Recent headlines focusing on cyber security breaches at major retailers such as Neiman Marcus has refocused attention on the SEC's October 13, 2011 CF Disclosure Guidance. The guidance provides the Division of Corporation Finance's views regarding disclosure obligations relating to cybersecurity risks and cyber incidents. Although no existing SEC disclosure requirement explicitly refers to cybersecurity risks and cyber incidents, a number of disclosure requirements may impose an obligation on registrants to disclose such risks and incidents. In addition, material information regarding cybersecurity risks and cyber incidents is required to be disclosed when necessary in order to make other required disclosures, in light of the circumstances under which they are made, not misleading. Therefore, as with other operational and financial risks, registrants should review, on an ongoing basis, the adequacy of their disclosure relating to cybersecurity risks and cyber incidents.
Fiduciary duty remains a hot topic in Delaware courts. The Race to the Bottom discussed a recent Delaware federal court ruling that remanded to state court an action alleging that Zynga breached its fiduciary duties during its initial public offering. Although the defendants tried to remove the case to federal court, that court remanded the matter to state court because, it found, the nature of the claim involved corporate duties, not corporate securities.
In a separate post, the Race to the Bottom discussed bundling shareholder proposals.
The Harvard Law School Forum on Corporate Governance and Financial Regulation synopsized a paper authored by London Business School professor Alex Edmans entitled "Blockholders and Corporate Governance." The paper studies the different channels through which blockholders engage in corporate governance and the challenges each channel presents.