Tag: SEC Division of Corporation Finance

Corp Fin feels the pinch—will the new budget alleviate the problem?

In testimony this week before the Subcommittee on Financial Services and General Government of the House Appropriations Committee, SEC Chair Gary Gensler talked about the budget request for SEC operations for next year.  He emphasized that, over the last five years, while the capital markets have grown to $100 trillion, the SEC has “shrunk.” And for Corp Fin, the “shrinkage” has been quite significant.

Corp Fin posts sample comments related to Ukraine disclosure

Corp Fin has posted a sample comment letter to companies about potential disclosure obligations arising out of the Russian invasion of Ukraine, the international response to it and related supply chain issues.  Corp Fin wants companies to provide more “detailed disclosure, to the extent material or otherwise required,” about the direct or indirect impact on their businesses of their exposure to or business relationships with Russia, Belarus or Ukraine, any goods or services sourced in those countries and supply chain disruption. The letter provides a useful resource to help companies think through how their businesses have been or may be affectedCorp Fin has posted a sample comment letter to companies about potential disclosure obligations arising out of the Russian invasion of Ukraine, the international response to it and related supply chain issues.  Corp Fin wants companies to provide more “detailed disclosure, to the extent material or otherwise required,” about the direct or indirect impact on their businesses of their exposure to or business relationships with Russia, Belarus or Ukraine, any goods or services sourced in those countries and supply chain disruption. The letter provides a useful resource to help companies think through how their businesses have been or may be affected, even if they don’t have operations in Russia or Ukraine.

Corp Fin issues new M&A-related CDIs

Last week, the SEC issued a number of new CDIs related primarily to M&A transactions, including Forms 8-K, communications under Rule 14a-12, and, in the context of de-SPAC transactions, the Rule 14e-5 prohibition of purchases outside of a tender offer.

SEC votes to propose new rules for cybersecurity disclosure and incident reporting [UPDATED]

[This post revises and updates my earlier post primarily to reflect the contents of the proposing release.]

At an open meeting last week, the SEC voted, three to one, to propose regulations “to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.” At the meeting, SEC Corp Fin Director Renee Jones said that, in today’s digitally connected world, cyber threats and incidents pose an ongoing and escalating threat to public companies and their shareholders. In light of the pandemic-driven trend to work from home and, even more seriously, the potential impact of horrific global events, cybersecurity risk is affecting just about all reporting companies, she continued. While threats have increased in number and complexity, Jones said, currently, company disclosure about cybersecurity is not always decision-useful and is often inconsistent, not timely and sometimes hard for investors to locate. What’s more, some material incidents may not be reported at all. The SEC’s proposal is intended to provide meaningful and decision-useful information to help shareholders better understand cybersecurity risks and how companies are managing and responding to them. As described by Jones, the SEC approached the rulemaking from two perspectives: first, incident reporting and second, periodic disclosure regarding cybersecurity risk management, strategy and governance. According to SEC Chair Gary Gensler, “[o]ver the years, our disclosure regime has evolved to reflect evolving risks and investor needs….Today, cybersecurity is an emerging risk with which public issuers increasingly must contend. Investors want to know more about how issuers are managing those growing risks….I am pleased to support this proposal because, if adopted, it would strengthen investors’ ability to evaluate public companies’ cybersecurity practices and incident reporting.” Notably, the proposal is quite prescriptive, with a number of multi-part bullet point disclosure requirements, just the sort of thing to elicit a dissent from Commissioner Hester Peirce. The public comment period will be open for 60 days following publication of the proposing release on the SEC’s website or 30 days following publication of the proposing release in the Federal Register, whichever period is longer.

SEC votes to propose new rules for cybersecurity disclosure and incident reporting

In remarks in January before the Northwestern Pritzker School of Law’s Annual Securities Regulation Institute, SEC Chair Gary Gensler addressed cybersecurity under the securities laws. (See this PubCo post.) Gensler suggested that the economic cost of cyberattacks could possibly be in the trillions of dollars, taking many forms, including denials-of-service, malware and ransomware. In addition, he said, it’s a national security issue. Gensler reminded us that “cybersecurity is a team sport,” and that the private sector is often on the front lines. (As reported by the NYT, that has been especially true in recent weeks, where “the war in Ukraine is stress-testing the system.”) And today, according to Corp Fin Director Renee Jones, in light of the pandemic-driven trend to work from home and, even more seriously, the potential impact of horrific global events, that’s more true than ever, with escalating cybersecurity risk affecting just about all reporting companies. Given the recent consternation over hacks and ransomware, as well as the rising potential for cyberattacks worldwide, it should come as no surprise that the SEC voted today, by a vote of three to one, to propose regulations “to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.” While threats have increased in number and complexity, Jones said, currently, company disclosure is not always decision-useful and is often inconsistent, not timely and hard for investors to find. What’s more, some material incidents may not be reported at all. As described by Jones, the SEC approached the rulemaking from two perspectives: first, incident reporting and second, periodic disclosure regarding cybersecurity risk management, strategy and governance. According to SEC Chair Gary Gensler, “[o]ver the years, our disclosure regime has evolved to reflect evolving risks and investor needs….Today, cybersecurity is an emerging risk with which public issuers increasingly must contend. Investors want to know more about how issuers are managing those growing risks….I am pleased to support this proposal because, if adopted, it would strengthen investors’ ability to evaluate public companies’ cybersecurity practices and incident reporting.” The public comment period will be open for 60 days following publication of the proposing release on the SEC’s website or 30 days following publication of the proposing release in the Federal Register, whichever period is longer.

In most recent comments on climate disclosure, SEC drills down on materiality

In September last year, Corp Fin posted a sample letter to companies containing illustrative comments regarding climate change disclosures, presumably designed to help companies think about and craft their climate-related disclosure. (See this PubCo post.) Corp Fin began by noting that, under its 2010 guidance (see this PubCo post), depending on the facts and circumstances, climate change disclosure could be elicited in a company’s SEC filings in connection with the description of business, legal proceedings, risk factors and MD&A. Still, right now, there is little in the way of prescriptive climate disclosure requirements, although a proposal for climate disclosure regulation is high on the SEC’s agenda. (See this PubCo post.) Instead, companies have instead looked largely to standards of materiality to determine whether climate disclosure is required in their SEC filings. However, many companies provide climate disclosure in corporate social responsibility reports that are not filed with the SEC, but instead typically posted on company websites.  As reported in a recent analysis by Audit Analytics, in the SEC’s most recent round of comment letters about climate last month, the climate disclosure on which the SEC is commenting is primarily contained in these CSR reports. And the SEC wants companies to justify—in some detail—why that disclosure isn’t also in companies’ SEC filings.

SEC proposes to modernize beneficial ownership reporting [updated]

[This post revises and updates my earlier post primarily to reflect the contents of the proposing release.]

The SEC has proposed to amend the complex beneficial ownership reporting rules. In the press release announcing the changes in beneficial ownership reporting, SEC Chair Gary Gensler described the amendments as an update designed to modernize reporting requirements for today’s markets, including reducing “information asymmetries,” and addressing “the timeliness of Schedule 13D and 13G filings.” Currently, according to Gensler, investors “can withhold market moving information from other shareholders for 10 days after crossing the 5 percent threshold before filing a Schedule 13D, which creates an information asymmetry between these investors and other shareholders. The filing of Schedule 13D can have a material impact on a company’s share price, so it is important that shareholders get that information sooner. The proposed amendments also would clarify when and how certain derivatives acquired with control intent count towards the 5 percent threshold, clarify group formation, and create related exemptions.” Here is the fact sheet, and here is the proposing release. Consistent with the apparently new comment period formula, the public comment period for each proposal will be open for 60 days following publication of the proposing release on the SEC’s website (April 11, 2022) or 30 days following publication in the Federal Register, whichever period is longer.

SEC reopens comment period for 2015 pay-versus-performance proposal

It’s been almost 12 years since Dodd-Frank mandated, in Section 953(a), so-called pay-versus-performance disclosure, but amazingly, no rules have yet been adopted to implement that mandate. Even more amazing, the SEC is still working on it.  As expected, on Thursday last week, the SEC announced that it had reopened the comment period on rules, originally proposed in 2015, that would require disclosure of information reflecting the relationship between executive compensation actually paid by a company and the company’s financial performance. The reopening of the proposal is due in part “to certain developments since 2015 when the proposing release was issued,” particularly, “developments in executive compensation practices.”  Here is the SEC’s original proposing release, fact sheet and the proposal reopening the comment period. According to SEC Chair Gary Gensler in his statement on the reopening of the proposal, “this proposed rule would strengthen the transparency and quality of executive compensation disclosure….The Commission has long recognized the value of information on executive compensation to investors.” The questions posed by the SEC in the notice (discussed below) give us some insight into where the SEC may be headed with the proposal.  In particular, as noted by Gensler, the 2015 proposal “relied upon total shareholder return as the sole measure of financial performance. Some commenters expressed concerns that total shareholder return would provide an incomplete picture of performance. In this reopening release, we are considering whether additional performance metrics would better reflect Congress’s intention in the Dodd-Frank Act and would provide shareholders with information they need to evaluate a company’s executive compensation policies.” The public comment period will be open for 30 days following publication of the release in the Federal Register.

Corp Fin Chief Accountant addresses restatements

In November 2021, Audit Analytics posted its 20-year review of restatements, showing that the number of “Big R” reissuance restatements in 2020, the last year of the review, was at a record low.  According to the report, there were “81% fewer restatements in 2020 than the high in 2006 and 26% fewer than 2019.”  Notably, however, while in 2005 reissuance restatements represented the majority of restatements, in 2020, reissuance restatements represented only  24.3% of restatements; revision restatements represented 75.7% of all restatements.  At yesterday’s Northwestern Pritzker School of Law’s Annual Securities Regulation Institute, Lindsay McCord, Corp Fin Chief Accountant, raised a question: were companies being properly “objective” in assessing whether a restatement should be a “Big R” or “little r” restatement?

The end of courtesy copies

Corp Fin has made it official—no more courtesy copies.