Public companies must focus on a number of evolving disclosure and corporate governance considerations as they progress through the annual reporting and proxy season. Morrison & Foerster discusses hot topics in 2020 — from MD&A and risk factor disclosures such as LIBOR, Brexit, technology, data privacy, and coronavirus, to board diversity and ESG.
As companies prepare upcoming annual and quarterly reports, they should consider recent guidance from the U.S. Securities and Exchange Commission (the “SEC”) and its staff (the “Staff”), as well as rapidly evolving disclosure issues driven by external events.
On January 30, 2020, the SEC issued an interpretive release addressing Item 303 of Regulation S-K. In the interpretive release, the SEC provides guidance on disclosure of key performance indicators and metrics in Management’s Discussion and Analysis of Results of Operations and Financial Condition (“MD&A”).
In the interpretive release, the SEC notes that disclosure of key performance indicators and metrics in MD&A is consistent with the requirement in Item 303(a) of Regulation S-K to disclose information not specifically referenced in the item that the company believes is necessary to an understanding of its financial condition, changes in financial condition, and results of operations, as well as the requirement of a discussion and analysis of “other statistical data” that, in the company’s judgment, enhances a reader’s understanding of MD&A, citing to prior SEC guidance on the topic.
The interpretive release indicates that, when a public company discloses a key performance indicator or metric, it should consider existing MD&A requirements and the need to include such further material information, if any, as may be necessary in order to make the presentation of the metric, in light of the circumstances under which it is presented, not misleading. Further, the SEC notes that companies should consider the extent to which an existing regulatory disclosure framework applies to the key performance indicator or metric, such as generally accepted accounting principles or Regulation G and Item 10(e) of Regulation S-K (the non-GAAP financial measure requirements).
The SEC states that companies should consider what additional information may be necessary to an understanding of the key performance indicator or metric presented, indicating that it would generally expect, based on the facts and circumstances, the following disclosures to accompany the key performance indicator or metric:
- a clear definition of the key performance indicator or metric and how it is calculated;
- a statement indicating the reasons why the key performance indicator or metric provides useful information to investors; and
- a statement indicating how management uses the key performance indicator or metric in managing or monitoring the performance of the business.
The SEC indicates that companies should consider whether there are estimates or assumptions underlying the key performance indicator or metric or its calculation and “whether disclosure of such items is necessary for the metric not to be materially misleading.” When a company changes the methodology used to calculate or present a key performance indicator or metric, the SEC indicates that a company must consider the need to disclose, to the extent material:
- the differences in the way the metric is calculated or presented compared to prior periods;
- the reasons for such changes;
- the effects of any such change on the amounts or other information being disclosed and on amounts or other information previously reported; and
- such other differences in methodology and results that would reasonably be expected to be relevant to an understanding of the company’s performance or prospects.
The SEC notes that a company may need to recast prior metrics to conform to the current presentation to place the current disclosure in an appropriate context.
The SEC indicated in its interpretive guidance that companies must maintain effective controls and procedures with regard to the material key performance indicators or other metrics that are publicly disclosed.
In March 2019, the SEC revised Instruction 1 to Item 303(a) of Regulation S-K to eliminate the reference to presenting year-to-year comparisons to explain the financial information presented in MD&A. As now revised, Instruction 1 to Item 303(a) states that companies may use any presentation that, in the company’s judgment, enhances a reader’s understanding of the company’s financial condition, changes in financial condition, and results of operations and permits companies to omit the discussion of the earliest of the three years in MD&A, if such discussion was already included in any of the company’s prior filings on EDGAR that required Item 303 disclosure. When a company elects to exclude the third year comparison in reliance on Instruction 1 to Item 303(a), the company must identify the location in the prior filing where the omitted discussion can be found.
In January 2020, the Staff provided guidance regarding the omission of the third year comparison from MD&A in three new Regulation S-K Compliance and Disclosure Interpretations (“C&DIs”). In Question 110.02 of the Regulation S-K C&DIs, the Staff indicates that, when a company relies on Instruction 1 to Item 303(a) to omit a discussion of the earliest of three years and includes the required statement that identifies the location of such discussion in a prior filing, the statement merely identifies the location of the disclosure in the prior filing, and the statement does not serve to incorporate such disclosure into the filing, unless the company expressly states that the information is incorporated by reference.
Next, in Question 110.03 of the Regulation S-K C&DIs, the Staff states that a company may not rely on Instruction 1 to Item 303(a) of Regulation S-K to omit a discussion of the earliest of three years from its current MD&A if it believes a discussion of that year is necessary. The Staff indicates that Item 303(a) requires that the company provide such information that it believes to be necessary to an understanding of its financial condition, changes in financial condition, and results of operations. Therefore, the Staff states that “a registrant must assess its information about the earliest of three years and, if it is required by Item 303(a), include it in the current disclosure or expressly incorporate by reference its discussion from a previous filing.”
Lastly, in Question 110.04 of the Regulation S-K C&DIs, the Staff addresses a situation where a company has an effective registration statement that incorporates by reference its Form 10-K for the fiscal year ended December 31, 2018. In its Form 10-K for the fiscal year ended December 31, 2019, the company will omit the discussion of its results for the fiscal year ended December 31, 2017, pursuant to Instruction 1 to Item 303(a) of Regulation S-K, and include a statement identifying the location of the discussion presented in the 2018 Form 10-K, and the filing of that 2019 Form 10-K will operate as the 1933 Act Section 10(a)(3) update to the registration statement. The Staff notes that, after the company files the 2019 Form 10-K, the company’s discussion of its results for the fiscal year ended December 31, 2017, will not be incorporated by reference into the registration statement, because the filing of the 2019 Form 10-K establishes a new effective date for the registration statement. The Staff notes that, as of the new effective date, the registration statement incorporates by reference only the 2019 Form 10-K, which does not contain the company’s discussion of results for the fiscal year ended December 31, 2017, unless, as indicated in Question 110.02, the information is expressly incorporated by reference.
In a world of constantly evolving risks and uncertainties, public companies need to carefully consider the adequacy of risk factor disclosures included in SEC filings. The SEC and the Staff have provided guidance that is relevant to risk factors in the 2020 reporting season.
Exposure to the LIBOR Transition
On July 12, 2019, the Division of Corporation Finance issued a joint statement regarding LIBOR risks with the Division of Investment Management, the Division of Trading & Markets and the Office of the Chief Accountant to indicate that companies should identify their exposure under contracts that extend past 2021 and consider whether future contracts should use an alternative rate. The Staff indicates that, as companies consider transition from LIBOR and address the risks presented, “it is important to keep investors informed about the progress toward risk identification and mitigation, and the anticipated impact on the company, if material.” In this regard, the Staff provided following guidance:
- the evaluation and mitigation of risks related to the expected discontinuation of LIBOR may span several reporting periods, so companies should consider disclosing the status of company efforts to date and the significant matters yet to be addressed;
- when a company has identified a material exposure to LIBOR but does not yet know or cannot yet reasonably estimate the expected impact, it should consider disclosing that fact; and
- disclosures that allow investors to see this issue through the eyes of management are likely to be the most useful for investors, including information used by management and the board in assessing and monitoring the LIBOR transition, including qualitative disclosures and, when material, quantitative disclosures, such as the notional value of contracts referencing LIBOR and extending past 2021.
The joint statement notes that the companies most frequently providing LIBOR transition disclosure are in the real estate, banking, and insurance industries and that larger companies are more likely to include disclosure about the transition away from LIBOR.
While the uncertainty as to when the United Kingdom (the “UK”) will separate itself from the European Union (the “EU”) has been resolved, the uncertainty of the terms of the UK’s departure from the EU remains. The UK is now in a transition period until December 31, 2020, and during this period the UK will continue to follow the EU’s rules, and the UK’s trading relationship with the EU remains in place. Questions remain as to whether the UK and the EU are able to negotiate new trade agreements and other arrangements during the transition period, as well as the potential terms of such arrangements.
Over the past few years, the SEC Chairman and the Staff have reminded companies that they need to disclose risks associated with Brexit. In a 2019 speech, Bill Hinman, the Director of the Division of Corporation Finance indicated that “merely stating that Brexit presents a risk, that the outcome is uncertain and that it could materially and adversely impact the business and its operations” is not sufficient risk disclosure. Based on Hinman’s speech, a public company should continue to consider:
- whether the company is exposed to new regulatory risk given the uncertainty as to what set of laws and regulations will apply;
- the existence of significant supply chain risks due to the potential disruption to the UK’s access to free trade agreements with other nations;
- whether the company is at risk of losing customers, a decrease in sales or revenues, or an increase in costs due to tariffs or other factors;
- the company’s exposure to currency devaluation, foreign currency exchange rate risk, or other market risk;
- whether the company has undertaken a review of existing contracts with counterparties in the UK or the EU to determine whether renegotiation or termination is necessary in light of material contractual obligations; and
- whether Brexit-related issues affect financial statement recognition, measurement, or disclosure items, such as inventory write-downs and hedge accounting.
The situation with Brexit is likely to continue to evolve throughout 2020; therefore, companies will need to monitor those developments and assess how those developments impact their overall risk profile.
Intellectual Property and Technology Risks
On December 19, 2019, the Division of Corporation Finance issued CF Disclosure Guidance: Topic No. 8, Intellectual Property and Technology Risks Associated with International Business Operations, providing the Staff’s views about disclosure obligations with respect to technology, data, and intellectual property risks that could arise when operations take place outside the United States (the “US”).
The guidance notes that, for those companies that conduct business operations outside the US, risks can arise with regard to technology and intellectual property, particularly when operations take place in jurisdictions that do not provide protection that is comparable to the US. In this regard, the Staff observes that companies may be exposed to material risks of “theft of proprietary technology and other intellectual property, including technical data, business processes, data sets or other sensitive information.” The Staff also states that, while there is no specific line-item requirement under the federal securities laws to disclose “information related to the compromise (or potential compromise) of technology, data or intellectual property,” the SEC’s disclosure requirements apply to a broad range of evolving business risks and disclosure about such matters may be necessary in risk factors, management’s discussion and analysis, the business description, legal proceedings, disclosure controls and procedures, and/or financial statements.
The Staff notes that companies face the risk of theft of technology, data and intellectual property, which could occur through a direct intrusion by private parties or foreign actors (including those affiliated with or controlled by state actors). In addition, the Staff provides examples of situations where a company may be required to “compromise protections or yield rights to technology, data or intellectual property in order to conduct business or access markets in a foreign jurisdiction, either through formal written agreements or due to legal or administrative requirements in the host nation.”
The Staff encourages companies “to assess the risks related to the potential theft or compromise of their technology, data or intellectual property in connection with their international operations, as well as how the realization of these risks may impact their business, including their financial condition and results of operations, and any effects on their reputation, stock price and long-term value.” When these risks are material to investment and voting decisions, the Staff believes that the risks should be disclosed in a manner that allows investors to evaluate these risks “through the eyes of management.” The Staff states in the guidance that disclosure about these risks should be specifically tailored to a company’s unique facts and circumstances and that “hypothetical disclosure of potential risks is not sufficient to satisfy [a company’s] reporting obligations.”
The Staff suggests a list of questions that companies should consider when assessing and disclosing risks. Those questions relate to:
- heightened risks to technology or intellectual property because the company maintains significant assets or earns a material amount of revenue abroad;
- operations in an industry or foreign jurisdiction that has caused, or may cause, the company to be particularly susceptible to the theft of technology or intellectual property or the forced transfer of technology;
- products that have been, or may be, subject to counterfeit and sale, including through e‑commerce;
- transfers or licenses of technology or intellectual property to a foreign entity or government;
- storage of technology or intellectual property locally in a foreign jurisdiction;
- required use of equipment or services provided by a state actor;
- entrance into patents or technology license agreements with a foreign entity or government;
- requirements that foreign parties must be controlling shareholders, hold a majority of shares in a joint venture in which the company is involved, or involvement in a joint venture that is subject to foreign ownership restrictions or requirements;
- state actor or regulator access to company technology or intellectual property;
- requirements to yield rights to technology or intellectual property as a condition to conducting business in or accessing markets located in foreign jurisdictions;
- operations in foreign jurisdictions where the ability to enforce rights over intellectual property is limited as a statutory or practical matter;
- conducting business in a foreign jurisdiction or through a joint venture that may be subject to state secrecy or other laws;
- the ability to readily produce data or other information that is housed internationally in response to regulatory requirements or inquiries;
- conditions in foreign jurisdiction that may cause the company to relocate or consider relocating operations (including material cost related to such a relocation, such as costs to train new employees, establish new facilities and supply chains, and of any related effects on production, manufacture, and/or export of products);
- controls and procedures to adequately protect technology and intellectual property from potential compromise or theft; and
- the level of risk oversight and management of the board of directors and executive officers with regard to the company’s data, technology, and intellectual property and how those assets may be impacted by operations in foreign jurisdictions.
Cybersecurity and Data Privacy
In February 2018, the SEC provided guidance on cybersecurity disclosures, noting that “cybersecurity presents ongoing risks and threats to our capital markets and to companies operating in all industries, including public companies regulated by the Commission.” In the interpretive release, the SEC states that “[c]ompanies should disclose the risks associated with cybersecurity and cybersecurity incidents if these risks are among such factors [that required disclosure under the risk factor line item], including risks that arise in connection with acquisitions.” The SEC noted several factors that companies should consider addressing in the context of their cybersecurity risk factor disclosure, including:
- the occurrence of prior cybersecurity incidents, including their severity and frequency;
- the probability of the occurrence and potential magnitude of cybersecurity incidents;
- the adequacy of preventative actions taken to reduce cybersecurity risks and the associated costs, including, if appropriate, discussing the limits of the company’s ability to prevent or mitigate certain cybersecurity risks;
- the aspects of the company’s business and operations that give rise to material cybersecurity risks and the potential costs and consequences of such risks, including industry-specific risks and third party supplier and service provider risks;
- the costs associated with maintaining cybersecurity protections, including, if applicable, insurance coverage relating to cybersecurity incidents or payments to service providers;
- the potential for reputational harm;
- existing or pending laws and regulations that may affect the requirements to which companies are subject relating to cybersecurity and the associated costs to companies; and
- litigation, regulatory investigation, and remediation costs associated with cybersecurity incidents.
The SEC also notes that “companies may need to disclose previous or ongoing cybersecurity incidents or other past events in order to place discussions of these risks in the appropriate context.” The SEC provides the example that when a company previously experienced a material cybersecurity incident involving denial-of-service, “it likely would not be sufficient for the company to disclose that there is a risk that a denial-of-service incident may occur. Instead, the company may need to discuss the occurrence of that cybersecurity incident and its consequences as part of a broader discussion of the types of potential cybersecurity incidents that pose particular risks to the company’s business and operations. Past incidents involving suppliers, customers, competitors, and others may be relevant when crafting risk factor disclosure.”
When reviewing filings under its selective review program, the Staff has often asked that companies break out cybersecurity risks into a separate risk factor, rather than including the risk in a broader risk factor that addresses a variety of other concerns that the company faces. A frequent area of Staff comment on cybersecurity risk factor disclosure has been to ask that the company address any actual or attempted attacks or breaches in order to put the risk factor disclosure in context, even if those breaches or attacks did not have a material adverse impact on the company’s business. Some of the other areas that the cybersecurity risk factor should address include:
- the risk that a cybersecurity breach might go undetected for long periods of time and that upon detection the company may not immediately recognize the full impact of the breach;
- particular risks that may be raised by third-party access to a company’s information technology systems, including the ways in which access by vendors, joint venture partners, outsourcing parties or others might expose the company to an attack or a breach; and
- whether the company has insurance coverage for cyber incidents and the extent to which costs of an attack or breach could exceed that insurance coverage.
Companies are increasingly presenting data privacy considerations in a separate risk factor, even though cybersecurity incidents often involve a breach of a company’s data privacy protections. The GDPR, which extended the scope of EU data protection laws to companies processing data of EU residents, as well as the California Consumer Privacy Act and other data privacy laws adopted in other jurisdictions around the world, have created new risks and uncertainties for companies that obtain, store, and process data of employees, customers, suppliers, contractors, etc. Companies have also faced an increasingly active enforcement environment, as regulatory authorities increase investigations and actions related to data security incidents and privacy violations. In light of these developments, companies are increasingly addressing specific data privacy risks in their risk factor disclosure.
Tariffs and Trade
Companies have recently included expanded disclosure about risks associated with the imposition of tariffs, the renegotiation of trade agreements, and global trade tensions in light of recent US trade policy initiatives. The risk factor disclosures address the ways in which trade tensions, the imposition of tariffs, and changes to trade agreements may have a material adverse effect on a company. These disclosures tend to vary by industry and the extent of the company’s international operations. Those companies that may not be directly impacted by the trade tensions, tariffs or renegotiation of trade agreements could face a material adverse effect on their business to the extent that trade concerns constrain the growth of the economy or otherwise cause adverse economic effects. In 2020, companies will need to monitor trade developments to determine whether changes to risk factor disclosure may be necessary.
Hypothetical Risk Factor Disclosures
The SEC and the Staff have expressed concern with risk factor disclosure that is hypothetical and therefore does not put the risk described in appropriate context. As noted above, in the SEC’s 2018 interpretive release on cybersecurity, the SEC states that, “[i]n meeting their disclosure obligations, companies may need to disclose previous or ongoing cybersecurity incidents or other past events in order to place discussions of these risks in the appropriate context.” The SEC indicates that a company may need to discuss the occurrence of that cybersecurity incident and its consequences as part of the company’s broader discussion of the types of cybersecurity incidents that could occur and impact the company’s business and operations. The Staff has raised comments on risk factor disclosure expressing the concern that the risk is only presented in a hypothetical context when the company has in fact experienced the matters discussed in the risk.
The SEC addressed the concerns with hypothetical risk factors in two recent enforcement actions. In one action, the SEC alleged that a company’s risk factor disclosures misleadingly suggested that the company faced merely the hypothetical risk of the misuse of user data, which created the false impression that the company had not in fact suffered a significant episode of misuse of user data by a developer. In another action, the SEC alleged that the company’s risk factor disclosure was misleading because the disclosure identified risks as merely potential risks, when in fact events had occurred which made the risks a reality. In the enforcement actions, the SEC highlighted the need for disclosure controls and procedures that can identify situations where a risk that is described as hypothetical has actually occurred, so that the disclosure can be revised to properly reflect the risk in context.
In late 2019, the outbreak of a coronavirus, also known as COVID-19, in Wuhan, China, prompted a worldwide response seeking to limit the spread of the disease, including widespread restrictions on business and travel in China. Given the importance of China to many public companies, the continued impact of the coronavirus has caused public companies to consider their disclosure obligations arising from the crisis.
The materiality of risks associated with the coronavirus depends upon the nature, extent, and potential magnitude of the impact on the company’s business and the scope of the company’s operations. In accordance with Basic v. Levinson, a company should consider the indicated probability of the event and the anticipated magnitude of the event in light of the totality of the company’s business activity. A company must evaluate whether it has an affirmative disclosure obligation that would require the company to address the risks and uncertainties arising from the coronavirus outbreak, including any upcoming SEC periodic and current reports, potential securities offerings, ongoing share repurchases, or other public statements (such as earnings announcements or investor day presentations).
If developments with the outbreak of the coronavirus make it possible that the company will miss its outstanding earnings guidance by a significant extent, it may be necessary for the company to consider a “pre-release” of the company’s results or disclosure of revised guidance. This decision is largely driven by a desire to preserve the company’s credibility with the investment community. While there are no specific rules, convention favors pre-release of financial information when a company is going to miss guidance estimates by at least a 5% to 10% margin, although some companies update guidance when there is even less of a gap, depending on the circumstances.
On January 30, 2020, SEC Chairman Jay Clayton stated at an open meeting for a new MD&A rule proposal that he had asked the Staff to “monitor and, to the extent necessary or appropriate, provide guidance and other assistance to issuers and other market participants regarding disclosures related to the current and potential effects of the coronavirus.” He further stated that the effects “may be difficult to assess or predict with meaningful precision both generally and as an industry- or issuer-specific basis,” noting that “actual effects will depend on many factors beyond the control and knowledge of issuers.” Chairman Clayton further noted that “how issuers plan for that uncertainty and how they choose to respond to events as they unfold can nevertheless be material to an investment decision.”
On February 19, 2020, SEC Chairman Jay Clayton, Division of Corporation Finance Director Bill Hinman, SEC Chief Accountant Sagar Teotia, and PCAOB Chairman William D. Duhnke III issued guidance titled Statement on Continued Dialogue with Audit Firm Representatives on Audit Quality in China and Other Emerging Markets; Coronavirus — Reporting Considerations and Potential Relief.
The joint statement included the observation that U.S.-listed companies (including companies based in the US, companies based in China, and companies based outside of the US but not based in China) may have significant operations in China and other jurisdictions that may be affected by the coronavirus. The statement further noted that companies that do not themselves have operations in China or other potentially affected jurisdictions may depend on companies that do have operations in those jurisdictions, including, for example, as suppliers, distributors, and/or customers.
The authors of the joint statement noted that, in recent dialogue with the senior leaders of the largest U.S. audit firms, they have discussed the potential exposure of companies to the effects of the coronavirus and the impact that exposure could have on financial disclosures and audit quality. In those discussions, they emphasized:
- the need to consider potential disclosure of subsequent events in the notes to the financial statements in accordance with guidance included in Accounting Standards Codification 855, Subsequent Events;and
- the SEC’s general policy to grant appropriate relief from filing deadlines in situations where, in light of circumstances beyond the control of the company, filings cannot be completed on time with appropriate review and attention.
It was noted that the Staff welcomes questions regarding the reporting of matters related to the potential effects of the coronavirus, including potential subsequent event disclosure.
The joint statement encouraged companies and advisors to contact the Staff regarding any need for relief or guidance. It was further noted that based on these communications and its continuing monitoring of the situation, the Staff will determine whether to provide additional guidance and relief as appropriate for affected parties, including relief that may be made available on a case-by-case or on broader basis, as circumstances merit.
With the 2020 proxy season now underway, public companies should consider a number of hot topics that will influence developments with proxy solicitations and annual meetings.
On December 18, 2018, the SEC adopted amendments to its rules to implement Section 955 of the Dodd-Frank Act, which added new Section 14(j) to the Exchange Act. As adopted, new paragraph (i) of Item 407 of Regulation S-K requires a company to describe any practices or policies it has adopted (whether written or not) regarding the ability of its employees (including officers) or directors of the company, or any of their designees, to purchase financial instruments (including prepaid variable forward contracts, equity swaps, collars, and exchange funds), or otherwise engage in transactions that hedge or offset, or are designed to hedge or offset, any decrease in the market value of company equity securities granted as compensation of the employee or director or held, directly or indirectly, by the employee or director. A company is required to provide a fair and accurate summary of the practices or policies that apply, including the categories of persons covered and any categories of hedging transactions that are specifically permitted and any categories that are specifically disallowed. Alternatively, the company is required to disclose the practices or policies in full. If a company does not have any such practices or policies, the company must disclose that fact or state that hedging transactions are generally permitted.
Companies that are not foreign private issuers, listed closed-end investment companies, smaller reporting companies, or emerging growth companies began complying with the new disclosure requirement specified in Item 407(i) of Regulation S-K in proxy statements or information statements with respect to the election of directors during fiscal years beginning on or after July 1, 2019. Companies that qualify as smaller reporting companies or emerging growth companies must comply with the new disclosure requirement specified in Item 407(i) of Regulation S-K in proxy statements or information statements with respect to the election of directors during fiscal years beginning on or after July 1, 2020. The disclosure is not required for foreign private issuers and listed closed-end investment companies.
Exchange Act Section 14(j) directed the SEC to require each company to disclose in any proxy or consent solicitation material for an annual meeting of shareholders whether any employee or member of its board of directors, or any designee of such employee or director, is permitted to purchase financial instruments (including prepaid variable forward contracts, equity swaps, collars and exchange funds) that are designed to hedge or offset any decrease in the market value of equity securities: (i) granted to the employee or director by the company as part of the compensation of the employee or director or (ii) held, directly or indirectly, by the employee or director.
The SEC proposed to adopt new paragraph (i) of Item 407 of Regulation S-K in February 2015. The SEC considered the report issued by the Senate Committee on Banking, Housing, and Urban Affairs with regard to Section 955 of the Dodd-Frank Act and noted that the additional disclosure required by the proposed amendments would “provide transparency” to shareholders “to know if executives are allowed to purchase financial instruments to effectively avoid compensation restrictions that they hold stock long-term, so that they will receive their compensation even in the case that their firm does not perform.” The SEC received 22 comments on the proposal. Comments received by the SEC were largely supportive of the proposed amendments and their objectives.
In the adopting release, the SEC noted that the final rule amendments do not direct companies to have practices or policies regarding hedging or dictate the content of any such practice or policy.
As adopted, Item 407(i) of Regulation S-K requires a company to describe any practices or policies it has adopted (whether written or not) regarding the ability of its employees (including officers) or directors of the company, or any of their designees, to purchase financial instruments (including prepaid variable forward contracts, equity swaps, collars and exchange funds), or otherwise engage in transactions that hedge or offset, or are designed to hedge or offset, any decrease in the market value of company equity securities granted as compensation of the employee or director or held, directly or indirectly, by the employee or director.
A company is required to provide either:
- a fair and accurate summary of the practices or policies (whether written or not) that apply, including the categories of persons covered and any categories of hedging transactions that are specifically permitted and any categories that are specifically disallowed; or
- disclosure of the practices or policies in full.
If a company does not have any practices or policies regarding hedging, then the company must:
- disclose that the company does not have any practices or policies regarding hedging; or
- state that hedging transactions are generally permitted.
Item 407(i) does not require disclosure in the annual meeting proxy statement or information statement of any hedging transactions that have occurred. In the adopting release, the SEC indicates that such disclosure would be repetitive, considering a company’s existing Section 16 reporting requirements.
The disclosure specified in Item 407(i) of Regulation S-K is required to be disclosed in a proxy statement or information statement when action is to be taken with respect to the election of directors. The disclosure is not required in Form 10-K Part III disclosure, even if that disclosure is incorporated by reference from the company’s definitive proxy statement or information statement.
The disclosure required by new Item 407(i) must be included in a proxy statement or information statement when action is to be taken with respect to the election of directors. Noting that Item 402(b) of Regulation S-K requests disclosure of policies regarding hedging by named executive officers and that the two distinct disclosure requirements could lead to repetition in the proxy statement or information statement, the SEC adopted new Instruction 6 to Item 402(b) of Regulation S-K, which indicates that an issuer may satisfy the Item 402(b) disclosure requirement by cross-referencing the information disclosed pursuant to new Item 407(i), to the extent that the information disclosed pursuant to new Item 407(i) satisfies the requirement.
Investor and Proxy Advisory Service Focus on Board Diversity
Board diversity remains a significant area of focus for institutional investors and proxy advisors. In September 2019, Institutional Shareholder Services, Inc. (“ISS”) released the findings of its 2019 Global Benchmark Policy Survey. The survey is a part of ISS’s annual global benchmark policy development process and was open to institutional investors, corporate executives, board members and all other interested constituencies. The survey solicited broad feedback on areas of potential policy change for 2020 and in the future. On the topic of board gender diversity, responses to ISS’s question about views on the importance of gender diversity on boards showed that 61% of investor respondents and 55% of non-investor respondents agreed that board gender diversity is an essential attribute of effective board governance, regardless of the company or its market. Among those respondents who did not agree with that view, investor respondents tended to favor a market-by-market approach, while non-investor respondents tended to favor an analysis conducted at the company level.
ISS instituted a new board gender diversity policy that goes into effect in the 2020 proxy season. For companies in the Russell 3000 or S&P 1500 indices, effective for meetings on or after February 1, 2020, ISS will generally vote against or withhold from the chair of the nominating committee (or other directors on a case-by-case basis) at companies where there are no women on the company’s board. Mitigating factors include: (i) until February 1, 2021, a firm commitment, as stated in the proxy statement, to appoint at least one woman to the board within a year; (ii) the presence of a woman on the board at the preceding annual meeting and a firm commitment to appoint at least one woman to the board within a year; or (iii) other relevant factors as applicable. A “firm commitment” is considered to be a plan, with measurable goals, outlining the way in which the board will achieve gender diversity. ISS notes that, going forward, having board gender diversity the previous year but not in the current year will not alone prevent the withhold/against recommendations; rather, the company will need to acknowledge the current lack of a gender-diverse board and provide a firm commitment to re-achieving board gender diversity by the following year. Further, a number of institutional investor voting policies have incorporated board diversity into their voting guidelines. For example, Blackrock may vote against directors if less than two women serve on the company’s board, and State Street may vote against directors if there are no women serving on the company’s board.
New York City Comptroller Scott M. Stringer announced the “Boardroom Accountability Project 3.0” in 2019. The Comptroller is the investment advisor to, and custodian and a trustee of, the New York City Retirement Systems, which have more than $200 billion in assets under management. The Comptroller has asked the boards of directors of 56 S&P 500 companies to adopt a diversity search policy requiringthat the initial lists of candidates from which new director nominees and chief executive officers are chosen include qualified female and racially/ethnically diverse candidates and that director searches include candidates from non-traditional environments such as government, academic, or non-profit organizations in order to broaden the pool of candidates considered. The Comptroller also indicates that the policy should provide that any third-party consultant asked to conduct a director or CEO search will be required to follow the policy.
In September 2018, California enacted a law that requires that public companies (defined as corporations listed on major U.S. stock exchanges) that have principal executive offices located in California must include a “representative number” of women on their boards of directors. Under the law, each public company was required to have a minimum of one woman on its board of directors by the close of 2019. That minimum increases to two by December 31, 2021, if the corporation has five directors, and to three women directors, if the corporation has six or more directors. Section 301.3(c) of the California Corporations Code required the Secretary’s office to publish on its website a report documenting the number of domestic and foreign corporations whose principal executive offices, according to the corporation’s SEC filings, are located in California and who have at least one female director. Subsection (d) of Section 301.3 requires that another report be posted on March 1, 2020, and annually thereafter, which updates that information and also reports the number of publicly held corporations that moved their U.S. headquarters to or from California during the last year and the number of publicly held corporations that were subject to the requirements during the preceding year but were no longer publicly traded. The law also authorizes the imposition of fines for violations of the new law and authorizes the Secretary to adopt implementing regulations. Lawsuits have been filed that challenge the California law. Certain other states have adopted disclosure requirements regarding gender diversity on boards or are considering such measures.
SEC Disclosure Considerations
The SEC’s disclosure rules require disclosure of whether and, if so, how the nominating committee considers diversity in identifying director nominees. Further, if the nominating committee or the board has a policy with regard to the consideration of diversity in identifying director nominees, then disclosure is required of how the policy is implemented and monitored for effectiveness. In particular, Item 407(c)(2)(vi) of Regulation S-K requires disclosure of “whether, and if so how, the nominating committee (or the board) considers diversity in identifying nominees for director. If the nominating committee (or the board) has a policy with regard to the consideration of diversity in identifying director nominees, describe how this policy is implemented.” In adopting this new requirement, the SEC has not defined the term “diversity,” leaving it to each company to define diversity in the way that the company deems appropriate. The SEC noted that some companies may define diversity to include “differences of viewpoint, professional experience, education, skill, and other qualities or attributes that contribute to board heterogeneity,” while other companies may define diversity to include race, gender, and national origin.
After the rules became effective, some companies expressly disclaimed any policy on diversity, but the Staff consistently raised a comment requesting the “policy” disclosure whenever diversity is mentioned in a filing. In many cases, companies have addressed diversity in the context of the director qualifications considered in the nomination process, and, even if the word “diversity” is not used directly, but the disclosure implies the consideration of a broad range of skills and qualifications, the Staff will raise a comment asking for the complete diversity disclosure. As a result, the Staff’s interpretation contemplates the policy disclosure whenever diversity (however defined) is considered, even if no such policy is actually articulated in writing. The additional disclosure required once it is determined that a diversity “policy” exists involves discussing how the policy has been implemented (i.e., through the nominating committee process) and how it is monitored (i.e., typically through the annual committee and/or board self-evaluation process).
In January 2016, former SEC Chair Mary Jo White asked the Staff in the Division of Corporation Finance to review board diversity disclosures and formulate recommendations for the Commission. At around the same time, a GAO report requested by Rep. Carolyn Maloney (D-NY) called for increased public disclosure requirements as one of several approaches toward increasing board gender diversity, and Rep. Maloney asked former Chair White to pursue a rulemaking to require expanded disclosure concerning a director nominee’s gender, race, and ethnicity. In response to the former Chair’s request, the Staff reviewed the state of disclosure under Item 407(c)(2)(vi) and generally has observed that it is less clear from the disclosures reviewed how companies have considered diversity. No rule changes have been proposed to date.
In 2019, the Staff issued new Regulation S-K Compliance and Disclosure Interpretations that relate to diversity disclosure. These interpretations apply to both Item 401 of Regulation S-K and Item 407 of Regulation S-K. The question in the interpretation asks what type of disclosure is required under Item 401 and Item 407 of Regulation S-K where directors or nominees have voluntarily provided “self-identified specific diversity characteristics, such as their race, gender, ethnicity, religion, nationality, disability, sexual orientation, or cultural background,” and consented to disclosure of these diversity characteristics. Item 401(e) of Regulation S-K requires the company to “briefly discuss the specific experience, qualifications, attributes or skills that led to the conclusion that the person should serve as a director for the registrant at the time that the disclosure is made, in light of the registrant’s business and structure.” Pursuant to the Staff’s guidance, to the extent those self-identified diversity characteristics were considered by the board or nominating committee in assessing whether the person’s “experience, qualifications, attributes or skills” were appropriate for the board, the Staff expects the discussion required by Item 401 of Regulation S-K to include, among other things, “identifying those characteristics and how they were considered.” The Staff expects the description of diversity policies under Item 407 to “include a discussion of how the company considers the self-identified diversity attributes of nominees as well as any other qualifications its diversity policy takes into account, such as diverse work experiences, military service, or socio-economic or demographic characteristics.”
On December 13, 2017, the Delaware Supreme Court issued an opinion in In re Investors Bancorp Stockholder Litigation, stating that the decision to grant compensatory awards to directors was not entitled to the protection of the business judgment rule at the pleading stage if the plaintiff properly alleged that discretion was inequitably exercised, even if an award fell within a shareholder-approved limit.
In Stein v. Blankfein, the Delaware Court of Chancery issued one of its first opinions addressing director compensation following the Delaware Supreme Court’s ruling in Investors Bancorp. Applying Investors Bancorp, the court declined to dismiss a challenge to discretionary director awards but dismissed related disclosure claims, including those seeking to invalidate past equity grants. These decisions have caused companies to look at how they can reduce the risk of director compensation litigation. In response to concerns about director compensation lawsuits, companies have taken steps such as the following:
- establishing or retaining meaningful limits on director compensation in incentive compensation plans;
- ensuring there is a rigorous process in place for establishing director compensation and providing enhanced proxy statement disclosures about that process;
- reviewing peer company practices when making compensation decisions; and
- establishing a formula-based approach to compensation for directors.
Overboarding remains a significant area of focus for institutional investors and proxy advisors. In September 2019, ISS released the findings of its 2019 Global Benchmark Policy Survey. On the topic of overboarding, investors and non-investors diverged on the question of how to measure the concept of “overboarding.” With regard to investor respondents, 42% selected four public company boards as the appropriate maximum limit for non-executive directors, and 45% of investor respondents indicated that two total board seats is an appropriate maximum limit for CEOs. With regard to non-investor respondents, 39% responded that a general board seat limit should not be applied to non-executive directors, and 36% indicated that a general board seat limit should not be applied to CEOs, noting that instead each board should consider what is appropriate and act accordingly.
During the 2019 proxy season, asset managers, such as Vanguard, BlackRock, and LGIM, revised their voting guidelines to apply stricter criteria for determining if a director is overboarded, and more directors serving on multiple public company boards faced significant opposition, contributing to the highest level of director opposition since 2011. The Council of Institutional Investors’ corporate governance policies provide as follows: (i) absent unusual, specified circumstances, directors with full-time jobs should not serve on more than two other boards (in addition to their own board); (ii) currently serving CEOs should not serve as a director of more than one other company, and then only if the CEO’s own company is in the top half of its peer group; and (iii) no other director should serve on more than five for-profit company boards.
Given the focus on overboarding during the 2020 proxy season, companies may want to consider disclosing in their own proxy statements any announced plans by directors to leave other boards when those directors may be the target of “against” or “withhold” votes arising out of perceived overboarding issues.
Proxy Advisory Firm Updates for the 2020 Proxy Season
At the end of 2019, ISS and Glass, Lewis & Co. (“Glass Lewis”) updated their U.S. proxy voting guidelines that will be used in formulating voting recommendations for the 2020 proxy season. Below is a discussion of certain changes that are relevant for the 2020 proxy season.
Problematic Governance Provisions in Newly Public Companies. While ISS had previously folded multi-class share structures into examples of problematic governance provisions within its policies, in its 2020 update, ISS created a separate policy to address problematic capital structures of newly public companies, given the prevalence of this feature in newly listed companies in the US. The new framework for multi-class share structures incorporates a framework for addressing “reasonable” sunset requirements: “[I]n assessing the reasonableness of a time-based sunset provision, consideration will be given to the company’s lifespan, its post-IPO ownership structure and the board’s disclosed rationale for the sunset period selected. No sunset period of more than seven years from the date of the IPO will be considered to be reasonable.”
With respect to the now stand-alone policy regarding problematic governance provisions, ISS narrowed the focus of the policy to certain highly problematic governance structures, deleting some factors to be considered such as “the level of impairment of shareholders’ rights,” “the ability to change the governance structure,” and “the ability of shareholders to hold directors accountable through annual director elections.”
Electing “New Nominees” Following a Problematic Governance Provision. ISS adopted a new policy regarding its support for the election of “new nominees” for director following a problematic governance provision. While ISS had previously defined a “new nominee” as an individual who had not already been elected by shareholders and who joined the board after a problematic governance provision occurred, ISS has adopted a broader definition of “new nominee,” such that any individual being presented for election by shareholders for the first time is a new nominee. According to this broader definition, a “new nominee” may be an individual who has served on the board of a company prior to its IPO or was appointed to a classified board and is coming up for election by shareholders.
Share Repurchase Programs. ISS policy is to “[v]ote for management proposals to institute open-market share repurchase plans in which all shareholders may participate on equal terms.” In its 2020 update, ISS codified its existing policy application and expanded its guidance to vote for management proposals that grant the board authority to make open-market repurchases, as long as there are no company-specific concerns, including greenmail, the use of buybacks to inappropriately manipulate incentive compensation metrics, or threats to the company’s long-term viability. In addition, ISS expanded its policy to address proposals to repurchase shares directly from particular shareholders, noting that it will vote case-by-case on such proposals based on its balance of the stated rationale against the possibility for the repurchase authority to be misused.
Shareholder Proposals on Independent Board Chairs. ISS policy is to “[g]enerally vote for shareholder proposals requiring that the board chair’s position be filled by an independent director” taking into account a variety of relevant factors that it will take into consideration in making its voting decision. In its 2020 update, ISS explicitly added the following list of factors to its policy that “will increase the likelihood of a ‘for’ recommendation”:
- a majority non-independent board and/or the presence of non-independent directors on key board committees;
- a weak or poorly defined lead independent director role that fails to serve as an appropriate counterbalance to a combined CEO/chair role;
- the presence of an executive or non-independent chair in addition to the CEO, a recent recombination of the role of CEO and chair, and/or departure from a structure with an independent chair;
- evidence that the board has failed to oversee and address material risks facing the company;
- a material governance failure, particularly if the board has failed to adequately respond to shareholder concerns or if the board has materially diminished shareholder rights; or
- evidence that the board has failed to intervene when management’s interests are contrary to shareholders’ interests.
Key Committee Performance and Disclosure. In its 2020 update, Glass Lewis codified additional factors that it will consider when evaluating the performance of a company’s key committees. With respect to audit committee members, Glass Lewis will now generally recommend voting against the audit committee chair when fees paid to a company’s external auditor are not disclosed, as this omission prevents shareholders from making an informed judgment on the external auditor’s independence. With respect to nominating and governance committee members, Glass Lewis will now generally recommend voting against the nominating and governance committee chair when a company does not disclose a directors’ records for board and committee meeting attendance, or when a company indicates that a director attended less than 75% of board and committee meetings, but it is unclear from the disclosure which director had such attendance. With respect to compensation committee members, Glass Lewis will now generally recommend voting against the compensation committee members when a company adopts a frequency for its shareholder advisory vote on executive compensation that is not in line with the results from a plurality of shareholders voting on this topic pursuant to Exchange Act Rule 14a-21(b).
Exclusive Forum Provisions. In its 2020 update, Glass Lewis indicated that, while it believes that governance provisions limiting choice of venue are not in shareholders’ best interests, it may not recommend voting against the nominating and governance committee chair where the company shows: (i) a compelling argument on why the exclusive forum provision directly benefits shareholders; (ii) evidence of abuse of legal process in other jurisdictions, such as frivolous and opportunistic lawsuits; (iii) the provision is narrowly tailored to the risks involved; and (iv) the company otherwise has good corporate governance practices. Glass Lewis noted another exception to its policy may exist if a reasonable sunset provision is included in a company’s forum selection clause.
Excluded Shareholder Proposals. In its 2020 update, Glass Lewis indicated that it will now generally recommend voting against nominating and governance committee members if a company omits a shareholder proposal in any instance other than where the Staff has explicitly concurred with a company’s argument that a proposal should be omitted pursuant to Rule 14a-8. For example, Glass Lewis may recommend voting against such board members if the SEC has declined to take a view regarding the omission of a shareholder proposal, but the company determined to exclude the proposal from its proxy materials regardless.
In addition, in light of the Staff’s September 6, 2019 announcement that the Staff may respond orally instead of in writing to some no-action requests regarding shareholder proposals. Glass Lewis indicated in its 2020 guidance update that it will generally recommend voting against nominating and governance committee members if companies do not include a shareholder proposal in their proxy materials and fail to provide any disclosure regarding the SEC’s no-action relief of such shareholder proposal.
Supermajority Vote Provisions. In its 2020 update, Glass Lewis codified existing policy application by requesting that companies eliminate any supermajority voting standard and will generally recommend voting against such proposals presented to shareholders of controlled companies.
Gender Pay Equity. In its 2020 update, Glass Lewis indicated that it will review, on a case-by-case basis, any proposal requesting that companies provide more disclosure on the steps they are taking to ensure equal pay for women and men. Similarly, Glass Lewis indicated that it will review, on a case-by-case basis, any proposal requesting that companies disclose their median gender pay ratios. Glass Lewis will generally recommend voting against these resolutions where companies have disclosed their diversity initiatives and how the company ensures that their female and male employees are paid the same for equal work.
Contractual Payments and Arrangements. In its 2020 update, Glass Lewis clarified its views towards contractual payments to executives, in the forms of sign-on agreements and severance agreements. With respect to sign-on agreements, Glass Lewis believes that such arrangements may be appropriate based on the executive’s target compensation or the sums paid to other executives, including the executive’s predecessor in the role. Whenever a company has entered into a sign-on arrangement, Glass Lewis believes that disclosure of such arrangement should be accompanied by information regarding how the amounts were determined.
With respect to severance payments, Glass Lewis is of the view that any amounts paid out to an executive should be consistent with predetermined payouts, absent few circumstances that may make deviations from predetermined payouts appropriate. In observing that market practice for severance payments is three times an executive’s base salary, or less, Glass Lewis indicated that severance payments should not exceed market practice.
Glass Lewis also discussed executive “entitlements,” which may result in a negative recommendation from Glass Lewis in the following circumstances:
- excessively broad change in control triggers, which may lead to compensation even if there has been no meaningful change in position or duties;
- inappropriate severance entitlements;
- inadequately explained or excessive sign-on arrangements;
- guaranteed bonuses (especially as a multi-year occurrence); and
- failure to address any concerning practices in amended employment agreements.
In the view of Glass Lewis, such circumstances, among others, may “incentivize behaviors that are not in a company’s best interest.”
Company Responsiveness. If a company experiences shareholder opposition (20% or greater) to the advisory vote on executive compensation, Glass Lewis believes that companies should provide “robust disclosure” to shareholders regarding engagement efforts, and specific changes being made in response to investor feedback. If a company does not provide such disclosure to shareholders, Glass Lewis may recommend voting against the next say-on-pay advisory proposal, or recommend a vote against compensation committee members.
In August 2019, the Business Roundtable released a “Statement on the Purpose of a Corporation,” which was signed by 181 CEOs who committed to lead their companies for the benefit of all stakeholders, rather than solely seek to maximize shareholder value. The Statement indicates that the signatories are committed to:
- delivering value to customers;
- investing in employees;
- dealing fairly and ethically with suppliers;
- supporting communities; and
- generating long-term value for shareholders.
The statement has generated a considerable amount of discussion, as boards of directors of public companies consider the extent to which this revised statement should influence changes in the approach to governance and management of the corporation.
In a recent letter to clients, BlackRock announced a number of initiatives to place sustainability at the center of its investment approach, including:
- making sustainability integral to portfolio construction and risk management;
- exiting investments that present a high sustainability-related risk, such as thermal coal producers;
- launching new investment products that screen fossil fuels; and
- strengthening its commitment to sustainability and transparency in investment stewardship activities.
In an open letter to other CEOs, BlackRock CEO Larry Fink advocates for use of Sustainability Accounting Standards Board reporting standards and adopting the Task Force on Climate-related Financial Disclosures framework for climate-related risks.
An increased focus on disclosures concerning ESG matters has prompted companies to consider how and to what extent to address ESG matters and sustainability in SEC reports and proxy statements. Increasingly, proxy statements are including more discussion of ESG and sustainability matters as a means to provide investors with focused information that supplements broader efforts to address these issues through sustainability reports and other investor communications and to facilitate engagement with investors on these issues.