Category: Corporate Governance

New Cooley Alert: ISS Opens Survey for 2025 Policy Changes; Glass Lewis Seeks Informal Feedback

It’s that time again—ISS and Glass Lewis have launched their annual policy surveys, where they seek your feedback on some of their policies. That makes it just right time to get the scoop from this helpful new Cooley Alert, ISS Opens Survey for 2025 Policy Changes; Glass Lewis Seeks Informal Feedback, from our Compensation and Benefits and Public Companies groups. As discussed in the Alert, both surveys address executive comp issues; separately, ISS “focuses more on shareholder proposal-related policies,” and Glass Lewis asks “numerous questions regarding board oversight and performance, including director accountability.”  The Alert suggests that the 2025 amendments “may be relatively low impact,” consistent with the “relatively minor policy amendments from ISS and Glass Lewis in 2024.” Be sure to check out the new Alert!

Delaware Supreme Court considers advance notice bylaws

In this recent case, Kellner v. AIM ImmunoTech, the Delaware Supreme Court articulated a two-part framework for judicial consideration of advance notice bylaws in the event of a challenge to their adoption, amendment or enforcement. If the bylaws are contested, they must be “twice-tested—first for legal authorization, and second by equity”: first, a court must evaluate “whether the advance notice bylaws are valid as consistent with the certificate of incorporation, not prohibited by law, and address a proper subject matter”; second, a court must evaluate “whether the board’s adoption, amendment, or application of the advance notice bylaws were equitable under the circumstances of the case.” Also, it’s a good idea to make the bylaws “intelligible.”  In this case, the Court held that “(1) one ‘unintelligible’ bylaw is invalid; (2) the remaining amended advance notice bylaws subject to this appeal are valid because they are consistent with the certificate of incorporation, not prohibited by law, and address a proper subject matter; and (3) the AIM board acted inequitably when it adopted the amended bylaws for the primary purpose of interfering with, and ultimately rejecting, Kellner’s nominations.  Thus, the remaining bylaws challenged on appeal are unenforceable.” Nevertheless, Kellner’s deceptive conduct meant that his nominations notice would not stand.

Cooley Alert: Federal Court Dismisses Bulk of SEC’s Complaint Against SolarWinds in Cyberattack Case

The 2020 SolarWinds hack was perhaps one of the worst cyberattacks in history, reportedly directed by the Russian intelligence service and affecting 18,000 customers, including some very well-known companies and about a dozen government agencies including the Treasury, Justice and Energy departments. Following the cyberattack, the SEC filed a complaint against SolarWinds and its Chief Information Security Officer, charging securities “fraud and  internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”  (See this PubCo post.) SolarWinds and Brown then moved to dismiss the complaint for failure to state a claim.  On July 18, 2024, a federal district court issued a 107-page opinion, dismissing most of the SEC’s case against SolarWinds and its CISO.

New Cooley Alert: SEC Reporting Implications for Publicly Traded Companies Impacted by CrowdStrike Defective Software Update

As you know, the recent CrowdStrike defective software update caused massive and, in some cases, systemic failures to computers and networks of CrowdStrike’s customers running certain Microsoft operating systems. If your company was affected by the CrowdStrike server-related outages, you will certainly want to review this new Cooley Alert, SEC Reporting Implications for Publicly Traded Companies Impacted by CrowdStrike Defective Software Update from our Cyber/Data/Privacy and our Public Companies Groups.

Is a delay in the cards for California’s climate accountability laws? [SideBar updated 7/27]

You might recall that, in 2023, California Governor Gavin Newsom signed into law two bills related to climate disclosure: Senate Bill 253, the Climate Corporate Data Accountability Act, and SB261, Greenhouse gases: climate-related financial risk. SB 253 mandates disclosure of GHG emissions data—Scopes 1, 2 and 3—by all U.S. business entities (public or private) with total annual revenues in excess of a billion dollars that “do business in California.” SB 253 has been estimated to apply to about 5,300 companies. SB 253 requires disclosure regarding Scopes 1 and 2 GHG emissions beginning in 2026, with Scope 3 (upstream and downstream emissions in a company’s value chain) disclosure in 2027. SB 261, with a lower reporting threshold of total annual revenues in excess of $500 million, requires subject companies to prepare reports disclosing their climate-related financial risk in accordance with the TCFD framework and describing their measures adopted to reduce and adapt to that risk. SB 261 has been estimated to apply to over 10,000 companies. SB 261 requires that preparation and public posting on the company’s own website commence on or before January 1, 2026, and continue biennially thereafter. Notably, the laws exceed the requirements of the SEC’s climate disclosure regulations because, among other things, one of the laws covers Scope 3 emissions, and they both apply to both public and private companies that meet the applicable size tests. (For more information about these two laws, see this PubCo post.) Interestingly, even when Newsom signed the bills, he raised a number of questions. (See this PubCo post.) Specifically, on SB 253, Newsom said “the implementation deadlines in this bill are likely infeasible, and the reporting protocol specified could result in inconsistent reporting across businesses subject to the measure. I am directing my Administration to work with the bill’s author and the Legislature next year to address these issues. Additionally, I am concerned about the overall financial impact of this bill on businesses, so I am instructing CARB to closely monitor the cost impact as it implements this new bill and to make recommendations to streamline the program.” Similarly, on SB261, Newsom said that “the implementation deadlines fall short in providing the California Air Resources Board (CARB) with sufficient time to adequately carry out the requirements in this bill,” and made a similar comment about the overall financial impact of the bill on businesses. So it was fairly predictable that something of a do-over was in the cards. Now, as reported here and here by Politico, Newsom has proposed a delay in the compliance dates for each bill until 2028. A spokesperson for Newsom “said the proposal ‘addresses concerns’ about cost, timeline and the ‘entirely new and significant workload for the state and the entities covered by these new requirements.’”

Would “reframing” ESG restore its appeal?

In this Comment from a Reuters magazine, the author attempts to rescue the underlying environmental, social and governance principles from the often disparaged term, “ESG.” ESG, he observes, was “[o]riginally conceived as a financial tool to frame how corporations disclose their impact and investment,” but has now become a term that is “fraught with debate, lacks a clear definition and is often misunderstood.” However, he contends, people actually associate many of the values and concepts underlying ESG with business success.  Perhaps the term should be retired, he suggests, in favor of something less freighted.  “Responsible business” might do the trick—especially “responsible business” that correlates with positive corporate performance.

SEC’s Spring 2024 agenda delays most actions until 2025

As reported by Bloomberglaw.com, during an interview in February on “Balance of Power” on Bloomberg Television, SEC Chair Gary Gensler said that he does not intend to “rush” the SEC’s agenda “to get ahead of possible political changes in Washington,” that is, in anticipation of the November elections. According to Bloomberg, Gensler insisted that he’s “‘not doing this against the clock….It’s about getting it right and allowing staff to work their part.’” The SEC has just posted the new Spring 2024 Agenda and, looking at the target dates indicated on the agenda, it appears that Gensler is a man true to his word. The only new item (relevant to our interests here) slated for possible adoption this year is a distinctly apolitical proposal about EDGAR Filer Access and Account Management. And, while a few proposals are targeted for launch (or relaunch) this year—two related to financial institutions and, notably, a proposal for human capital disclosure—most are also put off until April next year—post-election, that is, when the agenda might look entirely different. (Of course, the SEC sometimes acts well in advance of the target.) According to the SEC’s preamble, the items listed in the Regulatory Flexibility Agenda for Spring 2024 “reflect only the priorities of the Chair.”  In addition, information on the agenda was accurate as of May 1, 2024, the date on which the SEC staff completed compilation of the data.  In his statement on the agenda, Gensler said that “[i]n every generation since the SEC’s founding 90 years ago, our Commission has updated rules to meet the markets and technologies of the times. We work to promote the efficiency, integrity, and resiliency of the markets. We do so to ensure the markets work for investors and issuers alike, not the other way around. We benefit in all of our work from robust public input regarding proposed rule changes.”

Reverse split to regain bid price compliance? It may be more complicated than you think

Nasdaq has filed with the SEC a proposed rule change to “modify the application of the bid price compliance periods where a company takes action that causes non-compliance with another listing requirement.” Hmmm, how’s that again?  This proposed rule change is designed to address instances where, to regain compliance with the minimum bid price required by Exchange listing rules, a listed company implements a reverse stock split; however, while the reverse split may bring the company into compliance with the minimum bid price requirement, it may also, at the same time, lead to non-compliance with another listing rule—particularly, the requirements for the number of public holders and number of publicly held shares (depending on treatment of fractional shares), triggering a new deficiency process with a new time period within which the company is permitted to seek to regain compliance.  That’s excessive, Nasdaq says, and too confusing for investors, possibly adversely affecting investor confidence in the market. Because Nasdaq believes it is inappropriate for a company to receive additional time to cure non-compliance with the newly violated listing standard, it is seeking, with this proposed amendment, to eliminate the additional compliance period that would otherwise result from the newly created deficiency. Under the proposal, in the event a reverse split to achieve bid-price compliance leads to other non-compliance, the company would be deemed non-compliant with the bid price requirement until both the new deficiency (e.g., number of holders or number of publicly held shares) is cured and the company thereafter maintains a $1.00 bid price for a minimum of 10 consecutive business days. If the proposal is adopted, companies will need to carefully calculate the potential impact of a reverse split on other listing requirements to avoid these consequences where possible.

SEC charges RR Donnelley with control failures related to cybersecurity incident

In this June Order, SEC Enforcement brought settled charges against R.R. Donnelley & Sons, a “global provider of business communications services and marketing solutions,” for control failures: more specifically, a failure to maintain adequate disclosure controls and procedures related to cybersecurity incidents and alerts and a failure to devise and maintain adequate internal accounting controls—more specifically, “a system of cybersecurity-related internal accounting controls sufficient to provide reasonable assurances that access to RRD’s assets—its information technology systems and networks, which contained sensitive business and client data—was permitted only with management’s authorization.” RRD agreed to pay over $2.1 million to settle the charges.  Interestingly, in a Statement, SEC Commissioners Hester Peirce and Mark Uyeda decried the SEC’s use of “Section 13(b)(2)(B)’s internal accounting controls provision as a Swiss Army Statute to compel issuers to adopt policies and procedures the Commission believes prudent,” not to mention its “decision to stretch the law to punish a company that was the victim of a cyberattack.”  

Delaware SB 313, controversial proposed corporate law amendments, heads to Governor for signature

What’s the latest on SB 313, the proposed amendments to the Delaware General Corporation Law largely designed to address the outcome of the decision in West Palm Beach Firefighters’ Pension Fund v. Moelis & Company? That case invalidated portions of a stockholder agreement relinquishing to a founding stockholder control over certain corporate governance matters, a decision that many practitioners viewed as inconsistent with current market practice. The proposed amendments in SB 313 would add a new subsection (18) to Section 122 of the DGCL to allow corporations to enter into the types of stockholder contracts at issue in Moelis, even if the provisions are not set forth in a certificate of incorporation.  As discussed in this PubCo post and this PubCo post, those proposed amendments have turned out to be highly contentious: a number of academics and jurists, including Delaware Chancellor Kathaleen McCormick in a seven-page letter to the Delaware State Bar Committee, raised objections to the haste and timing (prior to adjudication of an appeal by the Delaware Supreme Court) of the legislation. And Law360 reports that posts by Vice Chancellor Travis Laster (purportedly not acting as vice chancellor) questioned “S.B. 313’s terms” and contended that “[c]laims by critics that the Moelis decision put thousands of agreements at risk, the vice chancellor wrote, ‘smacks of hyperbole.’” Adding even more fuel to the fire was a letter submitted to the Delaware legislature, posted on the Harvard Law School Forum on Corporate Governance, by a group of over 50 law professors in opposition to the amendments, along with these separate posts by noted academics on the HLS Forum and on the CLS Blue Sky blog, with this lonely post in favor. But the bill then “sailed through” the Delaware Senate “without debate or an opposing vote,” on to the Delaware House. (See this PubCo post.)  The bill has now passed the House and been forwarded to the Governor for signature—but not without some acrimony.