Recent Panel Discussion of Enhancing the Audit Committee Report: A Call to Action

On April 22, 2014, the John L. Weinberg Center for Corporate Governance and the Center for Audit Quality, hosted a panel discussion of a recent report, Enhancing the Audit Committee Report: A Call to Action (Call to Action). The report was issued last November by the Audit Committee Collaboration, a group of organizations, including, among others, National Association of Corporate Directors, Association of Audit Committee Members, Inc., The Directors’ Council, and Center for Audit Quality. The Call to Action encourages all public company audit committees to “voluntarily and proactively improve their public disclosures to more effectively convey … the critical aspects of the important work that they currently perform.”

Generally, the only public company disclosures that an audit committee is required to make consist of (i) an audit committee report under Item 407(d)(3) of Regulation S-K, which is included in the proxy statement, and (ii) a copy of the audit committee’s charter mandated by the stock exchange on which the company’s stock is listed. The committee’s charter is usually posted on the company’s website (or it may be included as an appendix to the company’s proxy statement). Item 407 requires that only information about the audit committee’s discussions with management and independent auditors, the committee’s recommendation to the board that the audited financial statements be included in the company’s annual report on Form 10-K, and the name of each member of the audit committee.

Based on its review of 2013 proxy statements, the Call to Action provides examples of audit committee reports that expanded the limited required disclosure by clarifying the scope of the audit committee’s duties, clearly defining the audit committee’s composition and providing relevant information about: 

  • factors considered when selecting or reappointing an audit firm
  • selection of the lead audit engagement partner
  • factors considered when determining auditor compensation
  • how the committee oversees the external auditor
  • the evaluation of the external auditor

Panelists’ views ranged from encouraging audit committees to take a fresh look at their audit committee reports and add some of the foregoing suggested disclosures to make the reports more transparent to concerns about disclosure overload and potential lawsuits.

SEC Announces the Agenda of Its Cybersecurity Roundtable; Target Corporation Files Form 10-K Bleeding out Disclosures about Its Data Breach

We have previously blogged about March 26 SEC cybersecurity roundtable and the SEC paying close attention to cybersecurity issues, especially on the heels of the cybersecurity breaches faced by Target and other retailers.  On March 19, 2014, the SEC issued a notice about the coming cybersecurity roundtable shedding light on the topics that will be discussed at the roundtable.

The panelists will have a well-rounded discussion of the cybersecurity issues faced by different constituencies, including:

  • exchanges and other key market systems;
  • broker-dealers;
  • investment advisers;
  • transfer agents; and
  • public companies.

Panelists will also be invited to discuss industry and public-private sector coordination efforts relating to assessing and responding to cybersecurity issues.

This roundtable discussion will be very timely.  On March 14, 2014, Target filed its Annual Report on Form 10-K, which reads as Exhibit A to the SEC’s 2011 guidance on cybersecurity disclosures (CF Disclosure Guidance: Topic No. 2, Cybersecurity).  Among other disclosures, the company beefed up the risk factors to talk about its data breach and included a detailed discussion of the ramifications of this breach into its “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” 

Some details of Target’s disclosure are quite interesting.  As a result of the data breach, Target recorded $61 million of pretax data breach-related expenses, some of which may be offset by its network-security insurance coverage.  Such expenses include costs to investigate the data breach, provide credit-monitoring services to its customers, increase staffing in its call centers, and procure legal and other professional services. More than 80 actions have been filed and other claims may be asserted against Target on behalf of its customers, payment card issuing banks, shareholders or others seeking relief in connection with the data breach. In addition, State Attorneys General, the Federal Trade Commission and the SEC are investigating events related to the data breach. Probably, one of the most important ramifications is the effect of the data breach on sales as Target believes that the data breach adversely affected its fourth quarter U.S. Segment sales.

If Your Loss of a WKSI Status Has a Severe Impact on the Company or the Markets, the SEC May Grant a Waiver

On March 12, 2014, the SEC revised its 2011 statement on well-known seasoned issuer (WKSI) waivers.  In order to qualify as a WKSI, an issuer may not be an “ineligible issuer,” which can be, among other things, an issuer that has, or whose subsidiary has, been convicted of certain securities-related felony or misdemeanor, violated the anti-fraud provisions of the federal securities laws or that is the subject of a judicial or administrative decree or order prohibiting certain conduct or activities involving the anti-fraud provisions of the federal securities laws.  

In its revised statement, the SEC clarified the framework that the SEC will follow in determining whether to grant a waiver of ineligible issuer status.  In making a determination whether to grant a waiver, the Division of Corporation Finance will evaluate the issuer’s ability to produce reliable disclosure and will consider the following factors: 

  • the nature of the violation or conviction and whether it calls into question the ability of the issuer to produce reliable disclosure currently and in the future;
  • whether the conduct involved a criminal conviction or scienter based violation, as opposed to a civil or administrative non-scienter based violation;
  • who was responsible for the misconduct and whether it was known by the WKSI parent (in case of the misconduct at the subsidiary level) or whether personnel at the WKSI parent ignored warning signs regarding the misconduct;
  • whether the individuals responsible for or involved in the misconduct were officers or directors of the WKSI parent, or were lower level employees in the operation of a subsidiary;
  • the duration of the violative conduct (did it last over a period of years or was it an isolated instance);
  • what remedial measures the issuer has taken to address the violative conduct and whether those actions would likely prevent a recurrence of the misconduct and mitigate the possibility of future unreliable disclosure;
  • whether there were key changes in the personnel involved in the violative or criminal conduct; and
  • whether the issuer has taken steps to improve training or made improvements to internal controls and disclosure controls and procedures.

The loss of a WKSI status for a company may have a significant effect on its ability to raise capital, and, in addition to the foregoing factors, the SEC will consider: 

  • severity of the impact on the issuer if the waiver request is denied weighing any such impact against the facts and circumstances relating to the violative or criminal conduct; and
  • effects of the issuer’s loss of WKSI status on the markets as a whole and the investing public, in light of the issuer’s significance to the markets and its connectedness to other market participants.

The SEC does not consider any single factor to be dispositive, and the issuer should submit a request letter that explains, based on the framework outlined above, why a waiver should be granted.

SEC Pays Close Attention to Cybersecurity Issues

On February 14, 2014, the SEC announced that it will hold a cybersecurity roundtable on March 26 to discuss the issues and challenges cybersecurity raises for investors and public companies.  The SEC’s roundtable comes on the heels of recent widely publicized security breaches at Target and Neiman Marcus.  As the SEC stated in its press release, “[c]ybersecurity breaches have focused public attention on how public companies disclose cybersecurity threats and incidents.” 

The most recent SEC guidance on cybersecurity disclosures was issued in October 2011 (CF Disclosure Guidance: Topic No. 2, Cybersecurity).  Without creating new obligations, the SEC clarified how its existing rules and regulations provided framework for public company’s disclosure relating to cybersecurity risks and cyber incidents.  After this guidance, cybersecurity related disclosures became mainstream in an annual report on Form 10-K, especially a cybersecurity risk factor.  For example, last year’s Annual Report on Form 10-K of Target Corporation included the following risk factor disclosures:

“… if and our other guest-facing technology systems do not reliably function as designed, we may experience a loss of guest confidence, data security breaches, lost sales or be exposed to fraudulent purchases, which, if significant, could adversely affect our reputation and results of operations.”

“If we experience a significant data security breach or fail to detect and appropriately respond to a significant data security breach, we could be exposed to government enforcement actions and private litigation. In addition, our guests could lose confidence in our ability to protect their personal information, which could cause them to discontinue usage of REDcards, decline to use our pharmacy services, or stop shopping with us altogether.”

“We rely extensively on our computer systems to manage inventory, process guest transactions, service REDcard accounts and summarize and analyze results. Our systems are subject to damage or interruption from power outages, telecommunications failures, computer viruses and malicious attacks, security breaches and catastrophic events. If our systems are damaged or fail to function properly, we may incur substantial costs to repair or replace them, experience loss of critical data and interruptions or delays in our ability to manage inventories or process guest transactions, and encounter a loss of guest confidence which could adversely affect our results of operations.”

However, even well drafted risk factors may not be enough to warn investors of ramifications of significant security breaches.  On January 10, 2014, Target issued a press release that included the following information:

“As part of Target’s ongoing forensic investigation, it has been determined that certain guest information … was taken during the data breach.  … At this time, the investigation has determined that the stolen information includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals.”

Information on the agenda and participants of the SEC’s March 26 roundtable have not been announced yet.  It will be interesting to see whether recent significant breaches and the coming SEC roundtable will lead to the SEC rulemaking or additional guidance in this area.

2014 Winter Olympics and Full Disclosure

The media coverage leading up to the 2014 Winter Olympics looked like full disclosure of risk factors in an SEC filing, ranging from risks of terrorist attacks to the lack of shower curtains in hotels in Sochi.  Some things never change, and 2014 Winter Olympic Games in Sochi are almost as politically charged as 1980 Summer Olympic Games in Moscow.  However, the opening ceremony in Sochi offered a different kind of full disclosure – full disclosure of Russia’s rich history and its fascination with the arts.  Sochi showcased Russia’s musical, literary, and dance traditions that all came together as pieces of one beautiful puzzle in the opening ceremony.  Although it will still take a lot of work to turn Sochi, a Soviet-era summer resort, into a first class venue, the 2014 Olympic Games are the first step in this direction, with the opening ceremony reminding us that sport and arts transcend politics.

To Unbundle or Not to Unbundle Multiple Amendments? There Is Still No Clear Answer to This Question.

On January 24, 2014, the SEC issued three unbundling Compliance and Disclosure Interpretations (C&DIs), in an apparent response to the decision of the U.S. District Court of the Southern District of New York in Greenlight v. Apple and in time for the 2014 proxy season.  The SEC concept of “unbundling” refers to separating matters submitted to a vote of shareholders into separate proposals, under Rules 14a-4(a)(3) and (b)(1)[1], under the Securities Exchange Act of 1934 so that shareholders could express their views on each separate matter.

With virtually no attention being paid to “unbundling” since September 2004 when the SEC issued an Interim Supplement to the Publicly Available Telephone Interpretations providing “unbundling” guidance in the context of mergers and acquisitions, “unbundling” was brought to light again in 2013, when the Court enjoined Apple, Inc. from accepting proxy votes in connection with a proposal to amend its articles of incorporation to (i) eliminate certain language in order to facilitate the adoption of majority voting for the election of directors, (ii) eliminate “blank check” preferred stock, (iii) establish a par value for Apple’s common stock of $0.00001 per share and (iv) make other conforming changes (Greenlight v. Apple, Feb. 22, 2013).  Greenlight Capital, L.P. sued Apple alleging that such proposal violated SEC “unbundling” Rules 14a-4(a)(3) and (b)(1). 

New C&DIs issued on January 24 provide examples and guidance as to whether companies should be unbundling multiple amendments into separate proposals.  Set forth below is a summary of such guidance, which makes it clear that there is no bright-line test and the unbundling decision is subject to the company’s facts and circumstances analysis. 

Charter Amendments Changing Terms of Preferred Stock

Fact Pattern. If management negotiated concessions from holders of a series of its preferred stock to reduce the dividend rate on the preferred stock in exchange for an extension of the maturity date, can management submit a single proposal to holders of the company’s common stock to approve a charter amendment containing both modifications: one relating to the reduction of the dividend rate and another relating to the extension of the maturity date?

Guidance. Yes, these multiple amendments effectively constitute a single matter and need not be unbundled because they are “inextricably intertwined.” Each of the proposed amendments relates to a basic financial term of the same series of capital stock and was the sole consideration for the countervailing amendment.  However, the staff would not view two arguably separate matters as being inextricably intertwined merely because the matters were negotiated as part of a transaction with a third party, nor because the matters represent terms of a contract that a party considers essential to the overall bargain.

Charter Amendments Changing Common Stock’s Par Value, Eliminating Provisions for Preferred Stock and Declassifying the Board

Fact Pattern.  Can management submit for shareholder approval amendments to the company’s amended and restated charter that would (i) change the par value of the common stock; (ii) eliminate provisions relating to a series of preferred stock that is no longer outstanding and is not subject to further issuance; and (iii) declassify the board of directors as one proposal?.  

Guidance.  Yes, the staff would not ordinarily object to the bundling of any number of immaterial matters with a single material matter. While, there is no bright-line test for determining materiality in the context of Rule 14a‑4(a)(3), companies should generally consider whether a given matter substantively affects shareholder rights. While the declassification amendment would be material under this analysis, the amendments relating to par value and preferred stock do not substantively affect shareholder rights, and therefore both of these amendments ordinarily could be included in a single restatement proposal together with the declassification amendment. However, if management knows or has reason to believe that a particular amendment that does not substantively affect shareholder rights nevertheless is one on which shareholders could reasonably be expected to wish to express a view separate from their views on the other amendments that are part of the restatement, the amendment should be unbundled. 

The analysis under Rule 14a-4(a)(3) is not governed by the fact that, for state law purposes, amendments could be presented to shareholders as a single restatement proposal. If, for example, the restatement proposal also included an amendment to the charter to add a provision allowing shareholders representing 40% of the outstanding shares to call a special meeting, the staff would view the special meeting amendment as material and therefore required to be presented to shareholders separately from the similarly material declassification amendment.

Amendments to Equity Incentive Plan

Fact Pattern. Can management present for a vote of shareholders a single proposal covering an omnibus amendment to the company’s equity incentive plan that (i) increases the total number of shares reserved for issuance under the plan; (ii) increases the maximum amount of compensation payable to an employee during a specified period for purposes of meeting the requirements for qualified performance-based compensation under Section 162(m) of the Internal Revenue Code; (iii) adds restricted stock to the types of awards that can be granted under the plan; and (iv) extends the term of the plan?  

Guidance. Yes, these proposed changes need not be unbundled into separate proposals pursuant to Rule 14a‑4(a)(3). While the Staff generally will object to the bundling of multiple, material matters into a single proposal – provided that the individual matters would require shareholder approval under state law, the rules of a national securities exchange, or the registrant’s organizational documents if presented on a standalone basis – the staff will not object to the presentation of multiple changes to an equity incentive plan in a single proposal.  This is the case even if the changes can be characterized as material in the context of the plan, and the rules of a national securities exchange would require shareholder approval of each of the changes if presented on a standalone basis.


[1] Rule 14a-4(a)(3) requires that the form of proxy must “identify clearly and impartially each separate matter intended to be acted upon, whether or not related to or conditioned on the approval of other matters,” and Rule 14a-4(b)(1) provides that, subject to certain exceptions, the form of proxy must include separate boxes for shareholders to choose between approval, disapproval of or abstention “with respect to each separate matter referred to [in the form of proxy] as intended to be acted upon…”


SEC Guidance on “Bad Actor” Disqualifications from Rule 506 Offerings

On January 3, 2014, the SEC issued new Compliance and Disclosure Interpretations (C&DIs) clarifying the application of the “bad actor” disqualifications from Rule 506 offerings.  Generally, under the new Rule 506(d), an issuer may not rely on the Rule 506 registration exemption if the issuer or any other person covered by Rule 506(d) is subject to a bad actor triggering event at the time of each sale of securities.  Most of the new C&DIs focused on one category of such covered persons – a beneficial owner of 20% or more of the issuer’s outstanding voting equity securities.  Please see below a summary of such C&DIs.

  • A shareholder that becomes a 20% beneficial owner upon completion of a sale of securities is NOT a 20% beneficial owner at the time of such sale.  However, it would be a covered person with respect to any sales of securities in the offering that were made while it was a 20% beneficial owner.  
  • The term “beneficial owner” under Rule 506(d) means any person who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, has or shares, or is deemed to have or share:  (1) voting power, which includes the power to vote, or to direct the voting of, such security; and/or (2) investment power, which includes the power to dispose, or to direct the disposition of, such security. 
  • For purposes of determining 20% beneficial owners under Rule 506(d), it is necessary to “look through” entities to their controlling persons because beneficial ownership includes both direct and indirect interests (see Exchange Act Rule 13d-3). 
  • If some of the shareholders have entered into a voting agreement under which each shareholder agrees to vote its shares of voting equity securities in favor of director candidates designated by one or more of the other parties, which effectively means that such shareholders have formed a group, then the group beneficially owns the shares beneficially owned by its members (see Exchange Act Rules 13d-3 and 13d-5(b)).  In addition, the parties to the voting agreement that have or share the power to vote or direct the vote of shares beneficially owned by other parties to the agreement (through, for example, the receipt of an irrevocable proxy or the right to designate director nominees for whom the other parties have agreed to vote) will beneficially own such shares.  Parties that do not have or share the power to vote or direct the vote of other parties’ shares would not beneficially own such shares solely as a result of entering into the voting agreement (see another new C&DI issued by the SEC on January 3, 2014).  If the group is a 20% beneficial owner, then disqualification or disclosure obligations would arise from court orders, injunctions, regulatory orders or other triggering events against the group itself.  If a party to the voting agreement becomes a 20% beneficial owner because shares of other parties are added to its beneficial ownership, disqualification or disclosure obligations would arise from triggering events against that party. 

Disclosure Pendulum May Start Swinging Back

During the last decade, I have been continuously amazed with the increasing level of public company regulation.  The general direction of the Sarbanes-Oxley Act and the Dodd-Frank Act, and naturally the SEC rules implementing these acts, has always been more and more disclosure (the more granular and detailed — the better).  It seemed like the disclosure pendulum was swinging higher and higher towards overregulation and that it would never go back.  But the report on public company disclosure issued by the SEC on December 20, 2013, as mandated by the JOBS Act, gives a lot of hope that the disclosure pendulum may eventually start swinging back. 

This Report on Review of Disclosure Requirements in Regulation S-K, which largely follows the concepts outlined by SEC Chair Mary Jo White in her October speech before the National Association of Corporate Directors, recommended to Congress a comprehensive review of SEC disclosure rules and forms focusing on the following potential areas:

  • modernizing and simplifying Regulation S-K requirements in a manner that reduces the costs and burdens on companies while still providing material information;
  • eligibility for further scaling of disclosure requirements and definitional thresholds for smaller reporting companies, accelerated filers and large accelerated filers;
  • evaluating whether Industry Guides still elicit useful information and conform to industry practice and trends;
  • reviewing financial reporting requirements of Regulation S-X and financial statement disclosure requirements of Regulation S-K (e.g., annual and quarterly selected financial data disclosure and the ratio of earnings to fixed charges); and
  • disclosure requirements contained in SEC rules and forms (e.g., Forms 10-Q and 8-K).

The Staff provided detailed guidance on its suggested review of Regulation S-K, which would address the following issues:

  • principles-based approach as an overarching component of the disclosure framework (e.g., using a disclosure model of current MD&A requirements) (which may have an unintended consequence of leading to more disclosure rather than less);
  • current scaled disclosure requirements and whether further scaling would be appropriate for emerging growth companies or other categories of issuers;
  • filing and delivery framework based on the nature and frequency of the disclosures (e.g., a “core” disclosure or “company profile” filing with information that changes infrequently, periodic and current disclosure filings with information that changes from period to period, and transactional filings that have information relating to specific offerings or shareholder solicitations); and
  • readability and navigability of disclosure documents (e.g., the use of hyperlinks) as well as replacing quantitative thresholds (e.g., Item 103 (Legal Proceedings), Item 404 (Transactions with Related Persons, Promoters and Certain Control Persons) and Item 509 (Interests of Named Experts and Counsel) with general materiality standards.

In addition to these issues, the Staff identified the following specific areas of Regulation S-K disclosure that could benefit from further review:

  • risk-related requirements, such as risk factors, legal proceedings and other quantitative and qualitative information about risk and risk management, with potential consolidation into a single requirement;
  • relevance of current requirements for the description of business and properties;
  • corporate governance disclosure requirements (to confirm that the information is material to investors);
  • executive compensation disclosure (to confirm that the required information is useful to investors);
  • offering-related requirements (in light of the changes in offerings and the shift from paper-based offering documents to electronically-delivered offering materials); and
  • exhibits to filings (to confirm whether the required exhibits remain relevant and whether other documents should be added).

I cannot wait for the SEC to start proposing rules implementing these suggestions and creating a more effective disclosure mechanism that would work for the 21st century.   


Board Diversity and Political Contributions Disclosure Continue to Get ISS Support

On December 19, 2013, ISS published its U.S. Proxy Voting Summary Guidelines that are effective for meetings of stockholders held on or after February 1, 2014.  This blog post highlights ISS’ position on two social issues: board diversity and political contributions.  

Board Diversity

Consistent with its guidelines last year, ISS continues to recommend voting for stockholder requests for reports on a company’s efforts to diversify the board unless:

  • the gender and racial minority representation of the company’s board is reasonably inclusive in relation to companies of similar size and business; and
  • the board already reports on its nominating procedures and gender and racial minority initiatives on the board and within the company.

ISS will make recommendations on a case-by-case basis on proposals asking a company to increase the gender and racial minority representation on its board.  In providing its recommendation, ISS will take into account the following factors:

  • the degree of existing gender and racial minority diversity on the company’s board and among its executive officers;
  • the level of gender and racial minority representation that exists at the company’s industry peers;
  • the company’s established process for addressing gender and racial minority board representation;
  • whether the proposal includes an overly prescriptive request to amend nominating committee charter language;
  • the independence of the company’s nominating committee;
  • whether the company uses an outside search firm to identify potential director nominees; and
  • whether the company has had recent controversies, fines, or litigation regarding equal employment practices.

Political Contributions

In connection with proposals related to political contributions, ISS continues to generally recommend voting for proposals requesting greater disclosure of a company’s political contributions and trade association spending policies and activities, considering:

  • the company’s current disclosure of policies and oversight mechanisms related to its direct political contributions and payments to trade associations or other groups that may be used for political purposes, including information on the types of organizations supported and the business rationale for supporting these organizations; and
  • recent significant controversies, fines, or litigation related to the company’s political contributions or political activities.

However, recognizing that businesses are affected by legislation at the federal, state and local level, ISS recommends voting against proposals barring a company from making political contributions. ISS is being practical and concedes that barring political contributions can put the company at a competitive disadvantage.

NASDAQ Proposes to Align its Independence Standards for Compensation Committee Members with the NYSE’s Approach to Such Standards

On November 26, 2013, The NASDAQ Stock Market LLC proposed to amend its listing rules on compensation committee composition (Rule 5605(d)(2)(A) and IM-5605-6) to replace the prohibition on the receipt of compensatory fees by compensation committee members with a requirement that a board of directors instead consider the receipt of such fees when determining eligibility for compensation committee membership.  NASDAQ cited the feedback that it had received from listed companies as the reason for these changes.  The proposed rules are almost identical to the NYSE’s rules related to compensation committee independence and, if adopted, would remove the anomaly of NASDAQ listing rules being more stringent than NYSE rules.

The proposed Rule 5605(d)(2)(A) states that in affirmatively determining the independence of any compensation committee member, the board must consider all factors specifically relevant to determining whether a director has a relationship to the company which is material to that director’s ability to be independent from management in connection with the duties of a compensation committee member, including, but not limited to:

  • the source of compensation of such director, including any consulting, advisory or other compensatory fee paid by the company to such director; and
  • whether such director is affiliated with the company, a subsidiary of the company or an affiliate of a subsidiary of the company.

In IM-5605-6, NASDAQ proposes to clarify that when considering the sources of a director’s compensation in determining compensation committee member independence, the board should consider whether the director receives compensation from any person or entity that would impair the director’s ability to make independent judgments about the company’s executive compensation, including compensation for board or board committee services. 

The approach to the affiliation prong of the independence analysis is not significantly changed in the proposed rules.  However, NASDAQ proposes to revise IM-5605-6 to explain that the board should consider whether the affiliate relationship places the director under the direct or indirect control of the company or its senior management, or creates a direct relationship between the director and members of senior management, in each case of a nature that would impair the director’s ability to make independent judgments about the company’s executive compensation.

Companies are required to comply with the compensation committee composition aspects of the NASDAQ rules by the earlier of their first annual meeting after January 15, 2014, or October 31, 2014.  NASDAQ intends to implement the proposed changes before companies suggest changes to board and committee composition in connection with their 2014 annual meetings.