Is SEC Regulation of Political Spending Dead?

It is unlikely that it is dead, but it certainly is on life support.  But, I believe that board oversight, and disclosure, of corporate political expenditures will continue to increase.

In 2011, the Committee of Corporate Political Spending, a group of ten academics focusing on corporate and securities law, submitted a petition for rulemaking to the SEC asking the SEC to adopt rules to require public companies to disclosure to shareholders the use of corporate resources for political activities. In the following months, the SEC received in excess of one million comments to the petition. Reportedly, most of the comments expressed support for the requested rulemaking. In 2012, the SEC placed disclosure by public companies of their political expenditures on its rulemaking agenda. It would seem that with disclosure of political expenditures being on the SEC’s rulemaking agenda, combined with broad public interest in such a rule (as evidenced by other one million comments on the petition), the SEC would move forward with rulemaking. But, that didn’t happen.

The SEC dropped from its rule making agenda political expenditures disclosure in 2013.   But, the issue was not dead; press coverage continued.   For example, on October 29, 2014, the New York Times published an editorial advocating for an SEC rule requiring disclosure of corporate political expenditures. In a letter to the editor of the New York Times responding to the editorial, Commissioner Daniel M. Gallagher stated “[m]andatory political contribution disclosure deserves no place on the agency’s agenda, and I will fight to keep it that way.” Given the removal of political expenditures disclosure from the SEC’s rulemaking agenda and Commissioner Gallagher’s public opposition to any such rule, it is probably a fairly safe bet that, unless prodded by congress, the SEC will not take any rulemaking action with respect to disclosure of corporate political expenditures in the near future.

While it appears that the SEC will not take action any time soon, the idea of requiring public companies to disclose political expenditures has certainly not gone away. As we have written about in the past, Institutional Shareholder Services continues to generally recommend that shareholders vote for proposals to require greater disclosure of a company’s political contributions and trade association spending policies and activities. Further, a majority of companies reviewed by the Center for Political Accountability and the Zicklin Center for Business Ethics Research (generally, the top 300 companies in the S&P 500) continue to have some level of board oversight of their political contributions and expenditures. The Shareholders Protection Act of 2015 was also recently introduced in the House of Representatives. If passed (which is unlikely), the bill would amend The Securities Exchange Act of 1934 to require not only disclosure, but shareholder approval of political expenditures and require national securities exchanges and associations to require a board of directors vote for political expenditures in excess of $50,000.

I, for one, hope that Commission Gallagher is successful in his efforts to keep political expenditures disclosure off the SEC’s rulemaking agenda. Existing disclosure documents are already far too long and far too complex. Heaping more disclosure obligations on public companies would simply contribute to that problem. While new SEC rulemaking appears to be unlikely, pressure from shareholders, shareholder groups and others will likely lead to increasing board oversight, and increased voluntary disclosure, of corporate political expenditures.

Boards Should Put Time and Resources into Cybersecurity Issues – It Is Good for Business and Works as a Defense Strategy

We have previously blogged about Commissioner Aguilar’s recommendations at a NYSE conference, “Cyber Risks and the Boardroom” on what boards of directors should do to ensure that their companies are appropriately considering and addressing cyber threats. On October 20, 2014, the United States District Court for the District of New Jersey dismissed a derivative lawsuit (Palkon v. Holmes, Case No. 2:14-CV-01234) filed against directors and certain officers, including General Counsel, of Wyndham Worldwide Corporation (WWC). The Court’s opinion can be viewed as a real life validation of the principles outlined in the Commissioner’s speech. Continue reading “Boards Should Put Time and Resources into Cybersecurity Issues – It Is Good for Business and Works as a Defense Strategy”

Commissioner Aguilar Shares His Views on Directors’ Oversight of Cyber-Risk Management

On June 10, 2014, Commissioner Luis A. Aguilar spoke at a NYSE conference, “Cyber Risks and the Boardroom,” about what boards of directors should do to ensure that their companies are appropriately considering and addressing cyber threats.

Commissioner Aguilar was concerned that “there may be a gap that exists between the magnitude of the exposure presented by cyber-risks and the steps, or lack thereof, that many corporate boards have taken to address these risks.” Commissioner Aguilar stressed that boards should, among other matters:

  • review annual budgets for privacy and IT security programs;
  • assign roles and responsibilities for privacy and security; and
  • receive regular reports on breaches and IT risks.

Boards should also:

  • have a clear understanding of who at the company has primary responsibility for cybersecurity risk oversight and for ensuring the adequacy of the company’s cyber-risk management practices; and
  • put time and resources into making sure that management has developed a well-constructed response plan that is consistent with best practices for a company in the same industry (including a consideration of whether and how cyber-attacks should be disclosed to customers and to investors).

Commissioner Aguilar suggested that one conceptual roadmap boards should consider is the Framework for Improving Critical Infrastructure Cybersecurity, released by the National Institute of Standards and Technology (NIST) in February 2014. The NIST Cybersecurity Framework provides companies with a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk consisting of five concurrent and continuous functions:

(i)                 identify known cybersecurity risks to the company’s infrastructure;

(ii)               develop safeguards to protect the delivery and maintenance of infrastructure    services;

(iii)             implement methods to detect the occurrence of a cybersecurity event;

(iv)             develop methods to respond to a detected cybersecurity event; and

(v)               develop plans to recover and restore the company’s capabilities that were impaired as a result of a cybersecurity event.

Boards should work with management to assess their corporate policies to ensure how they measure up to the Framework’s guideline.

Commissioner Aguilar emphasized that cyber-risk is part of a board of director’s overall risk oversight responsibilities, in addition to liquidity and operational risks facing the company. Generally, the board’s risk oversight function lies either with the full board or is delegated to the board’s audit committee. But the board’s audit committee may not have the expertise, support, or skills necessary to add oversight of a company’s cyber-risk management to its agenda. Some boards create a separate enterprise risk committee.

There is obviously no “one-size-fits-all” way to address cybersecurity issues at the board level and each company should evaluate its board composition and determine what would be the most effective way for its board to oversee cyber-risk management.

Board Oversight of Political Contributions Is Steadily Rising

In September 2013, the Center for Political Accountability and the Zicklin Center for Business Ethics Research published their third annual index of political accountability and disclosure (2013 Index), which focuses on political spending disclosure of the top 200 companies in the S&P 500 Index. The Index reviews companies’ policies disclosed on their websites and describes:

  • the ways that companies manage and oversee political spending;
  • the specific spending restrictions that many companies have adopted; and
  • the policies and practices that need the greatest improvement.

The 2013 Index demonstrates that of the 195 companies reviewed in both 2012 and 2013, 78% of companies improved their overall scores for political disclosure and accountability.  In particular, data from the 2013 Index indicates that a growing number of companies have some level of board oversight of their political contributions and expenditures.  For example,

  •  62% of companies said that their boards of directors regularly oversee corporate political spending in 2013, compared to 56% in 2012;
  • 57% of companies said that a board committee reviews company policy on political spending in 2013, compared to 49% in 2012; and
  • 56% of companies said that a board committee reviews company political expenditures in 2013, compared to 45% in 2012.