the system.”) And today, according to Corp Fin Director Renee Jones, in light of the pandemic-driven trend to work from home and, even more seriously, the potential impact of horrific global events, that’s more true than ever, with escalating cybersecurity risk affecting just about all reporting companies. Given the recent consternation over hacks and ransomware, as well as the rising potential for cyberattacks worldwide, it should come as no surprise that the SEC voted today, by a vote of three to one, to propose regulations “to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.” While threats have increased in number and complexity, Jones said, currently, company disclosure is not always decision-useful and is often inconsistent, not timely and hard for investors to find. What’s more, some material incidents may not be reported at all. As described by Jones, the SEC approached the rulemaking from two perspectives: first, incident reporting and second, periodic disclosure regarding cybersecurity risk management, strategy and governance. According to SEC Chair Gary Gensler, “[o]ver the years, our disclosure regime has evolved to reflect evolving risks and investor needs….Today, cybersecurity is an emerging risk with which public issuers increasingly must contend. Investors want to know more about how issuers are managing those growing risks….I am pleased to support this proposal because, if adopted, it would strengthen investors’ ability to evaluate public companies’ cybersecurity practices and incident reporting.” The public comment period will be open for 60 days following publication of the proposing release on the SEC’s website or 30 days following publication of the proposing release in the Federal Register, whichever period is longer.

California posts new report on board diversity— how much does it tell us?

It’s International Women’s Day! On March 1, the California Secretary of State, Dr. Shirley N. Weber issued the Secretary’s 2022 report required by SB 826, California’s board gender diversity law, and by AB 979, California’s law related to underrepresented communities on boards, on the status of compliance with these laws.  The report counts 716 publicly held corporations listed on major exchanges that identified principal executive offices in California in their 2021 10-Ks, and indicates that 358 (compared to 318 last year) of these “impacted corporations” filed a 2021 California Publicly Traded Corporate Disclosure Statement reflecting their compliance (or lack thereof) with the board diversity requirements. Of the 358 companies that filed, only 186 reported that they were in compliance with the board gender diversity mandate, a significant decline from the 311 reported last year.  Undoubtedly, the decline reflects the higher thresholds for compliance that applied at the end of 2021. The report also shows that 301 companies reported being in compliance with the phase-one requirements of the 2020 law related to underrepresented communities on boards. But is any of this data from the report really meaningful?

With the Court decision still to come, what happened in the first trial of California’s board gender diversity statute?

You might remember that the first legal challenge to SB 826, California’s board gender diversity statute, Crest v. Alex Padilla, was a complaint filed in 2019 in California state court by three California taxpayers seeking to prevent implementation and enforcement of the law. Framed as a “taxpayer suit,” the litigation sought a judgment declaring the expenditure of taxpayer funds to enforce or implement SB 826 to be illegal and an injunction preventing the California Secretary of State from expending taxpayer funds and taxpayer-financed resources for those purposes, alleging that the law’s mandate is an unconstitutional gender-based quota and violates the California constitution.  A bench trial began in December in Los Angeles County Superior Court that was supposed to last six or seven days, but you know, one thing and another, closing arguments were just completed and the case has now been submitted. As we await the Court’s decision—and in anticipation of International Women’s Day—it might be interesting to review some of the testimony from the trial.

In 2021, the scales tipped toward more women joining boards in California

With the passage of SB 826 in 2018, California became the first state to mandate board gender diversity (see this PubCo post). To measure the impact of that legislation, in 2020, California’s current First Lady co-founded the California Partners Project. In 2020, the CPP released a progress report on women’s representation on boards of public companies headquartered in California, tracking the changes in gender diversity on California boards since enactment of the law. (See this PubCo post.) Now, the CPP has released another report, Mapping Inclusion: Women’s Representation on California’s Public Company Boards by Region and Industry.  The new report, the CPP’s third, found “much to celebrate in the progress California has made. All-male boards are a thing of the past—from nearly a third of public company boards in 2018 to less than two percent now—and women hold a record number of California public company board seats.”  The report asserts that the “California experiment proves that where there’s a will, there’s a way. Concern that there were not enough qualified women to serve on boards is unfounded.” Most revealing perhaps, the report tells us that, in 2021 “more women have joined California’s public company boards than men, likely for the first time.” But just barely—469 of the 930 directors that started in 2021, or 50.4%, were women. Whether this new statistic is attributable to SB 826 is anyone’s guess—correlation is not necessarily causation and investors and others have also pressured companies on diversity issues—but it certainly helped to dial up the heat.

Company charged for improper intra-company foreign exchange transactions

On Tuesday, the SEC announced settled charges against Baxter International Inc., its former Treasurer and Assistant Treasurer, for misconduct related to improper intra-company foreign exchange transactions that resulted in the misstatement of the company’s net income. From at least 1995 to 2019, the SEC alleged, Baxter converted foreign-currency-denominated transactions and assets and liabilities on its financial statements using its own “convention”—not in accordance with U.S. GAAP. Then, beginning around 2009, the SEC charged, Baxter leveraged the convention to devise a series of non-operating intra-company foreign exchange transactions “for the sole purpose of generating foreign exchange accounting gains or avoiding foreign exchange accounting losses.” In the order against Baxter, the SEC found that the company violated the negligence-based anti-fraud, public reporting, books and records, and internal accounting controls provisions of the federal securities laws and imposed an $18 million penalty. In this order and this order, the SEC found that the company’s Treasurer “did not take any steps to investigate how Baxter’s treasury department generated consistent gains or whether the transactions that generated the gains were permissible,” and that the Assistant Treasurer, working with others at his direction, was “primarily responsible for executing the transactions.” The Treasurer and Assistant Treasurer were determined to have violated the negligence-based anti-fraud provisions of the federal securities laws and to have caused Baxter’s public reporting and books and records violations.

Are staggered boards ever good for shareholders?

In the folklore of corporate governance, is there a governance structure that is more anathema to corporate governance mavens and shareholder democracy activists than the staggered board? (Ok, that’s an exaggeration, but you get my point.)  Proxy advisory firms and activists oppose them, institutional investors vote against them and shareholders proposals to eliminate them are unusually successful.  Staggered boards, where subsets of board members are elected in separate classes every three years—and therefore cannot be easily or quickly voted out—are often viewed as the archetypal technique to prevent hostile takeovers.  Opponents also argue that staggered boards entrench boards and managements by insulating them from the shareholders and making it tough for shareholders to dethrone the CEO. That has to be bad for the company, right? Not so fast, says this study co-authored by a professor at Stanford Graduate School of Business and Stanford Law School. According to the author, quoted in Insights by Stanford Business, “[f]rom Adam Smith on, the concern of corporate governance has been how to mind the managers….Corporate governance has been about building up checks and monitors on the managers. The idea is that if we can fire them, and they know we can fire them, then maybe they will do the right thing.”  But for some companies—in this case, early-life-cycle technology companies facing more Wall Street scrutiny—the evidence showed that, by allowing managers to focus on long-term—perhaps bolder and riskier—investments and innovations, staggered boards can actually be a benefit.

The ongoing debate at the SEC: just how tough should the climate disclosure rule be?

Who doesn’t love the latest gossip—I mean reporting—about internal squabbles—I mean debate—at the SEC? This news from Bloomberg sheds some fascinating light on reasons for the ongoing delay in the release of the SEC’s climate disclosure proposal: internal conflicts about the proposal. But, surprisingly, the conflicts are not between the Dems and the one Republican remaining on the SEC; rather, they’re reportedly between SEC Chair Gary Gensler and the two other Democratic commissioners, Allison Herren Lee and Caroline Crenshaw, about how far to push the proposed new disclosure requirements, especially in light of the near certainty of litigation, and whether to require that the disclosures be audited.  Just how tough should the proposal be? The article paints the SEC’s dilemma about the rulemaking this way: “If its rule lacks teeth, progressives will be outraged. On the flip side, an aggressive stance makes it more likely the regulation will be shot down by the courts, leaving the Biden administration with nothing. Either way, someone is going to be disappointed.”

ISSB global sustainability reporting standards—will the SEC’s expected climate disclosure rules be in sync?

As part of the Deloitte Global Boardroom Program, in Q4 2021, Deloitte surveyed over 350 audit committee members in 40 countries about climate issues. In the survey, 60% of respondents said “the lack of global reporting standards makes it hard to compare their organization’s progress against meaningful external benchmarks.” The International Sustainability Standards Board established by the IFRS Foundations is developing a set of global sustainability reporting standards. Will climate disclosure rules expected from the SEC be in sync with ISSB global standards? Could some companies be subject to both climate disclosure regimes?

For the 2022 proxy season, SSGA continues its emphasis on climate and diversity transformation

In his last letter to boards as CEO of State Street Global Advisors, Cyrus Taraporevala (who has announced his planned retirement this year) writes that we are at a “moment of significant transition,” facing many challenges, including a pandemic, climate change and gender, racial and ethnic inequities, that have led to economic disruption and even political instability.  How should companies address these challenges?  SSGA expects its portfolio companies to manage “these threats and opportunities by transitioning their strategies and operations—enhancing efforts to decarbonize and embracing new ways of recruiting and retaining talent—as the world moves toward a low-carbon and more diverse and inclusive future.”  Accordingly,  SSGA’s “main focus in 2022 will be to support the acceleration of the systemic transformations underway in climate change and the diversity of boards and workforces.”

Is the Rooney Rule just window dressing?

At the beginning of Black history month, in a class action complaint against the NFL and others replete with heart-breaking allegations of racism, former Head Coach of the Miami Dolphins, Brian Flores, charged that, among many other things, he and other members of the proposed class have been denied positions as head coaches and general managers as a result of racial discrimination.  Defendants that have responded publicly have reportedly denied the allegations and said that the claims are without merit.  Particularly notable from a governance and DEI perspective are allegations regarding the disingenuous application of the vaunted “Rooney Rule”—which originated in the NFL back in 2002 in an effort to address the dearth of Black head coaches—but has since become almost de rigueur in governance circles as one effective approach to increasing diversity in a wide variety of contexts, including boards of directors. However well-intentioned originally, the complaint alleges, “the Rooney Rule is not working.” Flores claims that, to fulfill the admonitions of the Rooney Rule, NFL teams “discriminatorily subjected” him and other Black candidates “to sham and illegitimate interviews due in whole or part to their race and/or color.”  While this claim is far from the most incendiary in the complaint, if shown to be accurate, it would certainly seriously damage the reputation of the defendants involved.  Can an approach that has allegedly failed to work in its original setting still be made to work effectively in other contexts?