On March 1, 2024, the U.S. District Court for the Northern District of Alabama ruled that the Corporate Transparency Act (“CTA”) is unconstitutional.[1] The CTA requires many U.S. entities to disclose their individual beneficial owners in a report filed with the U.S. Treasury. The CTA statute was enacted in 2021.[2] Its implementing regulations require many entities formed in 2024 to report beneficial ownership information within 90 days of formation.[3] The CTA requires many entities formed prior to 2024 to report beneficial ownership information by January 1, 2025.[4]
The federal court’s ruling arose in the context of a constitutional challenge by plaintiffs the National Small Business Association (“NSBA”) and one of its individual members, Isaac Winkles. In granting summary judgment for the plaintiffs, the court held that:
the Commerce Clause, the Necessary and Proper clause, the taxing power, and the U.S. government’s authority over foreign affairs and national security do not provide sufficient authority for the Corporate Transparency Act (“CTA”), and the CTA is unconstitutional as a result; and
the U.S. government is enjoined from enforcing the CTA as to the NSBA and Isaac Winkles.
The court did not issue a nationwide injunction barring the U.S. government from enforcing the law against other entities within the scope of the CTA’s reporting requirements.
On March 11, 2024, the U.S. Government filed a notice of appeal of the court’s ruling.[5] The same day, the Financial Crimes Enforcement Network (“FinCEN”), which is the U.S. Treasury bureau that administers the CTA, stated that it will continue to implement the CTA while complying with the court’s order.[6]
FinCEN clarified that it is not currently enforcing the CTA against two categories of persons:
individual plaintiff Isaac Winkles and reporting companies for which he is a beneficial owner; and
the NSBA and its members as of March 1, 2024.
FinCEN stated, “[o]ther than the particular individuals and entities subject to the court’s injunction [. . .] reporting companies are still required to comply with the law and file beneficial ownership reports as provided in FinCEN’s regulations.”[7]
[2] National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, div. F, title LXIV, § 6403 (adding 31 § U.S.C. 5336), available at: https://www.govinfo.gov/content/pkg/PLAW-116publ283/pdf/PLAW-116publ283.pdf.
Congress perhaps made an unintended drafting error in the Tax Cuts and Jobs Act [1] (TCJA) when it required a taxpayer to decrease its deduction for research and experimental expenditures. The apparent drafting error is in IRC §280C(c)(1), which provides that if a taxpayer’s research credit for a taxable year exceeds the amount allowable as a deduction for research expenditures for the taxable year, the amount of research expenses chargeable to capital account must be reduced by the excess and not by the full amount of the credit.
H.B. 7024 (1-17-24) [2] proposes to correct the drafting error for tax year 2023 and expressly states that the amendment made for taxable year 2023 should not be construed to create an inference with respect to the proper application of the drafting error for taxable year 2022. [3] The “no inference” congressional language could be interpreted as inviting the IRS to attempt an administrative fix of the drafting error.
Background of Research Expenditure Deduction and Credit for Increasing Research Activities: Beginning with the Internal Revenue Code of 1954, a taxpayer engaging in research activities in the experimental or laboratory sense in connection with its trade or business could elect to deduct the cost of its research currently rather than capitalizing the cost to the project for which the research was conducted. The Economic Recovery Tax Act of 1981 added a credit for the cost of research incurred in carrying on a trade or business. The manner in which the deduction and credit operated permitted a taxpayer both to deduct and credit the same research dollar.
Pre-TCJA (2017) law: The Omnibus Budget Reconciliation Act of 1989 ended the possibility deducting and crediting the same research dollar. If a taxpayer currently deducted its research expenditures, the taxpayer had to decrease its deduction by the amount of the research credit that it claimed for the taxable year.[4] The policy reason for the decrease was that a taxpayer should not be entitled to a deduction and a credit for the same dollar expended for research. Put another way, if the government “pays” for research by allowing a credit, the taxpayer did not really pay for the research and should not be entitled to deduct the amount for which the government paid.
TCJA Amendment: The TCJA now requires a taxpayer to capitalize research expenditures paid or incurred in the taxable year and claim an amortization deduction for the expenditures ratably over a five-year period.[5] The TCJA also amended IRC §280C(c)(1), the provision that prevents a taxpayer from receiving a credit and a deduction for the same dollar of research expenditure. The amendment provides that if the research credit amount for the taxable year exceeds the amount allowable as a deduction for the taxable year for qualified research expenses, the research expenses chargeable to capital account for the taxable year must be reduced by the excess.[6] This might have been a drafting error. The research credit for the taxable year might not exceed an amortization deduction for the year.[7] If for a taxable year the credit does not exceed the amortization deduction, a taxpayer could reasonably conclude that no reduction in the amount of capitalized research expenditures is required. The taxpayer would be interpreting the deduction for qualified research expenses as meaning the amount of the amortization of the capitalized expenses.
The IRS might have an opposing interpretation. The phrase, “the amount allowable as a deduction for such taxable year for qualified research expenses” in IRC §280C(c)(1) could be interpreted as always equaling zero because the TCJA amendment requiring amortization of research expenditures for the taxable year nullifies the “deduction … for qualified research expenses.” In other words, there were no “deductible” qualified research expenses for the year after enactment of the TCJA for purposes of IRC §280C(c)(1). [8] The result would be that the capitalized research expenses are decreased by the amount of the credit.
H.B. 7024: On January 31, 2024, the House passed 353 to 70 H.B. 7024, “Tax Relief for American Families and Workers Act of 2024.” Action on the bill is pending in the Senate. The bill restores the current deduction for research expenditures (but only for research performed in the United States), beginning with taxable year 2022,[9] and defers the requirement to amortize research expenditures until taxable year 2026. For taxable years beginning in 2023, the bill requires a taxpayer to decrease the research expenditure deduction for domestic research by the amount of the research credit for the year, thus reinstating, for domestic research, IRC §280C(c)(1) as it had read prior to its amendment by the TCJA. [10]
But for taxable year 2022, the bill does not expressly require a taxpayer to reduce its deduction for research expenditures by the amount of the research credit even though the bill permits the taxpayer to deduct it research expenditures currently for taxable year 2022. Thus, for taxable year 2022, a taxpayer may deduct its research expenditures but must decrease the deduction only by the amount, if any, that its 2022 research credit exceeds its 2022 deduction for qualified research expenditures, which amount may be zero. Moreover, the bill provides that the amendment requiring a decreased deduction for research expenditures for taxable years beginning in 2023 should not be construed to create “any inference” with respect to the proper application of IRC §280C(c) to taxable year 2022.
IRS Notice: In Notice 2023-63 – obviously published before H.R. 7024 – the IRS asks for comments about to interpret the current version of IRC §280C(c)(1). If H.R. 7024 is enacted, the IRS request for comments would appear irrelevant.
Taxpayer Actions: If H.R. 7024 is enacted, taxpayers must consider whether to change their accounting method for research expenditures from amortizing them to currently deducting them. A change would affect many tax calculations, and obviously the only means by which to be certain of the effect is to run the change using various scenarios through the taxpayer’s tax software.
One of the effects to consider if the bill passes is the item discussed in the alert in which the taxpayer reads IRC §280C(c)(1) advantageously for taxable year 2022 and reduces its research expenditure deduction by the amount that the research credit exceeds the deduction for research expenditures for the year, which reduction amount may well be zero. The taxpayer would have a substantial permanent tax benefit by not decreasing its credit and not decreasing it deduction.
If H.B. 7024 is not enacted, a taxpayer might moderate the risk that the IRS will prevail on the interpretation of IRC §280C(c)(1) by electing to decease its credit under IRC §280C(c)(2).[11] But the taxpayer could be more aggressive by taking the position that it is applying IRC §280C(c)(1) and rarely, if ever, does it have to reduce its deduction for research expenditures. That means that the taxpayer that had historically decreased its credit in order to take the full deduction might not have to do so. That might be a very substantial permanent tax benefit.
[1] P.L. 115-97 115th Cong. 1st Sess. (12-22-17).
[2] 118th Cong., 2d Sess.
[3] H.B. 7024, Sec. 201(e)(4).
[4] Instead of decreasing the deduction, the taxpayer could elect to decrease its research credit by multiplying the credit amount by the corporate tax rate. IRC §280C(c)(2). Regardless of whether the taxpayer reduced its deduction or its credit, the federal income tax cost was the same. Many taxpayers elect to reduce the credit so that the full amount of the deduction flows into taxable income of states that conform state taxable income to federal taxable income.
[5] IRC §174(a)(2)(B). The deduction is spread over six taxable years because the taxpayer may deduct for the first amortization year only half of a full year’s amortization. If the research is performed outside the United States, the amortization period is fifteen years.
[6] IRC §280C(c)(1).
[7] For example, assume qualified research expenses for the taxable year 2022 of $1,000 and minimum base amount of $500. The research credit is $100 (20% times $500). The credit does not exceed the amortized deduction – $100 for the first taxable year.
[8] Of course, there were qualified research expenses identified for the research credit.
[9] Proposed IRC §174A(a). A taxpayer that had capitalized and amortized its research expenditures as required by the TCJA may file an amended return for tax year 2022 and deduct research expenditures paid or incurred for that year. Alternatively, the taxpayer may elect to adjust its taxable income under IRC § 481 by taking a favorable adjustment into account in taxable year 2023. Alternatively, it may elect to make the adjustment over taxable years 2023 and 2024. H.B. 7024, sec. 201(f)(2).
[10] The taxpayer could still elect to decrease its credit in lieu of reducing its deduction.
There are many different types of insurance — directors and officers (D&O), employment practices liability (EPLI), and general liability, to name a few. Unfortunately, many clients do not know what is in their policy or policies, including what is covered, their deductibles or retention, or, in some unfortunate cases, that they have no policy at all.
This article attempts to help you answer some simple questions about what to look for when you are buying a policy and what to look for in a current policy when you need to use it. It is not an attempt to promote any particular policy, as each policy has to be read in light of the specific facts at issue.
Buying the cheapest — you may get what you pay for.
In too many cases, we find that clients have simply purchased the cheapest policy they can find. The reasons for this vary. Maybe the client asked for the cheapest policy, maybe the agent simply got the client the cheapest policy, or maybe there was no real conversation at all between the insured (client) and the agent except to “get some insurance.”
This is never an issue — until it is. By way of example, let’s say a lawsuit is filed against you that should kick in your D&O or EPLI policy. You then turn the lawsuit over to your agent for defense and coverage. And then, one of several increasingly common scenarios occurs. You discover that your deductible or retention is very high, e.g., the first $100,000 is on you. Or you discover that many employment cases could be resolved or dismissed for less than that, and that for a little more on the front end, you could have had a lower deductible. Or you discover that what you purchased does not cover alleged fiduciary breaches by your directors and officers, and you could have purchased that coverage if you had asked.
You also might discover that you could have purchased, for a small additional amount, wage and hour coverage that would have covered the overtime lawsuit you were just served, but no one ever specifically talked with the agent about that. You also might discover that the attorney you have worked with for years will not be able to handle the case because there is no “choice of counsel” in the policy. In many cases, spending 30 minutes with your agent (and probably an attorney who has experience working with you) could have resolved these issues — that now are out of your control.
The point is, spending the necessary time with your agent (and attorney) is something that should be done before any policy is purchased or renewed. This allows you to express what you want and consider the options available. It also allows you to avoid issues such as not being able to use the attorney of your choice.
Do you have a claims-made or an occurrence policy?
While each policy and case must be examined individually, generally, an occurrence policy covers claims arising from acts or incidents that occurred during the policy period. This means that if the incident occurred during the policy period and the policy was in effect and in good standing, the claim will be covered, even if you get sued over that incident after the policy has expired.
Claims-made policies are entirely different animals. Claims-made policies generally cover only claims made during the policy period. The claim must also be reported to the insurer as required by the policy.
Generally, claims-made policies are cheaper, as they usually provide coverage for a shorter period of time. Again, however, be aware of “going cheap.” Claims-made policies that are not renewed or are canceled — and for which tail coverage is not purchased — can create exposure for an incident that occurred during the policy period. This can happen, for example, if you simply let the policy lapse and a year or so later someone files a suit against you that would have been a “claim” under your claims-made policy but it was not reported when the policy was effective. It can also occur if you change insurers.
The above is a very general description, and any discussion about the type of policy you should buy or what to do when you renew is beyond the scope of this article, but you should absolutely consult with your agent (and likely your attorney) about any specific needs or concerns you know of prior to purchasing or renewing any policy.
Do you have coverage and defense, or just defense?
Be aware that some policies provide for attorney’s fees and costs to defend claims made against you as well as coverage for any settlement or judgment against you. Some policies, however, only provide for attorney’s fees and costs. Again, this goes to what type of policy you want, what you can afford, and knowing the risks of what you have versus what you do not have.
I have had the unfortunate situation where a client thought they had a policy providing coverage and defense, but the policy provided only defense. The matter involved multiple plaintiffs and conflicting witness testimony that made dismissal of the case prior to any trial impossible. While the resolution of the case was not substantially out of line for the average federal court employment case, the money came directly from the client’s pocket because the policy only provided for defense costs, not coverage for any settlement or verdict. When questions arose about why that type of policy was provided by the agent, it was clear the client had only told the agent to “get some insurance” and made no specific requests.
To sum up, it is unfortunately common that when purchasing insurance of any kind, insureds do not actively engage their agent (or ask for any advice from their attorney) about what types of policies and coverage they may need. This creates many issues (deductible, choice of counsel, lack of coverage, etc.) that likely could have been avoided. There is no guarantee that any issue could be avoided, as no one knows what type of claim or claims might be made in the future, but spending the necessary time on the front end could save many headaches on the back end if your agent gets as much specificity as possible from you.
On March 6, 2024, the Securities and Exchange Commission (the “SEC”) adopted regulations[1] that will require public companies to file mandatory climate-related disclosures with the SEC beginning in 2026. First proposed in March 2022, the climate-related disclosure rules were finalized after consideration of over 24,000 comment letters and active lobbying of the SEC by business and public interest groups alike. These new rules are aimed at eliciting more consistent, comparable, and reliable information for investors to make informed decisions related to climate-related risks on current and potential investments.
The new rules require a registrant to disclose material climate-related risks and activities to mitigate or adapt to those risks; information about the registrant’s oversight of climate-related risks and management of those risks; and information on any climate-related targets or goals that are material to the registrant’s business, results of operations, or financial condition. In addition, these new rules require disclosure of Scope 1 and/or Scope 2 greenhouse gas (“GHG”) emissions with attestation by certain registrants when emissions are material; and disclosure of the financial effects of extreme weather events.
Unlike the initial proposal, the EU Climate Sustainability Reporting Directive (“CSRD”) and the California Climate Data Accountability Act, the new rules do not require disclosure of Scope 3 GHG emissions. The new rules require reporting based upon financial materiality, not the double-materiality (impact and financial) standard utilized by the EU under the CSRD. Whether registrants will ultimately be required to comply with the new rules depend upon the outcome of anticipated challenges, such as the challenge to the SEC’s authority to promulgate the rule filed in the Eleventh Circuit on March 6th by a coalition of ten states.
Highlights of the New Rule
In the adopting release, the SEC notes that companies are increasingly disclosing climate-related risks, whether in their SEC filings or via company websites, sustainability reports, or elsewhere; however, the content and location of such disclosures have been varied and inconsistent.[2] The new rules not only specify the content of required climate-related disclosures but also the presentation of such disclosures.
The new rules amend the SEC rules under the Securities Act of 1933 (“Securities Act”) and Securities Exchange Act of 1934 (“Exchange Act”), creating a new subpart 1500 of Regulation S-K and Article 14 of Regulation S-X. As a result, registrants, companies that are registered under the Exchange Act, will need to:
File climate-related disclosures with the SEC in their registration statements and Exchange Act annual reports;
Provide the required climate-related disclosures in either a separately captioned section of the registration statement or annual report, within another appropriate section of the filing, or the disclosures may be included by reference from another SEC filing so long as the disclosure meets the electronic tagging requirements; and
Electronically tag climate-related disclosures in Inline XBRL.
The rules require a registrant to disclose:
Climate-related risks that have had or are reasonably likely to have a material impact on the registrant’s business strategy, results of operations, or financial condition;
The actual and potential material impacts of any identified climate-related risks on the registrant’s strategy, business model, and outlook;
Specified disclosures regarding a registrant’s activities, if any, to mitigate or adapt to a material climate-related risk including the use, if any, of transition plans, scenario analysis, or internal carbon prices;
Any oversight by the board of directors of climate-related risks and any role by management in assessing and managing the registrant’s material climate-related risks;
Any processes the registrant has for identifying, assessing, and managing material climate-related risks and, if the registrant is managing those risks, whether and how any such processes are integrated into the registrant’s overall risk management system or processes;
Information about a registrant’s climate-related targets or goals, if any, that have materially affected or are reasonably likely to materially affect the registrant’s business, results of operations, or financial condition. Disclosures would include material expenditures and material impacts on financial estimates and assumptions as a direct result of the target or goal or actions taken to make progress toward meeting such target or goal;
For large accelerated filers (“LAFs”) and accelerated filers (“AFs”) that are not otherwise exempted, information about material Scope 1 emissions and/or Scope 2 emissions;
For those required to disclose Scope 1 and/or Scope 2 emissions, an assurance report at the limited assurance level, which, for an LAF, following an additional transition period, will be at the reasonable assurance level;
The capitalized costs, expenditures expensed, charges, and losses incurred as a result of severe weather events and other natural conditions, such as hurricanes, tornadoes, flooding, drought, wildfires, extreme temperatures, and sea level rise, subject to applicable one percent and de minimis disclosure thresholds, disclosed in a note to the financial statements;
The capitalized costs, expenditures expensed, and losses related to carbon offsets and renewable energy credits or certificates (“RECs”) if used as a material component of a registrant’s plans to achieve its disclosed climate-related targets or goals, disclosed in a note to the financial statements; and
If the estimates and assumptions a registrant uses to produce the financial statements were materially impacted by risks and uncertainties associated with severe weather events and other natural conditions or any disclosed climate-related targets or transition plans, a qualitative description of how the development of such estimates and assumptions was impacted, disclosed in a note to the financial statements.
Highlights of what did not get adopted
In its adopting release, the SEC described various modifications it made to its March 2022 proposed rules. The SEC explained that it made many of these changes in response to various comment letters it received. Some of the proposed rules that did not get adopted are:[3]
The SEC eliminated the proposed requirement to provide Scope 3 emissions disclosure.
The adopted rules in many instances now qualify the requirements to provide certain climate-related disclosures based on materiality.
The SEC eliminated the proposed requirement for all registrants to disclose Scope 1 and Scope 2 emissions in favor of requiring such disclosure only by large accelerated filers and accelerated filers on a phased in basis and only when those emissions are material and with the option to provide the disclosure on a delayed basis.
The SEC also exempted emerging growth companies and smaller reporting companies from the Scope 1 and Scope 2 disclosure requirement.
The SEC modified the proposed assurance requirement covering Scope 1 and Scope 2 emissions for accelerated filers and large accelerated filers by extending the reasonable assurance phase in period for LAFs and requiring only limited assurance for AFs.
The SEC eliminated the proposed requirements for registrants to disclose their GHG emissions in terms of intensity.[4]
The SEC removed the requirement to disclose the impact of severe weather events and other natural conditions and transition activities on each line item of a registrant’s financial statements. The SEC now requires disclosure of financial statement effects on capitalized costs, expenditures, charges, and losses incurred as a result of severe weather events and other natural conditions in the notes to the financial statements.
The adopted rules are less prescriptive than certain of those that were proposed. For example, the former now exclude in Item 1502(a) of Regulation S-K negative climate-related impacts on a registrant’s value chain from the definition of climate-related risks required to be disclosed. Similarly, this definition no longer includes acute or chronic risks to the operations of companies with which a registrant does business. Also, Item 1501(a) as adopted omits the originally proposed requirement for registrants to disclose (a) the identity of board members responsible for climate-risk oversight, (b) any board expertise in climate-related risks, (c) the frequency of board briefings on such risks, and (d) the details on the board’s establishment of climate-related targets or goals. Along the same lines, Item 1503 as adopted requires disclosure of only those processes for the identification, assessment, and management of material climate-related risks as opposed to a broader universe of climate-related risks. The rule as adopted does not require disclosure of how the registrant (a) determines the significance of climate-related risks compared to other risks, (b) considers regulatory policies, such as GHG limits, when identifying climate-related risks, (c) considers changes to customers’ or counterparties’ preferences, technology, or market prices in assessing transition risk, and (d) determines the materiality of climate-related risks. In the same vein, the adopted rules, unlike the proposed rules, do not require disclosure of how the registrant determines how to mitigate any high priority risks. Nor do the new rules retain the proposed requirement for a registrant to disclose how any board or management committee responsible for assessing and managing climate-related risks interacts with the registrant’s board or management committee governing risks more generally.
The SEC eliminated the proposal to require a private company that is a party to a business combination transaction, as defined by Securities Act Rule 165(f), registered on Form S-4 or Form F-4, to provide the subpart 1500 and Article 14 disclosures.
Timing of Implementation
The new rules will become effective 60 days after publication in the Federal Register. Compliance with the rules will not be required until much later, however.
Consistent with its earlier proposal, and in response to comments that the SEC received concerning the timing of implementing the proposed rule, the new rules contain delayed and staggered compliance dates that vary according to the registrant’s filing status and the type of disclosure.
The below table from the SEC’s new release summarizes the phased-in implementation dates.[5]
FILING STATUS
Large Accelerated Filers (“LAFs”)—a group whom the SEC believed most likely to be already collecting and disclosing climate-related information—will be the first registrants required to comply with the rule. The earliest that an LAF would be required to comply with the climate-disclosure rules would be upon filing its Form 10-K for the fiscal year ended December 31, 2025, which would be due no later than March 2026.[6]
Accelerated Filers (“AFs”) are not required to comply with the new rules for yet another year after LAFs. Climate-related disclosures for AFs must be included upon filing a Form 10-K for the fiscal year ended December 31, 2026, due no later than March 2027. Smaller Reporting Companies (“SRCs”), Emerging Growth Companies (“EGCs”), and Non-Accelerated Filers (“NAFs”) have yet another year to meet the first compliance deadline for climate-related disclosures. These types of filers need not include their climate-related disclosures until filing their Form 10-Ks for the fiscal year ended December 31, 2027, which, again, would be due no later than March 2028.
TYPES OF DISCLOSURES
The new rules also phase in the requirements to include certain disclosures over time. The requirements to provide quantitative and qualitative disclosures concerning material expenditures and material impacts to financial estimates or assumptions under Items 1502(d)(2), 1502(e)(2), and 1504(c)(2) are not applicable until the fiscal year immediately following the fiscal year in which the registrant’s initial compliance is required. LAFs, for example, are not required to report these qualitative and quantitative disclosures until filing a Form 10-K for the fiscal year ended December 31, 2026, due in March 2027. That should be one year after an LAF files its first Form 10-K with climate-related disclosures. The SEC adopted this phased-in approach to respond to commentators’ concerns regarding the availability (or current lack thereof) of policies, processes, controls, and system solutions necessary to support these types of disclosures.
Likewise, the new rules provide for a further phased-in compliance date for those registrants required to report their Scope 1 and Scope 2 GHG emissions and an even later date for those filers to obtain limited or reasonable assurance for those emissions disclosures. An LAF, for example, is not required to disclose its Scope 1 and Scope 2 emissions until filing its Form 10-K for the fiscal year ended December 31, 2026, due in March 2027. And those disclosures would not be required to be subject to the limited-assurance or reasonable-assurance requirements until filing the Form 10-K for the year ended December 31, 2029 or December 31, 2033, respectively.
In accordance with the table above, AFs, SRCs, EGCs, and NAFs have even more time to meet these additional disclosure requirements, if they are required to meet them at all.
It should be noted that the SEC recognized that registrants may have difficulty in obtaining GHG emission metrics by the date their 10-K report would be due. As a result, the rule contains an accommodation for registrants required to disclose Scope 1 and Scope 2 emissions, allowing domestic registrants, for example, to file those disclosures in the Form 10-Q for the second fiscal quarter in the fiscal year immediately following the year to which the GHG emissions disclosure relates. This disclosure deadline is permanent and not for a transition period.
Liability for Non-Compliance
In the introduction to the adopting release, the SEC explains that requiring registrants to provide certain climate-related disclosures in their filings will, among other things, “subject them to enhanced liability that provides important investor protections by promoting the reliability of the disclosures.”[7] This enhanced liability stems from the treatment of the disclosures as “filed” rather than “furnished” for purposes of Exchange Action Section 18 and, if included or otherwise incorporated by reference into a Securities Act registration statement, Securities Act Section 11.[8] According to the SEC, “climate-related disclosures should be subject to the same liability as other important business or financial information” that registrants include in registration statements and periodic reports and, therefore, should be treated as filed disclosures.[9]
In an attempt to balance concerns about the complexities and evolving nature of climate data methodologies and increased litigation risk, the SEC, in the adopting release, emphasizes certain modifications made in the new rules including:
limiting the scope of the GHG emissions disclosure requirement;
revising several provisions regarding the impacts of climate-related risks on strategy, targets and goals, and financial statement effects so that registrants will be required to provide the disclosures only in certain circumstances, such as when material to the registrant; and
adopting a provision stating that disclosures (other than historic facts) provided pursuant to certain of the new subpart 1500 provisions of Regulation S-K constitute “forward-looking statements” for the purposes of the PSLRA safe harbors.[10]
Registrants are subject to liability under Securities Act Section 17(a), Exchange Act Section 10(b), and/or Rule 10b-5 for false or misleading material statements in the information disclosed pursuant to the new rules.[11]
Observations
Consistent with its recent trajectory, the SEC continues to be a kinder, gentler regulator on climate disclosure requirements. Although the new rules will apply broadly to publicly traded companies, their scope is less demanding than the requirements under recent similar laws enacted in California or the EU. Under the California Climate Corporate Data Accountability Act (the “CCDA”), companies with annual revenues in excess of $1 billion and “doing business in California”[12] will be required to publicly disclose Scope 1 and Scope 2 emissions beginning in 2026, and Scope 3 emissions beginning in 2027. And because the California law applies to all companies, not just those that are publicly traded, it is also more broadly applicable and will trigger assessments and compliance for companies that are not subject to the SEC’s rule. The CCDA is currently the subject of legal challenge that includes questions of whether the required disclosures violate the First Amendment right to free speech, as well as possible federal preemption. As a result, there is a chance that the CCDA may yet be diluted or found unconstitutional. But in light of the imminent timeline for compliance, many companies subject to the CCDA are already developing programs to facilitate and ensure timely compliance with the requirements.
Similarly, the EU has broader reporting obligations under the CSRD than the SEC’s new rules. Compliance with the CSRD is required for both public and private EU companies as well as for non-EU companies with certain net annual turnovers, certain values of assets, and a certain number of employees. Under the CSRD, companies must publish information across a wide spectrum of subjects, including emissions, energy use, diversity, labor rights, and governance. Initial reporting under the CSRD begins to phase-in in 2025.
A key takeaway here is that although the SEC rules may have taken a lighter approach to climate disclosures, many large companies are likely to be subject to more stringent requirements under either the CCDA or the EU CSRD. And as some companies begin to comply to provide this information and data, the market may drive demand and an expectation that other companies, not otherwise subject to these various reporting regimes, follow suit. While the SEC rules may be a slimmed down version of what could have been, it is likely that the trend toward transparency and disclosure will continue to be driven by other regulatory bodies and market forces alike.
[1] Securities and Exchange Commission, Final Rule The Enhancement and Standardization of Climate-Related Disclosures for Investors, 17 CFR 210, 229, 230, 232, 239, and 249, adopting release available at https://www.sec.gov/files/rules/final/2024/33-11275.pdf.
[2] Id. at 48.
[3] Id. at 31-33.
[4] Id. at 225.
[5] Id. at 589.
[6] The new rules’ compliance dates apply to annual reports and registration statements. But, in the case of registration statements, compliance is required beginning with any registration statement that is required to include financial information for the full fiscal year indicated in the table above.
[7] Id. at 13.
[8] Id. at 584. At a high level, Section 18 imposes liability for false and misleading statements with respect to any material fact in documents filed with the SEC under the Exchange Act and Section 11 imposes liability for material misstatements or omissions made in connection with registered offerings conducted under the Securities Act.
[9] Id.
[10] Id. at 803.
[11] Id.
[12] A term which is not defined in the law, but is likely intentionally very broad, and is expected to be interpreted in that way.
In recent years, the Department of Justice (DOJ) has rolled out a significant and increasing number of carrots and sticks aimed at deterring and punishing white collar crime. Speaking at the American Bar Association White Collar Conference in San Francisco on March 7, Deputy Attorney General Lisa Monaco announced the latest: a pilot program to provide financial incentives for whistleblowers.
While the program is not yet fully developed, the premise is simple: if an individual helps DOJ discover significant corporate or financial misconduct, she could qualify to receive a portion of the resulting forfeiture, consistent with the following predicates:
The information must be truthful and not already known to the government.
The whistleblower must not have been involved in the criminal activity itself.
Payments are available only in cases where there is not an existing financial disclosure incentive.
Payments will be made only after all victims have been properly compensated.
Money Motivates
Harkening back to the “Wanted” posters of the Old West, Monaco observed that law enforcement has long offered rewards to incentivize tipsters. Since the passage of Dodd Frank almost 15 years ago, the SEC and CFTC have relied on whistleblower programs that have been incredibly successful. In 2023, the SEC received more than 18,000 whistleblower tips (almost 50 percent more than the previous record set in FY2022), and awarded nearly $600 million — the highest annual total by dollar value in the program’s history. Over the course of 2022 and 2023, the CFTC received more than 3,000 whistleblower tips and paid nearly $350 million in awards — including a record-breaking $200 million award to a single whistleblower. Programs at IRS and FinCEN have been similarly fruitful, as are qui tam actions for fraud against the government. But, Monaco acknowledged, those programs are by their very nature limited. Accordingly, DOJ’s program will fill in the gaps and address the full range of corporate and financial misconduct that the Department prosecutes. And though only time will tell, it seems likely that this program will generate a similarly large number of tips.
The Attorney General already has authority to pay awards for “information or assistance leading to civil or criminal forfeitures,” but it has never used that power in any systematic way. Now, DOJ plans to leverage that authority to offer financial incentives to those who (1) disclose truthful and new information regarding misconduct (2) in which they were not involved (3) where there is no existing financial disclosure incentive and (4) after all victims have been compensated. The Department has begun a 90-day policy sprint to develop and implement the program, with a formal start date later this year. Acting Assistant Attorney General Nicole Argentieri explained that, because the statutory authority is tied to the department’s forfeiture program, the Department’s Money Laundering and Asset Recovery Section will play a leading role in designing the program’s nuts and bolts, in close coordination with US Attorneys, the FBI and other DOJ offices.
Monaco spoke directly to potential whistleblowers, saying that while the Department will accept information about violations of any federal law, it is especially interested in information regarding
Criminal abuses of the US financial system;
Foreign corruption cases outside the jurisdiction of the SEC, including FCPA violations by non-issuers and violations of the recently enacted Foreign Extortion Prevention Act; and
Domestic corruption cases, especially involving illegal corporate payments to government officials.
Like the SEC and CFTC whistleblower programs, DOJ’s program will allow whistleblower awards only in cases involving penalties above a certain monetary threshold, but that threshold has yet to be determined.
Prior to Monaco’s announcement, the United States Attorney’s Office for the Southern District of New York launched its own pilot “whistleblower” program, which became effective February 13, 2024. Both the Department-wide pilot and the SDNY policy require that the government have been previously unaware of the misconduct, but they are different in a critical way: the Department-wide policy under development will explicitly apply only to reports by individuals who did not participate in the misconduct, while SDNY’s program offers incentives to “individual participants in certain non-violent offenses.” Thus, it appears that SDNY’s program is actually more akin to a VSD program, while DOJ’s Department-wide pilot program will target a new audience of potential whistleblowers.
Companies with an international footprint should also pay attention to non-US prosecutors. The new Director of the UK Serious Fraud Office recently announced that he would like to set up a similar program, no doubt noticing the effectiveness of current US programs.
Corporate Considerations
Though directed at whistleblowers, the pilot program is equally about incentivizing companies to voluntarily self-disclose misconduct in a timely manner. Absent aggravating factors, a qualifying VSD will result in a much more favorable resolution, including possibly avoiding a guilty plea and receiving a reduced financial penalty. But because the benefits under both programs only go to those who provide DOJ with new information, every day that a company sits on knowledge about misconduct is another day that a whistleblower might beat them to reporting that misconduct, and reaping the reward for doing so.
“When everyone needs to be first in the door, no one wants to be second,” Monaco said. “With these announcements, our message to whistleblowers is clear: the Department of Justice wants to hear from you. And to those considering a voluntary self-disclosure, our message is equally clear: knock on our door before we knock on yours.”
By providing a cash reward for whistleblowing to DOJ, this program may present challenges for companies’ efforts to operate and maintain and effective compliance program. Such rewards may encourage employees to report misconduct to DOJ instead of via internal channels, such as a compliance hotline, which can lead to compliance issues going undiagnosed or untreated — such as in circumstances where the DOJ is the only entity to receive the report but does not take any further action. Companies must therefore ensure that internal compliance and whistleblower systems are clear, easy to use, and effective — actually addressing the employee’s concerns and, to the extent possible, following up with the whistleblower to make sure they understand the company’s response.
If an employee does elect to provide information to DOJ, companies must ensure that they do not take any action that could be construed as interfering with the disclosure. Companies already face potential regulatory sanctions for restricting employees from reporting misconduct to the SEC. Though it is too early to know, it seems likely that DOJ will adopt a similar position, and a company’s interference with a whistleblower’s communications potentially could be deemed obstruction of justice.
This is likely to be one of the most consequential rulemakings of Chairman Gary Gensler’s tenure given the prioritization of addressing climate change as a key pillar for the Biden administration. However, given the significant controversy associated with this rulemaking effort, the final rules are likely to face legal challenges and congressional oversight in the coming months. As such, it remains unclear at this point whether the final rules will survive the forthcoming scrutiny.
WHAT IS IN THE RULE?
According to the SEC’s fact sheet:
“The final rules would require a registrant to disclose, among other things: material climate-related risks; activities to mitigate or adapt to such risks; information about the registrant’s board of directors’ oversight of climate-related risks and management’s role in managing material climate-related risks; and information on any climate-related targets or goals that are material to the registrant’s business, results of operations, or financial condition.
Further, to facilitate investors’ assessment of certain climate-related risks, the final rules would require disclosure of Scope 1 and/or Scope 2 greenhouse gas (GHG) emissions on a phased-in basis by certain larger registrants when those emissions are material; the filing of an attestation report covering the required disclosure of such registrants’ Scope 1 and/or Scope 2 emissions, also on a phased-in basis; and disclosure of the financial statement effects of severe weather events and other natural conditions including, for example, costs and losses.
The final rules would include a phased-in compliance period for all registrants, with the compliance date dependent on the registrant’s filer status and the content of the disclosure.”
NEXT STEPS
The final rules are likely to face significant opposition, including legal challenges and congressional oversight. It is expected that there will be various lawsuits brought against the final rules, which are likely to receive support from several industry groups, or potentially GOP-led state attorneys general who have been active in litigating against environmental, social and governance (ESG) policies and regulations. It is also possible that the final rules could face criticism from some climate advocates that the SEC did not go far enough in its disclosure requirements.
Further, it is expected that the House Financial Services Committee (HFSC) will conduct oversight hearings, as well as introduce a resolution under the Congressional Review Act (CRA), to attempt to block the regulations from taking effect. HFSC Chairman Patrick McHenry (R-NC) indicated that the Oversight and Investigations Subcommittee will hold a field hearing on March 18 and the full Committee will convene a hearing on April 10 to discuss the potential implications of the rules. If a CRA resolution were to pass the House and garner sufficient support from moderate Democrats in the Senate to pass, it would likely be vetoed by President Biden.
Ultimately, the SEC climate risk disclosure rules are unlikely to significantly change the trajectory of corporate disclosures made by multinational companies based in the U.S., most of whom have already been making sustainability disclosures in accordance with the Financial Stability Board’s Task Force on Climate-Related Financial Disclosures. The ongoing problem for investors is that such disclosures are not standardized and therefore are not comparable. Consequently, many of these large issuers may continue to enhance their sustainability disclosures in accordance with standards issued by the International Sustainability Standards Board and the Global Reporting Initiative as an investor relations imperative notwithstanding the SEC’s timetable for implementation of these final rules.
A more detailed analysis of the SEC rules is forthcoming from our Corporate and Asset Management and Investment Funds practices in the coming days.
The Corporate Transparency Act has been declared unconstitutional. On March 1, 2024, U.S. District Court Judge Liles C. Burke issued a 53-page opinion[1] granting summary judgment for the National Small Business Association and held that the Corporate Transparency Act “exceeds the Constitution’s limits on the legislative branch and lacks a sufficient nexus to any enumerated power to be a necessary or proper means of achieving Congress’ policy goals.”
As a result, Judge Burke found the CTA to be unconstitutional because it exceeds the Constitution’s limits on Congress’ power, without even reaching a decision on whether it violates the First, Fourth, and Fifth Amendments. The Court then permanently enjoined the government from enforcing the CTA against the named plaintiffs and ordered a further hearing on the award of costs of litigation.
While it is likely that this litigation will continue to play out in the federal court system, the initial victory has gone to small business and importantly that means that compliance with this now unconstitutional regulatory regime can be set aside for the current time being.
[1] Nat’l Small Bus. United v. Yellen, No. 5:22-cv-01448-LCB (N.D. Ala. 2022)
On March 1, 2024, the federal judge presiding over the lone case testing the validity of the Corporate Transparency Act (CTA) struck down the CTA as unconstitutional. As we have explained, through the CTA, Congress imposed mandatory reporting obligations on certain companies operating in the United States, in an effort to enhance corporate transparency and combat financial crime. Specifically, the CTA, which took effect on January 1, 2024, requires a wide range of companies to provide personal information about their beneficial owners and company applicants to the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN). More than 32.5 million existing entities are expected to be subject to the CTA, and approximately 5 million new entities are expected to join that number each year. By mid-February, approximately a half million reports had been filed under the CTA according to FinCEN.
The CTA’s enforceability is now in doubt. In National Small Business United d/b/a National Small Business Association v. Yellen, the Honorable Liles C. Burke of the United States District Court for the Northern District of Alabama held that the CTA exceeded Congress’s authority to regulate interstate commerce, and that the CTA was not necessary to the proper exercise of Congress’ power to regulate foreign affairs or its taxing power. The Court issued a declaratory judgment—stating that the CTA is unconstitutional—and enjoined the federal government from enforcing the CTA’s reporting requirements against the plaintiffs in that litigation. A nationwide injunction, which would have raised its own enforceability concerns, was not included in the Court’s ruling.
The Court focused on three aspects of the CTA. First, the Court highlighted that the CTA imposes requirements on corporate formation, which is traditionally left to state governments as matters of internal state law. Second, the Court observed that the CTA applies to corporate entities even if the entity conducts purely intrastate commercial activities or no commercial activities at all. Third, the Court concluded that the CTA’s disclosure requirements could not be justified as a data-collection tool for tax officials as that would raise the specter of “unfettered legislative power.”
What the Decision Means for Entities Subject to the CTA
The Court’s decision creates uncertainty on entities’ ongoing obligations under the CTA. Although the Court purported to limit its injunction to the parties in the litigation before it, the lead plaintiff in the suit is the National Small Business Association (NSBA). In its opinion, the Court held that the NSBA had associational standing to sue on behalf of its members. Based on precedent, this means the Court’s injunction likely benefits all of the NSBA’s over 65,000 members. If so, the government is prevented from enforcing the CTA’s reporting requirements against any entity that is a member of the NSBA.
Regardless of membership in the NSBA, however, the Court’s declaratory judgment that the CTA is unconstitutional also raises serious doubts about the government’s ability to enforce the CTA’s reporting requirements. This could amount to a de facto moratorium on CTA enforcement, depending on the government’s view of the decision.
What Happens Next
The government will likely appeal this decision, but the Court’s injunction and declaration will remain in effect unless a stay is granted. To receive a stay, the government will first likely need to file a motion in the district court, which will consider (1) how likely it is that the government will succeed on appeal; (2) whether the government will be irreparably harmed without a stay; (3) whether a stay will injure other parties interested in the litigation; and (4) whether a stay would benefit the public interest. If the district court denies a stay, the government will be able to seek a stay from the Atlanta-based United States Court of Appeals for the Eleventh Circuit.
The government has 60 days to appeal, though it will likely file its appeal sooner given the grant of an injunction and decision’s far-reaching consequences. The grant or denial of stay should be resolved in the coming weeks, but the timing of any final decision from the Court of Appeals is uncertain. In 2023, the median time for the Eleventh Circuit to resolve a case was over 9 months. However, the key deadline by which tens of millions of companies otherwise must file their initial report under the CTA is January 1, 2025.
Six companies have now made Item 1.05 Form 8-K filings. Three of these companies also have amended their first Form 8-K filings to provide additional detail regarding subsequent events. The remainder of the filings seem self-contained such that no amendment is necessary, but these companies may amend at a later date. In general, the descriptions of the cybersecurity incidents have been written at a high level and track the requirements of the new rules without much elaboration. It is interesting, but perhaps coincidental, that the filings seem limited to two broad industry groups: technology and financial services. In particular, two of the companies are bank holding companies.
Although several companies have now made reports under the new rules, the sample space may still be too small to draw any firm conclusions or decree what is “market.” That said, several of the companies that have filed an 8-K under Item 1.05 have described incidents and circumstances that do not seem to be financially material to the particular companies. We are aware of companies that have made materiality determinations in the past on the basis of non-financial qualitative factors when impacts of a cyber incident are otherwise quantitatively immaterial, but these situations are more the exception than the rule.
There is also a great deal of variability among the forward-looking statement disclaimers that the companies have included in the filings in terms of specificity and detail. Such a disclaimer is not required in a Form 8-K, but every company to file under Item 1.05 to date has included one. We believe this practice will continue.
Since the effectiveness of the new rules, a handful of companies have filed Form 8-K filings to describe cybersecurity incidents under Item 8.01 (“Other Events”) instead of Item 1.05. These filings have approximated the detail of what is required under Item 1.05. It is not immediately evident why these companies chose Item 8.01, but presumably the companies determined that the events were immaterial such that no filing under Item 1.05 was necessary at the time of filing. Of course, the SEC filing is one piece of a much larger puzzle when a company is working through a cyber incident and related remediation. It remains to be seen how widespread this practice will become. To date, the SEC staff has not publicly released any comment letters critiquing any Form 8-K cyber filing under the new rules, but it is still early in the process. The SEC staff usually (but not always) makes its comment letters and company responses to those comment letters public on the SEC’s EDGAR website no sooner than 20 business days after it has completed its review. With many public companies now also making the new Form 10-K disclosure on cybersecurity, we anticipate the staff will be active in providing guidance and commentary on cybersecurity disclosures in the coming year.
The AISIC is currently composed of over 200 members representing industry, academia, labor, and civil society.
The consortium may play an important role in implementing key provisions of President Joe Biden’s executive order on AI, including the development of guidelines on red-team testing[1] for AI and the creation of a companion resource to the AI Risk Management Framework.
Introduction: “First-Ever Consortium Dedicated to AI Safety” Launches
On February 8, 2024, the Department of Commerce announced the creation of the US AI Safety Institute Consortium (AISIC), a multistakeholder body housed within the National Institute of Standards and Technology (NIST). The purpose of the AISIC is to facilitate the development and adoption of AI safety standards and practices.
The AISIC has brought together over 200 organizations from industry, labor, academia, and civil society, with more members likely to join in the coming months.
Biden AI Executive Order Tasks Commerce Department with AI Safety Efforts
On October 30, 2023, President Joe Biden signed a wide-ranging executive order on AI (“AI EO”). This executive order has mobilized agencies across the federal bureaucracy to implement policies, convene consortiums, and issue reports on AI. Among other provisions, the AI EO directs the Department of Commerce (DOC) to establish “guidelines and best practices, with the aim of promoting consensus…[and] for developing and deploying safe, secure, and trustworthy AI systems.”
Responding to this mandate, the DOC established the US Artificial Intelligence Safety Institute (AISI) in November 2023. The role of the AISI is to “lead the U.S. government’s efforts on AI safety and trust, particularly for evaluating the most advanced AI models.” Concretely, the AISI is tasked with developing AI safety guidelines and standards and liaising with the AI safety bodies of partner nations.
The AISI is also responsible for convening multistakeholder fora on AI safety. It is in pursuance of this responsibility that the DOC has convened the AISIC.
The Responsibilities of the AISIC
“The U.S. government has a significant role to play in setting the standards and developing the tools we need to mitigate the risks and harness the immense potential of artificial intelligence,” said DOC Secretary Gina Raimondo in a statement announcing the launch of the AISIC. “President Biden directed us to pull every lever to accomplish two key goals: set safety standards and protect our innovation ecosystem. That’s precisely what the U.S. AI Safety Institute Consortium is set up to help us do.”
To achieve the objectives set out by the AI EO, the AISIC has convened leading AI developers, research institutions, and civil society groups. At launch, the AISIC has over 200 members, and that number will likely grow in the coming months.
According to NIST, members of the AISIC will engage in the following objectives:
Guide the evolution of industry standards on the development and deployment of safe, secure, and trustworthy AI.
Develop methods for evaluating AI capabilities, especially those that are potentially harmful.
Encourage secure development practices for generative AI.
Ensure the availability of testing environments for AI tools.
Develop guidance and practices for red-team testing and privacy-preserving machine learning.
Create guidance and tools for digital content authentication.
Encourage the development of AI-related workforce skills.
Conduct research on human-AI system interactions and other social implications of AI.
Facilitate understanding among actors operating across the AI ecosystem.
To join the AISIC, organizations were instructed to submit a letter of intent via an online webform. If selected for participation, applicants were asked to sign a Cooperative Research and Development Agreement (CRADA)[2] with NIST. Entities that could not participate in a CRADA were, in some cases, given the option to “participate in the Consortium pursuant to separate non-CRADA agreement.”
While the initial deadline to submit a letter of intent has passed, NIST has provided that there “may be continuing opportunity to participate even after initial activity commences for participants who were not selected initially or have submitted the letter of interest after the selection process.” Inquiries regarding AISIC membership may be directed to this email address.
Conclusion: The AISIC as a Key Implementer of the AI EO?
While at the time of writing NIST has not announced concrete initiatives that the AISIC will undertake, it is likely that the body will come to play an important role in implementing key provisions of Biden’s AI EO. As discussed earlier, NIST created the AISI and the AISIC in response to the AI EO’s requirement that DOC establish “guidelines and best practices…for developing and deploying safe, secure, and trustworthy AI systems.” Under this general heading, the AI EO lists specific resources and frameworks that the DOC must establish, including:
It is premature to assert that either the AISI or the AISIC will exclusively carry out these goals, as other bodies within the DOC (such as the National AI Research Resource) may also contribute to the satisfaction of these requirements. That being said, given the correspondence between these mandates and the goals of the AISIC, along with the multistakeholder and multisectoral structure of the consortium, it is likely that the AISIC will play a significant role in carrying out these tasks.
We will continue to provide updates on the AISIC and related DOC AI initiatives. Please feel free to contact us if you have questions as to current practices or how to proceed.
Endnotes
[1] As explained in our July 2023 newsletter on Biden’s voluntary framework on AI, “red-teaming” is “a strategy whereby an entity designates a team to emulate the behavior of an adversary attempting to break or exploit the entity’s technological systems. As the red team discovers vulnerabilities, the entity patches them, making their technological systems resilient to actual adversaries.”
