Category: Corporate Governance

Number of whistleblower complaints explodes

Since the onset of the COVID-19 pandemic, the number of whistleblower complaints received by regulators has exploded on both sides of the Atlantic. That’s the subject of this new Cooley Alert, Whistleblower Complaints and Rewards Explode Worldwide, from our White Collar Defense and Investigations group. 

More SPAC restatements on the way?

It’s been weeks since the SEC last took SPACs to task!  According to Bloomberg, the SEC is now requiring many SPACs to “Big R” restate their financial statements because they tripped over the classification of certain shares they offered to investors.  Auditors with whom Bloomberg spoke said that the latest SPAC accounting snafu relates to incorrect categorization of Class A shares—which are typically redeemable—as “permanent equity instead of temporary equity.”  One auditor described the issue as “pervasive[:] everyone’s dealing with it because everyone did it wrong.”

Is your audit committee climate literate?

According to audit firm Deloitte, “[i]nformative climate reporting requires a complex transformation of reporting processes, of data collection, education of the finance function, and in many cases, of the audit committee itself. Yet, despite the urgency and magnitude of the task, many boards are hesitating in the face of inconsistent standards, fragmented global standard-setting, and myriad expectations from investors.”  Just how prepared are companies, their boards and especially their audit committees to deal with climate risk and climate reporting?  That’s the big question that Deloitte asked 353 audit committee members globally (56% of whom were chairs) in September 2021. The answer? Not so much. According to Deloitte’s new report, 42% of respondents indicated that their company’s “climate response is not as swift and robust as they would like” and almost half “do not believe that they are well-equipped to fulfil their climate regulatory responsibilities.”  Deloitte called the responses “sobering.”

Advisor Teneo surveys 2021 sustainability reports

While the global powers are occupied at the COP26 climate summit with negotiating and pledging (or, is it more “blah, blah, blah,” as teenage activist Greta Thunberg contends in some, uh, straight talk?), and we await the SEC’s expected climate disclosure framework, it might be worthwhile to get a handle on what companies are doing about sustainability reporting in the meantime.  To help companies understand the current state of the art, CEO advisory firm Teneo surveyed 200 sustainability reports from S&P 500 companies in eleven industries published in the period between January 1 to June 30, 2021.  Teneo’s report, The-State-of-U.S.-Sustainability-Reporting, provides useful samples, market statistics for various aspects of the content and design of these reports, as well as some practical considerations.

ISS releases proposed benchmark policy changes for 2022

Last week, ISS released for public comment its proposed benchmark policy changes for 2022. If adopted, the proposed policy changes would apply to shareholder meetings held on or after February 1, 2022. The proposed changes for U.S. companies relate to board diversity, board accountability for unequal voting rights, board accountability for climate disclosure by high GHG emitters and say-on-climate proposals.

Hearing on board gender diversity statute—will the court issue a preliminary injunction? (Updated)

On October 19, a federal district court judge held a hearing on a motion for a preliminary injunction in Meland v. Weber, a case challenging SB 826, California’s board gender diversity statute, on the basis that it is unconstitutional under the equal protection provisions of the 14th Amendment. The judge had previously dismissed the case on the basis of lack of standing, but was reversed by the 9th Circuit.  What did the hearing reveal? (This post has been updated to reflect additional information regarding the hearing. See “At the hearing” below.)

Commissioner Roisman talks cybersecurity

On Friday, in remarks before the L.A. County Bar Association, SEC Commissioner Elad Roisman addressed some of the challenges associated with cybersecurity and cyber breaches and similar events. In his presentation, Roisman considers cybersecurity in a variety of contexts, such as the exchanges, investment advisers and broker-dealers, but his discussion of cybersecurity in the context of public companies is of most interest here. Although the SEC has imposed some principles-based requirements and issued guidance about cybersecurity disclosure, Roisman believes that there is more in the way of guidance and even rulemaking that the SEC should consider “to ensure that companies understand [the SEC’s] expectations and investors get the benefit of increased disclosure and protections by companies.”

What are the latest trends in SOX 404 reporting?

As you probably recall, SOX 404 requires public reporting companies to disclose the effectiveness of their internal control over financial reporting. SOX 404(a) public companies to provide an assessment of ICFR by management; SOX 404(b) requires public companies—other than non-accelerated filers and emerging growth companies—to provide an auditor attestation regarding management’s assessment of the effectiveness of ICFR. A new study by Audit Analytics examining the most recent trends in SOX 404 disclosures over 17 years showed a decline in the number of adverse auditor attestations—auditor attestations indicating ineffective ICFR—and adverse management assessments, while the number of adverse management-only assessments increased.  Why that variation? Could it reflect the effect of the recent SEC carve-out from the 404(b) requirement for low-revenue companies?

SEC Acting Chief Accountant urges scrutiny of auditor independence in current environment

This week, Acting Chief Accountant Paul Munter issued a statement regarding the importance of auditor independence—a concept that is “foundational to the credibility of the financial statements.”  The responsibility to monitor independence is a shared one: “[w]hile sourcing a high quality independent auditor is a key responsibility of the audit committee, compliance with auditor independence rules is a shared responsibility of the issuer, its audit committee, and the auditor.”  That has long been the case.  But what is happening in the current setting to prompt this statement?  It is the recent trend toward the use of “new and innovative transactions” to access the public markets, such as SPACs, together with the continued expansion by audit firms of business relationships with non-audit clients. That is, gatekeepers must be especially vigilant to prevent an audit firm from unwittingly losing its independence in the event of a transaction by an audit client with a non-audit client, a risk that is enhanced as audit firms engage in consulting relationships with more non-audit clients. This environment, Munter cautions, requires audit committees to be especially attentive in considering “the sufficiency of the auditor’s and the issuer’s monitoring processes, including those that address corporate changes or other events that potentially affect auditor independence.” And it requires audit firms to consider “the impact of business relationships and non-audit services on existing and prospective audit relationships.”  It is important for companies to keep in mind that violations of the auditor independence rules can have serious consequences not only for the audit firm, but also for the audit client. For example, an independence violation may cause the auditor to withdraw the firm’s audit report, requiring the audit client to have a re-audit by another audit firm. As a result, in most cases, inquiry into the topic of auditor independence should certainly be a recurring menu item on the audit committee’s plate.