SEC hack provides occasion for Chair Clayton to revitalize 2011 Corp Fin disclosure guidance on cybersecurity risks and incidents
As you probably read in the papers (see, e.g., this article from the WSJ), SEC Chair Jay Clayton announced yesterday that, in 2016, the SEC’s EDGAR system was hacked and, in August 2017, the staff determined that the hack may have led to insider trading. The hackers took advantage of “a software vulnerability in the test filing component of our EDGAR system, which was patched promptly after discovery….” The SEC believes “the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk. Our investigation of this matter is ongoing, however, and we are coordinating with appropriate authorities.” As part of his lengthy statement, Clayton addressed the cybersecurity considerations that the staff applies in the context of its review of public company disclosures.
A few new CDIs on Rules 147, 503 and 504, as well as Reg A
Today, Corp Fin posted a number of new CDIs that reflect updates for the amendments to Rule 147 (intrastate offers and sales) and Reg D Rules 503 and 504, and withdrew some CDIs in light of the repeal of Rule 505. There are also a number of changes throughout the CDIs interpreting Rule 147 and Reg D that Corp Fin describes as non-substantive based on current rules, such as changes to correct outdated references. The CDIs with these non-substantive changes are identified in the CDIs only by an asterisk and have not been updated to reflect a September 2017 date. Corp Fin has also removed the Reg D CDIs “that do not directly relate to the Commission’s current rules.” The CDIs identified as having substantive changes are summarized below, along with three new CDIs related to Reg A that were posted last week.
Update on pay-ratio rule
Rumor has it that, at the recent ABA Business Law Section Annual Meeting in Chicago, Corp Fin Director Bill Hinman confirmed—in case there was any doubt—that the pay-ratio rule would be in place for reporting in 2018.
SEC Committee on Small and Emerging Companies completes final report and recommendations
At the final meeting yesterday of the SEC Committee on Small and Emerging Companies (apparently soon to morph into the Small Business Capital Formation Advisory Committee), the Committee finalized the discussion draft of its Final Report to the SEC and heard presentations on SOX 404(b), the most recent bête noire of deregulation advocates. (The Committee also heard a presentation on Rule 701, which will be addressed in a subsequent post.)
Studies show hedge fund activists have adverse impact on board diversity and target more firms with women CEOs
While more and more institutional holders and asset managers are noisily promoting board diversity among their portfolio companies (see this PubCo post)—including, most recently, the NYC Comptroller and the NYC pension funds (see this PubCo post)—hedge fund activists (fka corporate raiders, now styling themselves as “activists”), seem to take quite a different tack. Two recent studies have looked at the impact of hedge fund activism on diversity from different perspectives: one study showed that hedge fund activists have an adverse effect on board diversity at companies they attack and another study showed that female CEOs are significantly more likely than male CEOs to come under threat from hedge fund activists.
Will board diversity be the new proxy access?
In 2014, NYC Comptroller Scott Stringer, who oversees the NYC pension funds, submitted proxy access proposals to 75 companies—and ignited the push for proxy access at public companies across the U.S. The form of proxy access proposed in this first phase of the Boardroom Accountability Project was very similar to the form of proxy access mandated under the SEC’s rules that were overturned in 2011, requiring an eligibility threshold of 3% ownership for three years, with shareholders having the right to nominate up to 25% of the board. (See this PubCo post and this PubCo post.) It has been reported that, of the 75 proposals submitted by the NYC comptroller in 2014, 63 went to a vote, with average support of 56% and 41 receiving majority support. In 2015, Stringer submitted more proxy access proposals. Notably, until Stringer’s initiative, private ordering for proxy access had not gathered much steam; only six companies had adopted proxy access. Stringer’s office reports that, today, more than 425 companies, including over 60% of the S&P 500, have enacted proxy access bylaws. Now, the NYC Comptroller’s Office, leveraging the success of its proxy access campaign and the “powerful tool” it represents to “demand change,” has announced the Boardroom Accountability Project 2.0, which will focus on corporate board diversity, independence and climate expertise. Will Project 2.0 have an impact comparable to that of the drive for proxy access?
Do material weaknesses point to fraud risk?
It’s not just Dodd-Frank that has been roundly disparaged in some quarters, SOX 404(b)—the requirement to have an auditor attestation and report on management’s assessment of internal control over financial reporting—has also recently been much maligned. For example, at a recent House subcommittee hearing devoted to the reasons for the decline in the number of IPOs and public companies, a majority of the subcommittee members attributed the decline largely to regulatory overload, with a number of the witnesses training their sights directly on SOX 404(b). (See the SideBar below.) And then there are the legislative efforts to limit the application of SOX 404(b), such as the provision in the Financial Choice Act to allow certain time-lapsed EGCs another five-year exemption from the audit-attestation requirement. (See this PubCo post.) Whether you view these efforts as heavy-handed or not enough of a good thing, the notion that internal controls might diminish fraud risk remains controversial: some maintain that they are a strong deterrent, while others challenge that contention in light of management’s ability to override controls. A recent study by academics in Texas analyzed whether the strength of internal control significantly affects fraud risk. The result: the study found “a strong association between material weaknesses and future fraud revelation,” leading to the authors’ conclusion that “control opinions that do cite material weaknesses provide a meaningful signal of increased fraud risk.”
Why have institutional investors become so outspoken on corporate governance issues at their portfolio companies?
The substantial increase in activism on corporate governance issues by large institutional shareholders and asset managers qua investors has been hard to miss. Now, joining the ranks of these other enormous asset managers and passive institutional investors—such as BlackRock and State Street (see, e.g., this PubCo post, this PubCo post and this PubCo post)—Vanguard has recently announced, in its Investment Stewardship Report for 2017, that it too has been taking a more active role in advocating for effective corporate governance at its portfolio investments. But what has triggered this shift? After all, it’s not as though these institutional investors are new to the sport—they’ve been shareholders for many, many years, but mostly of the low-key variety. Why this noisy advocacy now?
As the U.S. moves toward deregulation, the U.K. announces new corporate governance reforms
As discussed in this PubCo post, in November of last year, the U.K. Government published a “Green Paper” on Corporate Governance Reform, which, in the face of rising economic inequality, sought “to consider what changes might be appropriate in the corporate governance regime to help ensure that we improve business performance and have an economy that works for everyone.” The Paper requested input on several proposals, including pay-ratio disclosure, giving employees more influence on company boards and making say-on-pay votes binding, leading to “a broad-ranging debate on ways to strengthen the UK’s corporate governance framework.” The results are now in. Corporate Governance Reform, The Government response to the green paper consultation identifies nine proposals for reform that the U.K. Government intends to advance. The reforms, many of which would not require legislation, are expected to become effective by June 2018 to apply in the following fiscal years. Whether any of these reforms will have a significant impact—either at home in the U.K. or as an influence abroad in the U.S.—remains to be seen.
You must be logged in to post a comment.