SEC Division Of Corporation Finance Statement On Disclosure Review
On June 24, 2024, Erik Gerding the Director of the SEC’s Division of Corporation Finance made a statement regarding the SEC’s state of disclosure review. In fiscal year 2023 and continuing into 2024, the top areas of review and comment by the SEC were China-related matters, artificial intelligence, non-GAAP disclosures, management’s discussion and analysis, revenue recognition and financial statement presentation. In addition, disruptions in the banking industry, cybersecurity risks, the impact of inflation and disclosure related to or as a result of newly adopted rules (such as pay versus performance) are gaining attention by SEC review teams.
The director’s statement gives some insight into the SEC’s focus and serves as a reminder to our clients and us practitioners alike to be sure we are staying abreast of the ever-changing capital markets environment.
China Related Disclosures
A few years ago, the SEC enacted the Holding Foreign Companies Accountable Act and approved rules implementing same (see HERE). The SEC continues to
SEC Adopts Final New Rules On Cybersecurity Disclosures
On July 26, 2023, the SEC adopted final new rules requiring disclosures for both domestic and foreign companies related to cybersecurity incidents, risk management, strategy and governance. The proposed rules were published in March 2022 (see HERE). In response to numerous comments, the final rules made several changes to the proposal, including narrowing the disclosures in both the Form 8-K/6-K and annual reports on Form 10-K and 20-F.
The final rules add new Item 1.05 to Form 8-K requiring disclosure of a material cybersecurity incident including the incident’s nature, scope, timing, and material impact or reasonably likely impact on the company. An Item 1.05 Form 8-K will be due within four business days following determination that a cybersecurity incident is material. Given the sensitive nature of cybersecurity crimes, the SEC has added a provision allowing an 8-K to be delayed if it is informed by the United States Attorney General, in writing, that immediate disclosure would pose a substantial
Proposed Rules On Cybersecurity Disclosure
Earlier this year, the SEC published proposed rules on cybersecurity risk management, strategy, governance and incident disclosure by public companies. Although the comment period has passed, a final rule has not yet been issued. As of now, cybersecurity disclosures are encompassed within the general anti-fraud provisions including the requirement to disclose “such further material information, if any, as may be necessary to make the required statements, in light of the circumstances under which they are made, not misleading” as well SEC guidance last updated in 2018 (see HERE).
The proposed amendments would require, among other things, current reporting about material cybersecurity incidents and updates about previously reported cybersecurity incidents. The proposal also would require periodic reporting about a company’s policies and procedures to identify and manage cybersecurity risks; the company’s board of directors’ oversight of cybersecurity risk; and management’s role and expertise in assessing and managing cybersecurity risk and implementing cybersecurity policies and procedures. The proposal would further
Proposed 2021 U.S. Budget
In February, the Office of Management and Budget released the proposed fiscal 2021 United States government budget. The beginning of the Budget contains a message from President Trump delineating a list of key priorities of the administration including better trade deals, preserving peace through strength, overcoming the opioid crisis, regulation relief and American energy independence. The budget has some notable aspects that directly relate to the capital markets and its participants.
SEC
As the federal government has been doing for all agencies, the 2021 Budget seeks to eliminate agency reserve funds. Specifically regarding the SEC, the Budget cuts the SEC reserve by $50 million. The reduction in reserve fund is thought to increase overall accountability as the SEC would need to go to Congress to ask for additional funds if needed, with an explanation, instead of just accessing a reserve account. Reserve fund cuts are sent to the U.S. Treasury for deficit reduction.
However, the Budget also increases the
Division of Enforcement 2019 Annual Report
As my firm does not practice in the enforcement arena, it is not an area I always write about, but this year I found a few trends that are interesting. In particular, just by following published enforcement matters on the SEC’s website, I’ve noticed a large uptick in actions to suspend the trading in, or otherwise take action against, micro- and small-cap companies, especially delinquent filers. I’ve also noticed a large uptick of actions against smaller public and private companies that use misleading means to raise capital from retail investors, and the concurrent use of unlicensed broker-dealers. Of course, there have always been a significant number of actions involving cryptocurrencies. In light of my own observations, I decided to review and report on the SEC’s view of its actions.
As an aside, before discussing the report, I note that the Government Accountability Office (GAO) has raised concerns about the quality of record keeping and documentation maintained by the
SEC Strategic Plan
On June 19, 2018, the SEC published a draft Strategic Plan and requested public comment on the Plan. The Strategic Plan would guide the SEC’s priorities through fiscal year 2022. The Plan reiterates the theme of serving the interests of Main Street investors, but also recognizes the changing technological world with a priority of becoming more innovative, responsive and resilient to market developments and trends. The Plan also broadly focuses on improving SEC staff’s performance using data and analytics.
The Strategic Plan begins with a broad overview about the SEC itself, a topic I go back to and reiterate on occasion, such as HERE. The SEC’s mission has remained unchanged over the years, including to protect investors, maintain fair, orderly and efficient markets, and facilitate capital formation. In addition, according to the Strategic Plan, the SEC:
- Engages and interacts with the investing public directly on a daily basis through a variety of channels, including investor roundtables and education
The SEC Has Provided Guidance On Ether and Bitcoin, Sort Of
On June 14, 2018, William Hinman, the Director of the SEC Division of Corporation Finance, gave a speech at Yahoo Finance’s All Markets Summit in which he made two huge revelations for the crypto marketplace. The first is that he believes a cryptocurrency issued in a securities offering could later be purchased and sold in transactions not subject to the securities laws. The second is that Ether and Bitcoin are not currently securities. Also, for the first time, Hinman gives the marketplace guidance on how to structure a token or coin such that it might not be a security.
While this gives the marketplace much-needed guidance on the topic, a speech by an executive with the SEC has no legal force. As a result, the blogs and press responding to Mr. Hinman’s speech have been mixed. Personally, I think it is a significant advancement in the regulatory uncertainty surrounding the crypto space and a signal that more constructive guidance
The SEC Has Issued New Guidance On Cybersecurity Disclosures
On February 20, 2018, the SEC issued new interpretative guidance on public company disclosures related to cybersecurity risks and incidents. In addition to addressing public company disclosures, the new guidance reminds companies of the importance of maintaining disclosure controls and procedures to address cyber-risks and incidents and reminds insiders that trading while having non-public information related to cyber-matters could violate federal insider-trading laws.
The prior SEC guidance on the topic was dated, having been issued on October 13, 2011. For a review of this prior guidance, see HERE. The new guidance is not dramatically different from the 2011 guidance.
Introduction
The topic of cybersecurity has been in the forefront in recent years, with the SEC issuing a series of statements and creating two new cyber-based enforcement initiatives targeting the protection of retail investors, including protection related to distributed ledger technology (DLT) and initial coin or cryptocurrency offerings (ICO’s). Moreover, the SEC has asked the House Committee on Financial
The Senate Banking Committee’s Hearing On Cryptocurrencies
On February 6, 2018, the United States Senate Committee on Banking Housing and Urban Affairs (“Banking Committee”) held a hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission.” Both SEC Chairman Jay Clayton and CFTC Chairman J. Christopher Giancarlo testified and provided written testimony. The marketplace as a whole had a positive reaction to the testimony, with Bitcoin prices immediately jumping up by over $1600. This blog reviews the testimony and provides my usual commentary.
The SEC and CFTC Share Joint Regulatory Oversight
The Banking Committee hearing follows SEC and CFTC joint statements on January 19, 2018 and a joint op-ed piece in the Wall Street Journal published on January 25, 2018 (see HERE). As with other areas in capital markets, such as swaps, the SEC and CFTC have joint regulatory oversight over cryptocurrencies. Where the SEC regulates securities and securities markets, the CFTC
SEC Statements On Cybersecurity – Part 2
On September 20, 2017, SEC Chair Jay Clayton issued a statement on cybersecurity that included the astonishing revelation that the SEC Edgar system had been hacked in 2016. Since the original statement, the SEC has confirmed that personal information on at least two individuals was obtained in the incident. Following Jay Clayton’s initial statement, on September 25, 2017, the SEC announced two new cyber-based enforcement initiatives targeting the protection of retail investors, including protection related to distributed ledger technology (DLT) and initial coin or cryptocurrency offerings (ICO’s).
The issue of cybersecurity is at the forefront for the SEC, and Jay Clayton is asking the House Committee on Financial Services to increase the SEC’s budget by $100 million to enhance the SEC’s cybersecurity efforts.
This is the second in a two-part blog series summarizing Jay Clayton’s statement, the SEC EDGAR hacking and the new initiatives. Part I of this blog, which outlined Chair Clayton’s statement on cybersecurity and the EDGAR