SEC Holds Cybersecurity Roundtable

On March 26, 2014, as we have previously blogged, the SEC hosted a cybersecurity roundtable to address the growing “cyber-threat” faced by public companies and other capital markets participants. The roundtable included four panels that discussed the cybersecurity landscape, public company disclosure, as well as market systems and participants (for an overview of the panels, see

SEC Chair White noted in her introductory remarks to the roundtable that cyber threats pose non-discriminating risks across our economy to all critical infrastructures, including financial markets, banks, intellectual property, and private consumer data (i.e., no company can be immune to such threats). Chair White also pointed out that the current SEC guidance on this topic (CF Disclosure Guidance: Topic No. 2, Cybersecurity) provides that material information concerning cybersecurity risks and cyber incidents must be disclosed in SEC filings.

SEC Commissioner Aguilar noted that the SEC’s informal disclosure guidance regarding cybersecurity helped investors and public companies to assess cybersecurity issues and questioned whether the SEC should be doing more to ensure the proper functioning of the capital markets and the protection of investors. The Commissioner suggested that the SEC should establish a Cybersecurity Task Force composed of representatives from each SEC division that will discuss these issues and advise the SEC as appropriate.

SEC Announces the Agenda of Its Cybersecurity Roundtable; Target Corporation Files Form 10-K Bleeding out Disclosures about Its Data Breach

We have previously blogged about March 26 SEC cybersecurity roundtable and the SEC paying close attention to cybersecurity issues, especially on the heels of the cybersecurity breaches faced by Target and other retailers.  On March 19, 2014, the SEC issued a notice about the coming cybersecurity roundtable shedding light on the topics that will be discussed at the roundtable.

The panelists will have a well-rounded discussion of the cybersecurity issues faced by different constituencies, including:

  • exchanges and other key market systems;
  • broker-dealers;
  • investment advisers;
  • transfer agents; and
  • public companies.

Panelists will also be invited to discuss industry and public-private sector coordination efforts relating to assessing and responding to cybersecurity issues.

This roundtable discussion will be very timely.  On March 14, 2014, Target filed its Annual Report on Form 10-K, which reads as Exhibit A to the SEC’s 2011 guidance on cybersecurity disclosures (CF Disclosure Guidance: Topic No. 2, Cybersecurity).  Among other disclosures, the company beefed up the risk factors to talk about its data breach and included a detailed discussion of the ramifications of this breach into its “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” 

Some details of Target’s disclosure are quite interesting.  As a result of the data breach, Target recorded $61 million of pretax data breach-related expenses, some of which may be offset by its network-security insurance coverage.  Such expenses include costs to investigate the data breach, provide credit-monitoring services to its customers, increase staffing in its call centers, and procure legal and other professional services. More than 80 actions have been filed and other claims may be asserted against Target on behalf of its customers, payment card issuing banks, shareholders or others seeking relief in connection with the data breach. In addition, State Attorneys General, the Federal Trade Commission and the SEC are investigating events related to the data breach. Probably, one of the most important ramifications is the effect of the data breach on sales as Target believes that the data breach adversely affected its fourth quarter U.S. Segment sales.

The SEC Is Taking a Hard Look at Fixed Income Markets

On March 28, 2013, the SEC announced the agenda and potential topics for discussion at its April 16 Fixed Income Markets Roundtable. The roundtable will focus on the transparency and efficiency of fixed income markets and will be divided into four panels. The first two panels will examine the current market structure for municipal securities and corporate bonds, and the last two panels will discuss potential improvements to the market structure for municipal securities, corporate bonds and asset-backed securities. The SEC’s list of possible agenda items for the panels makes it clear that the SEC is taking a hard look at the structure of the fixed income markets. Please see below a few discussion points related to corporate bonds that the SEC is interested in:

• How large is the corporate bond market? How diverse is the universe of corporate bond issuers and products? How large is the institutional investor presence? If a retail customer wishes to buy or sell a corporate bond, how would the transaction typically be handled by the customer’s broker? Does the process for buying and selling a corporate bond differ for an institutional investor?

• Does trading in corporate bonds differ depending on whether the bonds were sold in offerings registered under the Securities Act or in private offerings, including Rule 144A eligible offerings? Do different types of corporate bonds (e.g., plain vanilla, convertible bonds, structured debt) trade differently? Do investment grade bonds trade differently from non-investment grade bonds?

• What are the liquidity characteristics of the corporate bond market? Do some types of corporate bonds tend to be more liquid than others? If so, which ones and why?

• Are transaction costs for certain types of convertible bonds (e.g., convertible bonds, high-yield bonds) materially different from other corporate bonds?

• Does the primary offering process differ depending on whether it is registered under the Securities Act or made in reliance on an exemption from registration, including Rule 144A eligible offerings? Does it differ based on the type of debt being offered? What are the significant trends in the primary market for corporate bonds? What are the trends in private debt and how do they affect the public debt markets? Are there concerns about the availability of corporate bonds in primary offerings?

• Does the pricing of primary offerings or do prices in the secondary market differ depending on whether the bonds were sold in registered offerings or in exempt offerings, including Rule 144A eligible offerings? Does pricing differ depending on the type of purchaser for the corporate bonds?

• Are there ways to improve the availability or timing of information on the corporate bond issuer that is made available to investors? Are there ways to improve the pricing of corporate bonds in primary offerings?

The SEC expects that the information provided in connection with this roundtable may influence the SEC’s decision to engage, or not engage, in rulemaking in this area.