Tag: Regulation FD

Corp Fin Director issues statement regarding sharing information about cybersecurity incidents

Yesterday, Corp Fin Director Erik Gerding issued a new statement, Selective Disclosure of Information Regarding Cybersecurity Incidents. As you know, last year the SEC adopted new rules regarding cybersecurity disclosure, including requirements for both material incident reporting on Item 1.05 of Form 8-K and periodic disclosure of material information regarding cybersecurity risk management, strategy and governance.  (See this PubCo post.) Gerding’s new statement is designed to disabuse companies of the idea that the new rules preclude them from discussing information about a material cybersecurity incident with others, including their commercial counterparties, beyond the information included in the Form 8-K.   Gerding assures us that “[t]hat is not the case.” But while the new rules may not prohibit disclosure, what about Reg FD?

SEC charges AT&T and executives with Reg FD violations

On Friday of last week, the SEC announced that it had filed a complaint charging AT&T, Inc. and three of its Investor Relations executives with violations of Reg FD as a result of one-on-one disclosures of AT&T’s “projected and actual financial results” to a number of Wall Street research analysts by the three executives. In March 2016, the SEC alleges, AT&T learned that, as a result of a “steeper-than-expected decline in smartphone sales,” AT&T’s first quarter revenues would fall short of analysts’ estimates by over a $1 billion. The three IR executives were then asked to contact the analysts whose estimates were too high to “walk” them down. This case illustrates the tightrope that IR personnel walk when talking one-on-one with analysts in the context of Reg FD.