SEC Observations from Recent Cybersecurity Examinations Identify Best Practices

The SEC continues to focus on cybersecurity as an area of concern within the investment management industry.

On August 7, the US Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert summarizing its observations from a recent cybersecurity-related examination of 75 firms—including broker-dealers, investment advisers, and investment companies (“funds”) registered with the SEC.

The SEC staff has made it clear that cybersecurity remains a high priority and is likely to be an area of continued scrutiny with the potential for enforcement actions. During a recent interview,[1] the SEC’s co-directors of Enforcement, Stephanie Avakian and Steven Peikin, stated their belief that “[t]he greatest threat to our markets right now is the cyber threat.” This pronouncement follows on the heels of OCIE’s identification of cybersecurity as one of its examination priorities for 2017,[2] OCIE’s release of a Risk Alert on the “WannaCry” ransomware virus,[3] and several significant Regulation S-P enforcement actions involving firms that failed to adequately protect customer information.[4]

This LawFlash details OCIE’s observations from its recent cybersecurity-related examination that were discussed in its Risk Alert.

OCIE’s Examination Identifies Common Issues

OCIE staff observed common issues in a majority of the firms and funds subject to examination. These common issues include the following:

  • Failure to reasonably tailor policies and procedures. Specifically, the examination found issues with policies and procedures that

    • incorporated only general guidance;

    • identified limited examples of safeguards for employees to consider; and

    • did not articulate specific procedures to implement policies.

  • Failure to adhere to or enforce policies and procedures. In some cases, policies and procedures were confusing or did not reflect a firm’s actual practices, including in the following areas:

    • Annual customer protection reviews not actually conducted on an annual basis

    • Policies providing for ongoing reviews to determine whether supplemental security protocols were appropriate performed only annually, or not at all

    • Policies and procedures creating contradictory or confusing instructions for employees[5]

    • Firms not appearing to adequately ensure that cybersecurity awareness training was provided and/or failing to take action where employees did not complete required cybersecurity training

  • Regulation S-P issues among firms that did not appear to adequately conduct system maintenance. Because Regulation S-P was enacted to safeguard the privacy of customer information, OCIE observed that issues arose where firms failed to install software patches to address security vulnerabilities and other operational safeguards to protect customer records and information.

  • Failure to fully remediate some of the high-risk observations that firms discovered when they conducted penetration tests and vulnerability scans.

Cyber Best Practices and Other Observations

OCIE identified elements of what it viewed as “robust” cybersecurity policies and procedures from its examinations. Such elements should be considered as best practices and instructive for broker-dealers, investment advisers, and funds in implementing, assessing, and/or enhancing existing cybersecurity-related policies and procedures. Such elements are as follows:

  • Maintenance of data, information, and vendor inventory, including risk classifications

  • Detailed cybersecurity-related instructions, including instructions related to penetration tests, access rights, and reporting guidelines for lost, stolen, or unintentionally disclosed sensitive information

  • Maintenance of prescriptive schedules and processes for testing data integrity and vulnerabilities, including patch management policies

  • Access controls for data and systems

  • Mandatory employee training upon onboarding and periodically thereafter

  • Engaged senior management

OCIE staff noted an overall improvement in firms’ awareness of cyber-­related risks and the implementation of certain cybersecurity practices since its previous Cybersecurity 1 Initiative.[6] Most notably, all broker-dealers, all funds, and nearly all investment advisers in the more recent examinations maintain written policies and procedures related to cybersecurity that address the protection of customer/shareholder records and information. This finding is in contrast to the Cybersecurity 1 Initiative, where OCIE found that comparatively fewer broker-dealers and investment advisers had adopted this type of written policies and procedures.

OCIE staff also noted the following:

  • Nearly all broker-dealers and many investment advisers and funds conducted periodic risk assessments, penetration tests, and vulnerability scans.

  • All broker-dealers and nearly all investment advisers and funds had a process in place for ensuring regular system maintenance.

  • All firms utilized some form of system, utility, or tool to prevent, detect, and monitor data loss as it relates to personally identifiable information.

  • All broker-dealers and a majority of investment advisers and funds maintained cybersecurity organizational charts and/or identified and described cybersecurity roles and responsibilities for the firms’ workforces.

  • Almost all firms either conducted vendor risk assessments or required that vendors provide the firms with risk management and performance reports (i.e., internal and/or external audit reports) and security reviews or certification reports.

  • Information protection programs at the firms typically included relevant cyber-related policies and procedures as well as incident response plans.

Key Takeaways

SEC-registered broker-dealers, investment advisers, and funds should evaluate their policies and procedures to determine whether there are gaps or areas that could be improved based on OCIE’s articulation of best practices. Firms and funds should further evaluate their policies and procedures to ensure that they reflect actual practices and are reasonably tailored to the particular firm’s business. As OCIE notes, effective cybersecurity requires a tailored and risk-based approach to safeguard information and systems.[7]

This post was written by Mark L. Krotoski,  Merri Jo Gillette , Sarah V. Riddell Martin Hirschprung and  Jennifer L. Klass of Morgan, Lewis & Bockius LLP.

Read more legal analysis at The National Law Review.


[1] Sarah Lynch, Exclusive: New SEC Enforcement Chiefs See Cyber Crime as Biggest Market Threat, Reuters.com (Jun. 8, 2017).

[2] OCIE, Examination Priorities for 2017 (Jan. 12, 2017).

[3] National Exam Program Risk Alert, Cybersecurity: Ransomware Alert (May 17, 2017).

[4] In re Morgan Stanley Smith Barney LLC, Exchange Act Release No. 78021, Advisers Act Release No. 4415 (Jun. 8, 2016); In re R.T. Jones Capital Equities Management Inc., Advisers Act Release No. 4204 (Sept. 22, 2015); and In re Craig Scott Capital LLC, Exchange Act Release No. 77595 (Apr. 12, 2016).

[5] OCIE provides an example of confusing policies regarding remote customer access that appeared to be inconsistent with those for investor fund transfers, making it unclear to employees whether certain activity was permissible based on the policies.

[6] See, e.g., OCIE Cybersecurity Initiative (Apr. 15, 2014); see also National Exam Program Risk Alert, Cybersecurity Examination Sweep Summary (Feb. 3, 2015).

[7] For example, the National Institute of Standards and Technology Cybersecurity Framework 1.0 (Feb. 12, 2014) provides a useful flexible approach to assess and manage cybersecurity risk.

Using “Finders” to Find Capital: Avoiding Problems for Your Company

Raising money for your startup can be hard. Not every entrepreneur can walk into Silicon Valley with a business idea and walk out with multiple VC term sheets in hand. Sometimes the only path to financing your startup is through the hard work of pitching and cobbling together a group of angels and other individual investors. But that path takes time and can be frustrating. Potential investors may hesitate to commit or, even worse, give you the dreaded “you’re-too-early-for-us” response. The offer from a “finder” to introduce you to investors with cash sounds attractive. Why not, right? What’s the downside?

You can use a finder if their role is limited and their compensation is structured properly. But you can cause major problems for yourself and the finder if they’re too involved and paid commissions on the money raised. These are activities that only registered broker-dealers (persons or firms engaged in the business of buying and selling securities for themselves or others) can engage in. If your company uses a finder acting as a broker-dealer, you might find your fundraising round unraveling, and your finder might find themselves in trouble with the Securities and Exchange Commission (SEC).

A “true” finder

A “true” finder can be OK if they limit their role to making introductions, receive a flat or hourly consulting fee that is not contingent on the success of the offering, and avoid any active role in negotiating and completing the investment. Finders acting in this very limited capacity are not considered broker-dealers. As a result, true finders are largely unregulated under the securities laws and need not be registered with the state or federal government as broker-dealers. This area is murky, however, because there are not clear regulations and the rules of the road have been developed in court cases and case-by-case “no-action” letters from the SEC.

The real problem is that many finders do not limit their activities to mere introductions. These finders end up assisting in structuring and negotiating the offering, providing advice regarding the offering and investment, and even encouraging and inducing investors to invest. These activities make them a “broker” under the securities laws, and federal and state governments require that brokers be registered. Often the finder is not registered as a broker.

Finders also prefer success-based compensation, calculated as a percentage of the funds raised by the company, and companies prefer to pay finders only if and when they’re successful in helping to raise capital. Both courts and the SEC, however, take the position that such success-based compensation (also referred to as transaction-based compensation) is the telltale factor indicating whether a finder is acting as an unregistered broker-dealer.

So, what’s the risk?

For the company, using an unregistered broker-dealer to assist with an offering could create a rescission right in favor of the investors. If investors succeed in rescinding their investments, the company must return their money. For the finder acting as an unregistered broker-dealer, they could be subject to severe SEC sanctions and the company could void the finder’s engagement agreement, requiring return of the finder’s compensation. Moreover, even if a finder’s activities and compensation are perfectly legal, the relationship alone can still give rise to problems for the company. Any financial relationship with a finder must be disclosed to investors and listed on the company’s Form D filed with the SEC and state securities departments. Disclosure of such a relationship, again, even if perfectly legal, may nevertheless prompt some states to initiate an investigation.

The situation in Michigan, however, is even murkier. In the recent case Pransky v. Falcon Group, the Michigan Court of Appeals held that a “finder” as defined in the Michigan Uniform Securities Act, was not required to be registered with and regulated by the State of Michigan, even where the company agreed to pay success-based compensation. Michigan companies and finders, however, should not take the opinion as a green light to engage in a finder relationship, structured with success-based compensation, without fear of regulatory oversight. The trial court initially dismissed the case on summary judgment, and as a result there was no evidence in the record of whether or not the finder’s activities went beyond mere introductions. In addition, some commentators have criticized the court’s decision. Perhaps sensing such impending criticism, the Court of Appeals, in a footnote, cautioned that the “better course of action would be for finders acting pursuant to similar contracts to protect themselves by registering, at the very least, as broker-dealers; the line between a finder’s activities and that of a broker-dealer…is a thin one and persons acting under such contracts without being registered are inviting litigation.”

The bottom line

Using finders for raising capital is not the easy solution it appears to be at first glance. Worse yet, it can lead to significant problems. As the saying goes, nothing worth having is easy. If you don’t have a VC-backable business, you may have an even harder time raising capital than most. Regardless, when it comes to raising money for your startup, be your own “finder”. Network, hustle, and tell your story. No one is more effective than you at explaining your business and the investment opportunity.

For more legal analysis check out the National Law Review.

This post was written by Matthew W. Bower of  Varnum LLP.

Chairman Clayton Outlines His “Guiding Principles” for SEC

In remarks to the Economic Club of New York on July 12, 2017, SEC Chairman Jay Clayton outlined eight guiding principles for his chairmanship and identified certain areas in which such principles could be put into practice.  Chairman Clayton’s remarks – his first public speech as SEC Chairman – indicated his interest in, among other things, creating a Fixed Income Market Structure Advisory Committee to give advice to the SEC on regulatory issues impacting fixed income markets and coordinating with the U.S. Department of Labor (DoL) to bring “clarity and consistency” to the issue of standards of conduct for investment professionals, noting the DoL’s Fiduciary Rule is now partially in effect.

Guiding Principles

Clayton stated that the following principles will guide his SEC chairmanship:

• Principle 1: “The SEC’s mission is our touchstone.” Chairman Clayton stated that each tenet of the SEC’s three-part mission – (1) to protect investors, (2) to maintain fair, orderly, and efficient markets, and (3) to facilitate capital formation – is critical.

• Principle 2: “Our analysis starts and ends with the long-term interests of the Main Street investor.”  According to the Chairman, an assessment of whether the SEC is abiding by its threepart mission must focus on the impact of its actions on “Mr. and Ms. 401(k)” and whether the SEC’s actions further the long-term interests of such investors.

• Principle 3: “The SEC’s historic approach to regulation is sound.” The SEC’s regulatory approach, focusing on disclosure and materiality, and using the SEC’s “extensive enforcement capabilities” as a “back-stop” to disclosure rules and oversight systems, is sound. In expressing his support for disclosure-based rules, Clayton asserted that informed decision-making by investors supports more accurate valuations of securities and more efficient allocation of capital.  As to the “back-stop,” the anti-fraud regime established by Congress and the SEC, Clayton noted the government’s “extensive enforcement capabilities on those who try to circumvent established investor protections or otherwise engage in deceptive or manipulative acts in the markets.”  Taking the foregoing into account, Chairman Clayton maintained that “wholesale changes” to the SEC’s fundamental regulatory approach would “not make sense.”

• Principle 4: “Regulatory actions drive change, and change can have lasting effects.”  Although Chairman Clayton endorsed the disclosure-based regime of the SEC, he cautioned that the incremental impact of regulatory changes to this regime has included a significantly expanded scope of required disclosures “beyond the core concept of materiality.”  He cited increased disclosure as among the factors that may make alternatives for raising capital increasingly attractive for small and medium-sized companies.  Chairman Clayton added that fewer small and mediumsized public companies may mean less liquid trading markets for those that remain public and, to the extent companies are not raising capital in public markets,  “the vast majority of Main Street investors will be unable to participate in their growth.”

• Principle 5: “As markets evolve, so must the SEC.”  Noting that technology and innovation are changing the way markets work and investors transact, Chairman Clayton stated that the SEC must take this “dynamic atmosphere” into account and “strive to ensure that our rules and operations reflect the realities of our capital markets.”   Further to this point, Clayton remarked that the evolution of capital markets presents opportunities for regulatory improvements and efficiencies and noted that the SEC is “adapting machine learning and artificial intelligence to new functions, such as analyzing regulatory filings.” Chairman Clayton cautioned, however, that implementing regulatory change has costs, including the “significant resources” spent by companies to build compliance systems.

• Principle 6: “Effective rulemaking does not end with rule adoption.”  Chairman Clayton stated that the SEC should review its rules “retrospectively,” and listen to investors and others as to areas in which rules are, or are not, functioning as intended.

• Principle 7: “The costs of a rule now often include the cost of demonstrating compliance.”  Chairman Clayton noted that the SEC must ensure that, at the time of adoption, the SEC has a “realistic version for how rules will be implemented,” as well as how the SEC will examine for compliance.  In this regard, according to Clayton, “[v]aguely worded rules can too easily lead to subpar compliance solutions or an overinvestment in control systems.”

• Principle 8: “Coordination is key.”  According to Chairman Clayton, coordination with, between, and among all of the various U.S. federal regulatory bodies, state securities regulators, selfregulatory organizations  and various other regulatory players “is essential to a well-functioning regulatory environment.”  To illustrate his point, Clayton cited the dual regulatory structure for over the-counter derivatives called for by the Dodd-Frank Act and working with the CFTC in this respect.  Chairman Clayton noted that cybersecurity is also an area where coordination is critical, adding that the SEC is working with “fellow financial regulators to improve our ability to receive critical information and alerts and react to cyber threats.”

Fixed Income Markets

In a portion of his remarks titled, “Putting Principles into Practice,” Chairman Clayton observed that the “time is right for the SEC to broaden its review of market structure to include specifically the efficiency, transparency, and effectiveness of our fixed income markets.”  The SEC, according to Clayton, must explore whether fixed income markets “are as efficient and resilient as we expect them to be, scrutinize our regulatory approach, and identify opportunities for improvement.”  In this connection, Chairman Clayton stated that he has asked the SEC staff to develop a plan for creating a Fixed Income Market Structure Advisory Committee.

Fiduciary Rule

Chairman Clayton also touched upon the DoL’s Fiduciary Rule, noting that he recently issued a statement seeking public input on standards of conduct for investment advisers and broker-dealers.  Chairman Clayton expressed hope that the SEC can “act in concert with our colleagues at the [DoL] in a way that best serves the long-term interests of Mr. and Ms. 401(k).”  He also noted that “any action will need to be carefully constructed, so that it provides appropriate and meaningful protections but does not result in Main Street investors being deprived of affordable investment advice or products.”

The transcript of Chairman Clayton’s remarks is available at: https://www.sec.gov/news/speech/remarks-economicclub-new-york.

Read more SEC news at the National Law Review.

This post was by the Investment Services Group of Vedder Price

U.S. Supreme Court Rules That An SEC Enforcement Claim For Disgorgement Is Subject To A Five-Year Statute Of Limitations

Today, the U.S. Supreme Court unanimously held that any claim for disgorgement in an SEC enforcement action must be commenced within five years of the date the claim accrued. The decision in Kokesh v. SEC, No. 16-529, resolved a split among Courts of Appeals whether the statute of limitations that applies to SEC enforcement actions seeking a penalty or forfeiture (28 U.S.C. § 2462) applies when disgorgement is sought. The Court had earlier applied that statute of limitations to claims by the SEC seeking a civil monetary penalty, and held that the limitations period begins to run when the violation occurs, not when it is discovered by the government. Gabelli v. SEC, 568 U.S. 442 (2013).

Supreme Court SCOTUS Class-Action WaiverThe five-year statute of limitations applies to “an action, suit or proceeding for the enforcement of any civil fine, penalty, or forfeiture.” The Court held that the imposition of disgorgement in an SEC enforcement action is a “penalty,” thus subject to the five-year limitations period. In reaching that conclusion, the Court noted that disgorgement is imposed as a consequence of violation of a public law, not because some individual was aggrieved. Another element of the Court’s reasoning was that when disgorgement is ordered in an enforcement action the remedy is not compensatory. Instead, disgorged profits are paid to the court, and it is within the discretion of the court to determine how and to whom the money will be distributed.

Perhaps most important among the Court’s rationales, the primary purpose of disgorgement ordered in an enforcement action is deterrence, and sanctions imposed to deter infractions of public laws are “inherently punitive.” The Court noted that the amount paid is often greater than the defendant’s gain so that the defendant is not, in all cases, merely restored to the status it would have occupied had it not broken the law.

The oral argument in the case included considerable colloquy on the source of a court’s power to order disgorgement in an SEC enforcement action. In its decision the Court stated, “Nothing in this opinion should be interpreted as an opinion on whether courts possess authority to order disgorgement in SEC enforcement proceedings . . . .” (Slip Op., p. 5, n. 3)

The obvious effect of the decision will be to require the SEC to be expeditious in filing cases seeking not only civil monetary penalties but also, now, disgorgement. The Court did not address whether the remedy of an injunction, which often has collateral consequences for the defendant, or of declaratory relief is subject to this statute of limitations. The Court also did not discuss the effect a tolling agreement would have on the running of the statute.

This post was written by Allan Horwich of Schiff Hardin LLP.

New Developments and Uncertainties for Conflict Minerals Disclosure

SEC conflict mineralsThe Securities and Exchange Commission (SEC) Division of Corporate Finance issued a new statement adding some uncertainty to company obligations and enforcement exposure under the SEC conflict minerals rule ahead of the May 31, 2017 filing deadline.  The statement is one of several moving pieces in an unprecedented wave of activity on conflict minerals in recent weeks.  Companies should review these developments and their approach to meeting legal obligations imposed by the SEC’s implementation of Section 1502 of Dodd Frank, alongside the broader expectations of customers, activists and investors.

Summary of Recent Developments

Highlights of the recent developments are listed below, followed by more detailed discussions on several of these key points.

  • On April 3, 2017 the U.S. District Court for the District of Columbia entered a final judgment in the conflict minerals litigation. The judgment put an end to the litigation and remanded the SEC rule to the agency for further action consistent with a 2014 decision from the U.S. Court of Appeals for the District of Columbia Circuit (D.C. Circuit) striking down a narrow portion of the SEC rule.

  • SEC Acting Chairman Michael Piwowar released a statement on April 7, 2017 questioning whether the SEC could reconcile the D.C. Circuit’s decision with Congress’s intent in Section 1502. The Acting Chairman concluded that in light of the “regulatory uncertainties” outlined in his statement, it is “difficult to conceive of a circumstance that would counsel in favor of enforcing” paragraph (c) of Item 1.01 of Form SD (i.e., the rule’s requirements to conduct due diligence and file a Conflict Minerals Report).

  • On the same day, the SEC’s Division of Corporate Finance released a separate statement reporting that the Acting Chairman had requested the Division’s consideration of the regulatory uncertainties facing the Commission. In response, the Division declared that it “will not recommend enforcement action” to the Commission for companies that only file disclosures related to their scoping and reasonable country of origin inquiry under the provisions of paragraphs (a) and (b) of Item 1.01 of Form SD, even if they are required to conduct due diligence and file a Conflict Minerals Report pursuant to paragraph (c).  The Division also declared that the statement is “subject to any further action that may be taken by the Commission, expresses the Division’s position on enforcement action only, and does not express any legal conclusion on the rule.”

  • Earlier this year, the SEC had announced plans to reconsider the SEC rule and requested public comments on all aspects of the rule. In the April 7, 2017 statement, the Acting Chairman reported that he had instructed SEC staff to begin work on a recommendation for future Commission action to consider, among other things, the public comments received in response to the January 31, 2017 request for comment.

  • Democratic lawmakers on the Senate Banking Committee have called on the SEC’s Inspector General to investigate whether the Acting Chairman exceeded his authority in asking staff to assess whether “additional relief” from the SEC rules is appropriate.

Other developments suggest changes to the conflict minerals requirements in the SEC rule or in Section 1502 are likely in the future.

  • On March 27, 2017 the State Department issued a broad request for stakeholder input to inform “recommendations” signaling a broader inter-agency effort to consider new approaches to addressing the responsible sourcing of minerals in the region. Comments are due to the Department of State by April 28, 2017.

  • President Donald Trump may still be considering the Presidential Memorandum that was circulated in February, which would seek to waive the SEC conflict minerals rule for up to two years based on national security interests.

  • In Congress, the Senate Subcommittee on Africa and Global Health Policy held a hearing on April 5, 2017 on the effects of Section 1502 on the Democratic Republic of the Congo (DRC) and the region, increasing speculation that legislation may soon be introduced to fully or partially repeal the conflict mineral provisions of Dodd-Frank.

Beyond Dodd Frank and the SEC rule, requirements for conflict minerals due diligence and disclosure are expanding in other contexts.

  • EPEAT, a leading environmental rating system for the procurement of electronic products used by the U.S. government and other institutional purchasers, announced a new standard for mobile phones (and in the future servers) that includes mandatory criteria for due diligence and public disclosure related to conflict minerals.

  • The European Council adopted a new conflict minerals regulation on April 3, 2017 focused on EU importers of covered minerals, metals, and their ores from “high risk” and “conflict affected” areas.

More Details

SEC Rule Litigation Wraps Up

On April 3, 2017 the U.S. District Court for the District of Columbia entered a final judgment remanding the SEC rule to the agency for further action consistent with the 2014 D.C. Circuit decision, as the parties to the legal challenge of the SEC’s conflict minerals rule requested. In the 2014 decision, the D.C. Circuit had held that the portion of the rule requiring issuers to describe their products as “not found to be DRC conflict free” was compelled speech in violation of the First Amendment to the U.S. Constitution. The SEC issued a partial stay of the rule in April 2014, providing that no company is required to describe its products using the SEC descriptors “DRC conflict free,” “not found to be ‘DRC conflict free,’” or “DRC conflict undeterminable” and staying the requirement to obtain an independent private sector audit as long as companies did not describe products as “DRC conflict free” in their disclosures. After requests for rehearing were denied and the D.C. Circuit reaffirmed its decision, the case was eventually remanded to the District Court and assigned to Judge Ketanji Brown Jackson, who entered the final judgment. The practical effect of the District Court’s final judgment is that any further changes to the conflict minerals requirements stemming from the case will be left to the discretion of the SEC (unless Congress or the Administration take action first) rather than handled in the courts.

SEC Statements Following Final Judgment

In his April 7 statement following the District Court’s final judgment, the Acting Chairman questioned whether the SEC could reconcile the D.C. Circuit’s decision with Congress’s intent in Section 1502. He noted that the Commission will now be called upon to determine how to address the D.C. Circuit’s decision – including whether Congress’s intent in Section 1502 can be achieved through a descriptor that avoids the constitutional defect identified by the court – and how that determination affects overall implementation of the SEC rule. According to the Acting Chairman, because “the primary function of the extensive and costly requirements for due diligence on the source and chain of custody of conflict minerals set forth in paragraph (c) of Item 1.01 of Form SD is to enable companies to make the disclosure found to be unconstitutional,” along with other “regulatory uncertainties,” it is “difficult to conceive of a circumstance that would counsel in favor of enforcing” paragraph (c). On the same day, the SEC Division of Corporate Finance released a statement echoing the Acting Chairman’s concerns and announcing that “it will not recommend enforcement action” to the Commission for companies that conduct and report on a reasonable country of origin inquiry pursuant to paragraphs (a) and (b) of Item 1.01 of Form SD but do not go on to conduct heightened due diligence and file a Conflict Minerals Report pursuant to paragraph (c).

The legal effect of these two SEC statements is unclear. The Division’s position on enforcement is not binding on the Commission, and even though it appears that the Division and the Acting Chairman coordinated with respect to their recent statements, it is not clear that the SEC is of “one mind” with respect to conflict minerals implementation. For example, it is reported that SEC Commissioner Kara Stein commented in response to the Acting Chairman’s statement that the action “engages in de facto rulemaking” and “represents a troubling attack not only on the Commission process, but also on the restraints of government power.”  Moreover, the SEC has not modified the rule or explicitly changed its 2014 partial stay of the rule. Therefore the rule remains in effect, including, if necessary based on the results of a company’s reasonable country of origin inquiry, the requirement to conduct due diligence and file a Conflict Minerals Report as an exhibit to Form SD by May 31, 2017 pursuant to paragraph (c) of Item 1.01 of From SD. A decision by a reporting company to disregard any applicable requirements to conduct due diligence or file a Conflict Minerals Report should be very carefully considered.

In the meantime, companies should continue to monitor for potential activity in response to the SEC’s statements, which could include potential legal action by interested social justice organizations or renewed Congressional requests that the SEC Inspector General conduct an internal inquiry.

SEC Request for Comment

In January the Acting Chairman issued several statements regarding reconsideration of the conflict minerals rule. The statements, available here and here, direct staff to consider whether the 2014 guidance (i.e., the statements issued in conjunction with the partial stay of the rule’s requirements following the 2014 D.C. Circuit decision) is still appropriate and whether any additional relief is appropriate. The statement titled “Reconsideration of Conflict Minerals Rule Implementation” suggests that the current rule and general withdrawal from the region “may undermine U.S. national security interests by creating a vacuum filled by those with less benign interests.” The statements requested comments on “all aspects of the rule and guidance.” Comments were requested  within 45 days of the statements (by March 17, 2017). According to the Acting Chairman, the SEC staff has been instructed to begin work on a recommendation for future Commission action to consider, among other items, the comments received as part of the SEC’s consideration of potential changes to the rule or guidance.

State Department Seeks Recommendations

The Department of State on March 27, 2017 published a request for comments from stakeholders to inform “recommendations of how best to support responsible sourcing of tin, tantalum, tungsten and gold.” In the brief notice, the Department provides a high level overview of U.S. efforts to break the link between armed groups and minerals in the Africa Great Lakes Region. The State Department may be seeking stakeholder input on further actions that could be taken to further responsible sourcing to inform ongoing discussions within the Administration (and in Congress) on alternative approaches to the current Dodd Frank due diligence and disclosure framework. Comments are due to the Department of State by April 28, 2017.

Potential Presidential Action

A draft Presidential Memorandum circulated in early February 2017 indicates that the White House may seek to temporarily waive the requirements of the conflict minerals rule. Under the Dodd-Frank Act the SEC “shall revise or temporarily waive” the requirements of the conflict minerals rule if the President transmits to the SEC a determination that such revision or waiver is “in the national security interest of the United States and the President includes the reasons therefor;” and establishes a date within two years that the exemption expires. The draft Presidential Memorandum states that the conflict minerals rule has caused harm to some parties in the region, thereby contributing to instability in the region and threatening the national security interest of the United States. The draft Memorandum directs the SEC to temporarily waive the requirements of the conflict minerals rule for two years and directs the Secretaries of State and Treasury to propose a plan for addressing human rights violations and funding of armed groups in the Democratic Republic of the Congo or an adjoining country within 180 days of the Memorandum.

The draft Presidential Memorandum raises a number of questions without clear answers. For example, it is unclear whether or when the SEC would be required to act as directed by the Memorandum, and whether an SEC action would be subject to notice and comment rulemaking or judicial review. Also unclear is how a temporary suspension of the SEC rule would affect efforts to incorporate conflict minerals reporting obligations into public and private procurement requirements or independent certifications such as EPEAT. The Administration has not indicated whether or when it might move forward with a final memorandum.

New EPEAT Procurement Criteria

Conflict minerals due diligence is also being integrated into institutional procurement criteria for certain electronic products. EPEAT is a leading environmental rating system for electronics that a wide variety of institutional purchasers (including federal, state and some foreign governments) have incorporated into procurement requirements. The Federal Acquisition Regulation (FAR) currently requires federal agencies to procure EPEAT-registered electronic products and prescribes language that must be used in procurement contracts for goods and services. EPEAT is in the process of expanding its registry to cover two new product categories and both are expected to include new mandatory criteria on conflict minerals.

On March 24, 2017, EPEAT and Underwriters Laboratory published an EPEAT standard for mobile phones. The mobile phone standard lays out three criteria (one required, two optional) related to conflict minerals. The new standard requires manufacturers to “provide a public disclosure relevant to due diligence performed in accordance with an internationally recognized standard to determine whether the supply chain for the product contains conflict minerals necessary to the functionality or production of their products.” If a manufacturer finds that the supply chain does contain conflict minerals necessary to the functionality or production of its product, the manufacturer must prepare the “relevant disclosures related to SEC requirements under Dodd-Frank and the SEC rule or related to the OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas.”

Significantly, these requirements apply to all manufacturers registering mobile phone products under the standard, regardless of whether they are SEC registrants. There are two optional conflict minerals criteria, both relating to conflict minerals sourcing. An EPEAT server standard is also under development and, if adopted, is expected to include conflict minerals provisions.

New EU Conflict Minerals Regulation 

In early April, the European Union took the final steps to adopt a new conflict minerals regulation aimed at stopping the financing of armed groups in “high risk” and “conflict affected” areas. The Council adopted the regulation on April 3, 2017, following approval by the European Parliament in early March.

The regulation, the first version of which was introduced in March 2014, establishes an approach that is fundamentally different than that under the Dodd-Frank Act and the SEC rule. Unlike the U.S. scheme, supply chain due diligence requirements under the EU regulation do not extend to downstream users of the metals, including importers of products containing those metals, and instead focus entirely on mandatory due diligence requirements for importers of the minerals, metals, and their ores. The geographic scope of the regulation also extends to conflict-affected and high-risk areas globally, extending beyond the DRC and adjoining countries covered by Dodd-Frank and the SEC rule.

Importers will be covered by the new due diligence requirements as of January 1, 2021. The new EU requirements are likely to enhance due diligence on the sourcing of conflict minerals from the DRC and other regions. Although downstream users or importers of products containing tin, tantalum, tungsten or gold would not be subject to mandatory due diligence requirements, the Commission is expected to address conflict minerals in non-binding guidance under the EU Non-Financial Reporting Directive that will set forth the methodology and topics for disclosures by companies covered by the Directive.

© 2017 Beveridge & Diamond PC

Dodd-Frank Rollback Begins – Congress Overturns SEC’s Resource Extraction Issuer Payment Disclosure Rule

SEC resource extractionLast week, Congress utilized the Congressional Review Act (CRA) to pass a joint resolution that disapproves Rule 13q-1 adopted by the SEC,1which would have implemented the resource extraction issuer payment disclosure provisions of Section 1504 of the Dodd-Frank Wall Street Reform and Consumer Protection Act. The disapproval resolution has been sent to President Trump for his signature, which he is expected to sign.2

Under the SEC’s rule, a public company that qualified as a “resource extraction issuer” would have been required to publicly disclose in an annual report on Form SD information relating to any single “payment” or series of related “payments” made by the issuer, its subsidiaries or controlled entities of $100,000 or more during the fiscal year covered by the Form SD to a “foreign government” or the U.S. Federal government for the “commercial development of oil, natural gas, or minerals” on a “project”-by-“project” basis. Resource extraction issuers were not required to comply with the rule until their first fiscal year ending on or after September 30, 2018 and their first report on Form SD was not due until 150 days after such fiscal year end.

As a result of the disapproval resolution (assuming President Trump signs, and does not veto, the resolution), issuers that expected to be subject to the SEC’s rule can cease their compliance preparations. Under the CRA, a disapproved rule may not be reissued in substantially the same form or as a new rule that is substantially similar to the disapproved rule unless specifically authorized by a subsequently enacted law. Despite the disapproval resolution and the CRA, Dodd-Frank Section 1504’s mandate for the SEC to adopt a resource extraction disclosure rule remains intact unless and until Section 1504 is repealed. In light of the CRA’s prohibition on the reissuance of a substantially similar rule, the rule’s contested history3 and the expected reintroduction of the Financial CHOICE Act, which if enacted into law in the form introduced during the previous session of Congress would repeal Section 1504, the SEC is unlikely to commence the rulemaking process for resource extraction issuer payment disclosures for a third time.

Some public companies may still have to disclose similar payment information as required under the SEC’s rule pursuant to international resource extraction disclosure laws (for example, the EU Accounting Directive, the EU Transparency Directive and Canada’s Extractive Sector Transparency Measures Act).


1. H.J.Res.41, available at https://www.congress.gov/bill/115th-congress/house-joint-resolution/41/text.

2. The White House, Press Release, H.J. Res. 38, H.J. Res. 36, H.J. Res. 41, H.J. Res. 40, H.J. Res. 37 – Statement of Administration Policy (Feb. 1, 2017), available at https://www.whitehouse.gov/the-press-office/2017/02/01/statement-adminis….

3. For a brief discussion of the legal challenges to the rulemaking process, see our client alert dated December 17, 2015, SEC Re-Proposes Disclosure Rules for Payments by Resource Extraction Issuers.

Golden Leash Rule, Say-on-Pay, Form 10-K Summaries: Proxy Season Guide to 2017

SEC proxy seasonAs another year comes to a close, it is time for public companies to become acquainted with the securities law and business developments of the past year to position themselves for success in 2017. Below is a summary of current and anticipated changes that may impact reporting requirements and disclosure regulations for the upcoming 2017 proxy season, along with a review of the 2016 proxy season.

NEW FOR 2017

Frequency Votes for Say-on-Pay

After Jan. 21, 2011, public companies were required to hold an advisory vote regarding the frequency of which say-on-pay votes would occur, which could not be in excess of every six years. Therefore in 2017, many companies will need to include an agenda item for the frequency vote at their annual meeting. Following the vote, companies will need to include the results of the frequency for which say-on-pay votes will be held in their Form 8-K under Item 5.07(b).

SEC Approves NASDAQ’s “Golden Leash Rule”

In July 2016, the SEC approved NASDAQ’s “Golden Leash Rule.” This rule requires listed companies to disclose material terms of any agreement between a director or director nominee and any entity or person other than the company, regarding any amount of compensation or payment related to the director’s service on the board or the director nominee’s candidacy. The “Golden Leash Rule” requires annual disclosure in the companies’ proxy or on its website. The “Golden Leash Rule” became effective Aug. 1, 2016.

Form 10-K Summaries

In July 2016, the SEC issued an interim final amendment to the Fixing America’s Surface Transportation Act, creating Item 16 on Form 10-K allowing companies the option to include a summary of the information included in the Form 10-K. While no previous rule prohibited summaries, most issuers simply included a table of contents with hyperlinks to items in their reports. This rule provides issuers some flexibility when preparing the Form 10-K.

CEO Pay Ratio Disclosure Rule

For the first fiscal year beginning on or after Jan. 1, 2017, companies will need to comply with the SEC’s long-anticipated final rule implementing Section 953(b) of the Dodd-Frank Act, which requires all public companies to disclose the pay ratio between their CEO’s annual total compensation and the annual total compensation of the companies’ “median” employee. However, companies will not be required to include pay ratio disclosures in their proxy statements until 2018. With the exception of smaller reporting companies, emerging growth companies, foreign private issuers, and registered investment companies, all reporting companies will have to disclose their pay ratio. The pay ratio disclosure must be included in any filing that requires executive compensation disclosure under Item 402 of Regulation S-K, which includes registration statements, proxy and information statements, and annual reports on Form 10-K. Even though uncertainty may loom around the viability of Dodd-Frank with President-elect Donald Trump’s transition underway, companies should continue to prepare pay ratio disclosures in anticipation for the 2018 proxy season. The Final Pay Ratio Disclosure Rule is available here.

PROXY ADVISORY FIRM UPDATES

Glass Lewis Updates

Glass, Lewis & Co. (Glass Lewis) recently published its 2017 Proxy Season Guidelines. The guidelines include a number of changes, a summary of which is outlined below.

Director Overboarding. Beginning February 2017, Glass Lewis will implement its policy regarding director board commitments. Glass Lewis will issue negative recommendations for directors that serve on more than five public company boards and company executives that serve on a total of two public company boards, including his or her own.

Governance for Newly Public Companies. For newly public companies, Glass Lewis will recommend against directors and members of governance committees who adopt provisions causing shareholders’ rights to become “severely restricted indefinitely.” Provisions such as anti-takeover mechanisms, including poison pills or classified boards, along with exclusive forum and fee-shifting provisions will all be considered for such recommendations.

Board Self-Assessment. Glass Lewis has updated its views regarding board evaluations to account for director skills and how those skills align with company strategy, as opposed to merely relying on tenure and age. Glass Lewis has further taken the stance that shareholders are better equipped to measure the board’s composition and approach to corporate governance.

Gender Pay Disclosure. Glass Lewis issued a new policy for reviewing companies’ gender pay equity, on a case-by-case basis. Upon review, Glass Lewis will generally recommend proposals requesting greater disclosure where inattention and inadequate policies expose the company to risk.

In its update, Glass Lewis also noted its support for proxy access and the management of environmental and social risks.

A copy of the full Glass Lewis Proxy Season Guidelines is available here.

ISS Updates

Institutional Shareholder Services (ISS) also updated its proxy voting policy guidelines for 2017, which will affect shareholder meetings taking place after Feb. 1, 2017. The guidelines set forth a number of updates:

Director Overboarding. Similarly to Glass Lewis, ISS will also implement its policy regarding director overboarding, establishing the threshold for overboarding to five public boards for directors who are not company executives. The policy for overboarding of company executives threshold will remain at three total boards, including his or her own.

Undue Restrictions. A new ISS policy recognizes shareholders’ ability to amend bylaws as a fundamental right. Under the policy, ISS will vote against or withhold recommendation for members of the governance committee if the company’s charter imposes “undue restrictions” on shareholders’ rights to amend the bylaws. ISS also recognized complete prohibitions on binding shareholder proposals and share ownership requirements beyond the requirements of Rule 14a-8 as being undue restrictions on shareholders’ rights. ISS will generally recommend against governance committee members whose company has any of these provisions in its charter as well.

Unilateral Governance Changes. ISS updated its policy for governance of newly public companies to include consideration for any reasonable sunset provision when issuing recommendations against directors who have adopted charter or bylaw amendments that ISS views as materially adverse to shareholder rights or that implement a multi-class capital structure affording unequal voting rights prior to or in connection with an IPO.

Shareholder Ratification of Non-Employee Director Pay Program. As a result of recent highly publicized lawsuits involving excessive non-employee director compensation, ISS will consider qualitative factors such as the presence of problematic pay practices relating to director compensation and the quality of disclosures surrounding director compensation, when evaluating whether to recommend ratification programs regarding non-employee director compensation.

A copy of the full ISS 2017 Proxy Voting Guidelines is available here.

2016 IN REVIEW

During the 2016 proxy season, proxy access remained the predominant topic for the second consecutive year. In fact, shareholders submitted over 200 proxy access resolutions during the 2016 proxy season. The SEC’s 2010 proxy access rule, Rule 14a-11, provided that a shareholder was eligible to nominate proxy access candidates if the shareholder held at least 3 percent of the voting power for at least three years and was not prohibited from proposing a candidate under law or the company’s governing documents. Although this rule was vacated by the U.S. Court of Appeals for the D.C. Circuit in 2011 for being arbitrary, many shareholder proposals are still based on both Rule 14a-11 and the SEC’s amendments to Rule 14a-8. At the end of June 2016, over 250 companies, with 190 S&P 500 firms, established proxy access rights through voluntary adoptions and negotiated withdrawals. As a result, proxy access proposals continue to drive change and mold standard market terms.

As companies grew in 2016, so did the need to properly assess, implement and maintain internal controls over financial reporting (ICFR) pursuant to Rule 13a-15. ICFR is the process by which public companies provide reasonable assurance to the public that its financial statements are prepared in accordance with GAAP and are ultimately reliable. To comply, the SEC requires an annual management report of the company’s ICFR effectiveness, including disclosure of any material weakness that may create a possibility for the company to be unable to promptly detect or prevent a material misstatement on its financial statements, in Form 10-K. Companies should implement accounting controls designed to mitigate financial reporting risk and regularly evaluate any deficiencies. This is particularly important in light of revenue reporting rules issued by the Financial Accounting Standards Board becoming effective for public companies in 2018 and as new accounting standards are issued.

The comment periods have expired for other proposed changes to incentive-based compensation arrangements, the securities transaction settlement cycle, disclosure of payments by resource extraction issuers, pay-for-performance, hedging disclosure, and clawbacks. These changes have not been finalized. At this time, there is no anticipated date for implementation of these policies, so there will be no effect on 2017 filings.

OTHER SECURITIES LAW DEVELOPMENTS

Exemptions to Facilitate Intrastate and Regional Securities Sales and Offerings

In October 2016, the SEC adopted its final rule modernizing the existing intrastate offering framework by implementing amendments to Rule 147 under the Securities Act of 1933. The SEC’s amended Rule 147 provides a safe harbor under Section 3(a)(11) for issuers organized and principally doing business within a single state to offer and make sales of securities to resident purchasers of the same state. The amendments allow companies to raise money from investors within their state without simultaneously registering the offer and sale at the federal level.

The SEC’s new Rule 147A will expand the safe harbor to issuers that maintain a principal place of business in a different state from where it is incorporated and permit issuers to offer and make sales to residents in the state where it operates. Under Rule 147A, issuers will also be able to make offers across state lines, but sales remain limited to residents of the state.

The final rule also repealed Rule 505 and expanded Rule 504 of Regulation D, by increasing the aggregate amount of securities that may be offered and sold in any 12-month period from $1 million to $5 million. Additionally, the final rule disqualifies certain bad actors from participation in offerings under Rule 504. Through these amendments, the SEC sought to facilitate issuers’ capital raising efforts and provide additional investor protections.

Rule 147 and new Rule 147A will be effective on April 20, 2017. The amendments to Rule 504 will be effective on January 20, 2017. The removal of Rule 505 will be effective on May 22, 2017. All other amendments will be effective on May 22, 2017. The final rules are available here.

Supreme Court Decides First Insider Trading Case in Decades: Salman v. United States

In December 2016, after 20 years without a decision regarding the scope of insider trading, the Supreme Court held that even when no financial or tangible benefit is received, insider trading may arise when a tipper makes a “gift” of confidential information to a friend or relative, in Salman v. United States, No. 15-628 (U.S. Dec. 6, 2016). Although the tipper received no physical benefit from providing the information to the tippee, the Supreme Court found that the personal benefit received from bestowing a “gift” of confidential information to a family member or friend was enough for conviction, thus paving a smoother path for prosecutors seeking conviction.

The Supreme Court relied on the “personal benefit test” established in the seminal 1983 case Dirks v. SEC, 463 U.S. 646 (1983) but declined to clarify the scope of the “personal benefit test.” Additionally, the Supreme Court expressly rejected the Second Circuit’s decision in United States v. Newman, 773 F.3d 438 (2d Cir. 2014), which held that the government must prove that a tippee knew an insider received a personal benefit in exchange for disclosing confidential information, and any benefit received must be sufficiently consequential. While the Supreme Court only narrowly expanded the “personal benefit test” in Salman, it rejected the government’s argument that a gift to “anyone” satisfies the “personal benefit test” potentially providing for a distinction between disclosures to friends and family and those to market professionals. The Salman opinion can be found here.

Mutual Funds/Investment Companies: Rule 22e-4 and Swing Pricing

In October 2016, the SEC adopted its final Rule 22e-4. This new rule requires mutual funds and registered open-end management investment companies, including open-end exchange-traded funds (ETFs) to create a liquidity risk management program, in order to reduce the risks associated with fund redemption obligations. The liquidity risk management program must include periodic review of a fund’s liquidity risk, classification of the liquidity of fund portfolio investments, determination of a highly liquid investment minimum, a limitation on illiquid investments, and board oversight. The rule also permits open-end funds, excluding ETFs and money market funds to use swing pricing, which allows funds to adjust their net asset value per share in order to pass on the costs associated with trading activity to purchasing and redeeming shareholders. The rule requires board approval and periodic review of the funds’ swing factor upper limit and swing threshold. Companies will need to comply with the new Rule 22e-4 beginning on or after Jan. 17, 2017 and access to swing pricing will become available Nov. 19, 2018. The final rule is available here.

Investment Company Reporting Modernization

In October 2016, the SEC adopted new forms and amendments to modernize the reporting and disclosure requirements for registered investment companies. Form N-PORT, a new monthly reporting form requires registered funds other than money market funds to provide portfolio-wide and position-level holdings data. Reporting requirements include data related to the pricing of portfolio securities, information regarding repurchase agreements, securities lending activities, counterparty exposure, terms of derivatives contracts, and portfolio level and position level risk measures, to the SEC on a monthly basis. Form N-CEN will require registered investment companies to annually report certain census-type information as well. Finally, the SEC is adopting amendments to Forms N-1A, N-3 and N-CSR to require certain disclosures regarding securities lending activities. Collectively, these amendments will enhance investors’ ability to use and analyze data to ultimately make more informed investment decisions. The rule becomes effective Jan. 17, 2017, and most funds will be required to begin filing new Forms N-PORT and N-CEN after June 1, 2018. The final rule is available here.

Universal Proxy

In October 2016, the SEC proposed changes to the proxy rules requiring the use of universal proxy cards during a contested election. During a proxy contest, the proposal would require proxy contestants to provide shareholders a proxy card with the names of management and dissident director nominees listed. Similar to voting in person, the proposal would give shareholders the ability to vote for their preferred combination of board candidates through proxy. The proposal aims to remedy shareholders’ current inability to combine nominees to create their own slate during a contested election. The comment period for the proposal ends Jan. 9, 2017.

© 2016 Dinsmore & Shohl LLP. All rights reserved.

A New Regulatory Paradigm For The SEC Following the Election?

SEC sealMany are speculating on the future of federal securities regulation as a result of the election of Donald J. Trump and the concomitant Republican control of both houses of Congress. Broc Romanek, for example, asks whether Michael S. Piwowar will become the SEC’s next Chairman.  Broc notes that Commissioner Piwowar is an economist, not a lawyer.  Since the SEC is concerned with financial regulation, a background in economics should be a strong plus.

Since I’ve already seen signs of holiday decorating in the stores, I’ve drawn up my own short wish list for whomever takes the helm of the SEC.

The SEC should fundamentally change its approach to evaluating regulations. When considering the adoption of any new substantive regulation, the fundamental question must always be “Why is this regulation necessary?”  A regulation isn’t necessary simply because someone thinks it is a good idea or constitutes a perceived “best practice”.  A regulation is necessary only when it can be demonstrated that there is some market impediment that can only be removed by government intervention.  It seems that regulations are too often adopted in reverse.  It is tantamount to a doctor, knowing that a drug has proved beneficial in some cases, prescribes it to her patients without first making a diagnosis.  If a market impediment exists, then the regulatory effort should be directed at removing the impediment not imposing additional requirements.

The SEC should ask Congress to repeal Section 16(b) liability.  When Congress enacted Section 16 more than four score years ago, it was recognized that it was a “crude rule of thumb”.  Given the rapidity of modern trading, the arbitrary six month period seems positively quaint. The calculation of profits under the rule can be bizarre.  In some cases, persons are liable even when they recognized no overall economic profit.  Congress enacted the rule to deter insider trading, but many persons who are guilty of trading on the basis of material non-public information aren’t even subject to the rule.  In practice, the rule has become an economic boon to a few lawyers and a technical trap for many.  At eighty plus years, Section 16(b) has had a good run, but now is time for it to leave the stage.

The SEC should abandon and repudiate its attempts to co-opt attorneys. Attorneys are their clients’ advisers and advocates.  They are not gatekeepers as the SEC has on occasion supposed.  The SEC should amend its attorney conduct (Part 205) rules to eliminate the purported ability of lawyers to disclose client confidences to the SEC.  See Conflicting Currents: The Obligation to Maintain Inviolate Client Confidences and the New SEC Attorney Conduct Rules32 Pep. L. Rev. 89 (2004) and this post.  The SEC should also amend its whistleblower rules to eliminate the possibility of attorneys obtaining whistleblower awards.  See SEC Condemns Breach Of Client Confidences While Offering Possible Bounties For Breaches.

Allow companies to pick their reporting periods.  There has been much debate about whether publicly traded companies suffer from short-termism.  Although short-termism may have multiple causes, the SEC’s rigid requirement of quarterly financial information pressures companies to focus on short-term results.  Why not let companies pick their own reporting periods?  This will allow companies to telegraph to the market whether they are focused on short-term or long-term performance.  To those who say that this is a bad idea, I say why not let the market decide?  If investors think that semi-annual or annual reporting is inadequate, then companies making those choices will be undervalued and will incur higher costs of capital.  Some companies might even elect to report more frequently than every quarter (e.g., bi-monthly).  The beauty of this approach is that it is transparent and allows the market to achieve equilibrium at the optimal time for each issuer.

Allow companies to decide whether they will be subject to routine SEC review.  It is hard to assess the efficacy of SEC staff review of filings. I’m sure that the SEC believes that staff review improves disclosure and that may well be the case.  One way to test that position, is to allow companies to elect whether to have their filings be subject to SEC staff review.  These elections would be public.  Investors could then decide whether SEC review reduces risk through enhanced disclosure (because companies will do a better job because they know they are subject to review and/or because the staff’s comments result in improved disclosure).  The efficacy of review should be reflected in differences in the cost of capital.

Readers will note that repeal of the Dodd-Frank Act is not on my wish list.  That is the subject of this blog by Cydney Posner at Cooley LLP. As a final note, this is my personal wish list and it does not necessarily represent the wish list of my firm, partners, or any my firm’s clients.

© 2010-2016 Allen Matkins Leck Gamble Mallory & Natsis LLP

SEC Whistleblower Awards: Can You Hear Whistles Blow? Valued At More Than $100 Million, You Bet You Can!

Some very loud whistles have been blowing across corporate America since 2011 – whistles valued at $107 million, in fact. The United States Securities and Exchange Commission announced on August 30, 2016, that since its whistleblower program began in 2011, they have awarded more than $107 million total to 33 individuals who voluntarily provided the SEC with original and useful information that led to a successful enforcement action. Whistleblower awards can range from 10 percent to 30 percent of the money collected when the SEC’s monetary sanctions in a matter exceed $1 million.

The SEC encourages employees to report suspected wrongdoing, because they, according to Acting Chief Jane Norberg, “are in unique positions behind-the-scenes to unravel complex or deeply buried wrongdoing.” And, last year alone, employees responded by providing nearly 4,000 tips to the agency. With this kind of incentive from the SEC and other government agencies, as well as a growing number of successes in whistleblower lawsuits, it is more important than ever for companies to get advice on a regular basis. Moreover, companies must be strategic and proactive in their approach to implementing an effective whistleblower protection and anti-retaliation system.

Key elements of an effective whistleblower protection and anti-retaliation system include:

  1. Clear and visible leadership commitment and accountability. This is truly the most important piece of the puzzle. Without sincere support from the top, no internal whistleblower program can succeed.

  2. The creation of a true “speak-up” organizational culture focused on prevention, including encouraging employees to raise all suspicions and issues quickly and insuring the fair resolution of such issues.

  3. Independent, protected resolution systems for employees and third-parties who believe they are experiencing retaliation as a result of raising concerns.

  4. Specific training to educate all employees about their rights and available protections (including both internal and external programs).

  5. Specific training for managers who may receive complaints or information from employees, requiring the manager to be considerate of the employee making the report, to be diligent, and, most importantly, to act on the information with no corporate tolerance of the “just telling me as a friend, not as a manager” excuse.

  6. Internal monitoring and measurement of corporate compliance efforts and the effectiveness of the speak-up and non-retaliation culture, without contributing to the suppression of employee reporting.

  7. Independent auditing to determine if the whistleblower protection and anti-retaliation system is actually working.

Post written by Denise K. Drake of Polsinelli LLP.

SEC Releases Crowdfunding Rules for Securities Offerings

Investors will be able to purchase securities through Internet crowdfunding platforms under new final rules released by the Securities and Exchange Commission (SEC) in October. The final rules, known as “Regulation Crowdfunding,” originated in Title III of the Jumpstart Our Business Startups Act of 2012 (JOBS Act). The rules will take effect in May 2016.

Alongside Regulation Crowdfunding, the SEC also proposed amendments to Rules 147 and 504 under the Securities Act of 1933 (the Proposed Amendments). A brief review of Regulation Crowdfunding and the Proposed Amendments is provided below for companies or investors eager to discover new capital raising or investment opportunities and for broker-dealers interested in expanding into the crowdfund arena.

Key Points: What to Know About Regulation Crowdfunding

The Regulation Crowdfunding rules are extensive, but they can be more readily understood and categorized as: 1) operative provisions; 2) disclosure mandates; and 3) crowdfunding platforms.

Operative Provisions

Regulation Crowdfunding will: i) enable companies to raise up to $1 million, in the aggregate, over a 12-month period; ii) for individual investors whose annual income or net worth is less than $100,000, enable such investors to spend the greater of $2,000 or five percent of the lesser of their annual income or net worth on crowdfunding investments over a 12-month period; iii) for individual investors whose annual income or net worth equals or exceeds $100,000, enable such investors to spend ten percent of the lesser of their income or net worth on crowdfunding investments over a 12-month period. The goal is to allow more people to dabble in investments, and to level the playing field for investments by ensuring that even the wealthiest of individual investors cannot spend more than ten percent of their income or net worth on crowdfunding offerings in a given 12-month period. Also crucial to note are the following points:

  • Securities purchased in a crowdfunding transaction will be considered restricted securities and will be subject to resale restrictions for one year in most circumstances;

  • All of the new crowdfunding offerings will need to be completed with the assistance of a registered broker-dealer or done through a registered “funding portal,” to be discussed in greater depth below; and

  • Some companies are unable to use the exemption, including foreign companies, publicly-traded companies, and companies that are subject to disqualification under Regulation Crowdfunding.

Disclosure Mandates

Companies seeking to raise money through crowdfunding will have to meet specific disclosure requirements under Regulation Crowdfunding including:

  1. The price of the securities to be offered;

  2. How the price was determined;

  3. The target offering amount;

  4. The deadline to reach the target offering amount;

  5. The funding deadline;

  6. Whether the company intends to accept investments that will cause the target offering amount to be exceeded;

  7. A discussion of the company’s financial health;

  8. A discussion of the business and how proceeds from the offering will be used;

  9. Information about directors, officers, and owners of 20 percent or more of the companies;

  10. Certain related-party transactions; and

  11. Financial statements of the company that may or may not need to be audited, depending on a fairly complex set of circumstances.

Crowdfunding Platforms

Regulation Crowdfunding contemplates the creation of crowdfunding portals to facilitate Internet-based transactions that, in theory, reduce costs and boost efficiency. The “funding portals” will need to be registered with the SEC via a new form – Form Funding Portal – and such portals will need to be registered as members of a national securities association (i.e., FINRA). In short, the funding portals will be the intermediary platforms through which all crowdfunding will be conducted, and these portals will need to comply with the following requirements:

  1. Provide investors with informative materials explaining how to use the platform, what is being offered, and all relevant disclosures about the company, resale restrictions, investment limitations, and the like;

  2. Take measures to reduce fraud risks, including by verifying with the companies offering securities that such companies are in compliance with Regulation Crowdfunding and that the companies are maintaining up-to-date records of their security holders;

  3. Post and maintain mandatory disclosures for 21 days before any offerings are live (i.e., a waiting period of 3 weeks) and throughout the actual offering period;

  4. Make available forums or other communication venues for investors to discuss offerings on the platform;

  5. Explain how the intermediary is being compensated for hosting the transactions;

  6. Require investors to set up accounts officially before being allowed to buy securities;

  7. Have a reasonable basis to believe that investors are in compliance with the investment limitations (i.e., they will need to ensure investors are not exceeding their spending limits in a given 12-month period);

  8. Provide adequate notices and confirmations at each step of the investment process;

  9. Comply with maintenance and transmission of funds requirements; and

  10. Comply with any requirements dealing with completion, cancellation, and re-confirmation of offerings requirements.

Crowdfunding intermediaries will be prohibited from providing access to companies they believe pose fraud or other problems that could negatively impact investor protections; holding financial interests in companies offering securities on their platforms, unless such financial interests are being used as consideration to pay the intermediaries for their services (subject to certain conditions); and paying third parties to provide information that will personally identify any investors or potential investors who may be using or planning to use the platform. Specific to funding portals as intermediaries, Regulation Crowdfunding also prohibits such portals from: offering investment advice or making purchase recommendations; soliciting purchases, sales, or offers; soliciting purchases, sales, or offers via promoters or other persons for pay; and holding or handling investors’ funds or securities. Despite the numerous prohibitions, Regulation Crowdfunding is intended to make transactions smoother and provide a safe harbor (i.e., set of guidelines) for funding portals, such that, if the portals follow the guidelines precisely, they can be assured that they are in compliance with Regulation Crowdfunding.

Key Points: What to Know About the Proposed Amendments

In an effort to balance the need to help smaller companies raise capital with the need to protect investors from fraudulent and misleading securities sales, the SEC has proposed amending Rules 147 and 504 as follows:

  • Rule 147 – This rule currently allows a safe harbor for exemption from costly registration for offers and sales made entirely within one state. The amendments are intended to make it easier for companies to make intrastate offerings of their securities by: 1) eliminating restrictions on offers (i.e., general solicitation and advertising will be allowed), though sales would still need to be made only to residents of the issuer’s state or territory; and 2) expanding the meaning of “intrastate offering” and the issuer eligibility requirements. The amended Rule 147 would apply to offerings registered in-state or conducted under an exemption from state law registration that caps the amount of securities allowed to be sold by an issuer at $5 million over a given 12-month period, along with spending limits for investors.

  • Rule 504 – This rule currently provides a safe harbor exemption from registration for certain small offerings. The amendments would boost capital-raising by increasing the aggregate amount of securities allowed to be offered and sold under Rule 504 from $1 million to $5 million, during any 12-month period. The amendments would boost protection for investors by prohibiting a set of defined “bad actors” from participating in such offerings.

Conclusion: Timelines for Regulation Crowdfunding and the Proposed Amendments

The new Regulation Crowdfunding rules and forms will be effective 180 days after they get published in the Federal Register (i.e., in May 2016). The forms that will enable funding portals to get registered with the SEC will become effective on January 29, 2016, thereby allowing the funding portals to be active or ready for transactions months before any transactions under the new rules are allowed by law.

Regarding the Proposed Amendments to Rules 147 and 504, the SEC is welcoming public comments, and will continue to do so for a 60-day period, which will end approximately by the end of the year. Crowdfunding has been the subject of much discussion and debate as evidenced by the nearly three years it took the SEC to promulgate Regulation Crowdfunding. It is still too early to predict whether crowdfunding will emerge in 2016 as a successful alternate path for capital-raising for small companies. Indeed, only time will tell whether the SEC will manage to balance its primary goal of investor protection with the ambitious aim of offering a more grassroots-level option of raising money.

To review the text of Regulation Crowdfunding and the Proposed Amendments, see the following links from the SEC: http://www.sec.gov/rules/final/2015/33-9974.pdf and http://www.sec.gov/rules/proposed/2015/33-9973.pdf.

© Copyright 2015 Dickinson Wright PLLC