SEC’s Office of Compliance Inspections and Examinations Releases 2019 Examination Priorities

On Dec. 20, 2018, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) issued its annual Examination Priorities for 2019 (Exam Priorities), which is available for download here. The Exam Priorities focus around six thematic areas: (1) Retail Investors, including seniors and those saving for retirement; (2) Registrants responsible for critical market infrastructure; (3) FINRA and MSRB; (4) Digital Assets; (5) Cybersecurity; and (6) Anti-Money Laundering (AML) Programs.

As in the past, OCIE notes that their priorities are not exhaustive. The scope of any examination is determined through a risk-based approach that includes analysis of the registrant’s operations and products offered. For example, OCIE typically examines the disclo­sure of services, fees, expenses, conflicts of interest for investment advisers, and trading and execution quality issues for broker-dealers. OCIE is continually evaluating changes in market conditions, industry practices, and investor preferences to assess risks to both investors and the markets.

In connection with OCIE’s priority to protect retail investors, OCIE reviews retail fees and expenses paid by investors, conflicts of interest of industry personnel, treatment of senior investors and the advertising and suitability of retirement products, portfolio management and trading, operations of and the selection of mutual funds and ETFs, procedures of municipal advisors, procedures for broker-dealers entrusted with customer assets, and microcap securities.

OCIE also continues to prioritize critical market registrants impacting the safety and operation of our financial markets, including clearing agencies, entities subject to Regulation SCI, transfer agents, and national securities exchanges.

Finally, OCIE will prioritize examinations of the effectiveness of FINRA and MSRB, which are assigned the responsibility for certain aspects of investor protection. OCIE also will conduct inspections to gather information and evaluate practices affecting digital assets, cybersecurity, and AML programs (especially broker-dealers subject to express obligations and SAR filing obligations).

Overall, OCIE noted that although changes to its priorities may be continual, OCIE’s analytic efforts and examinations remain firmly grounded in its four pillars: promoting compliance, preventing fraud, identifying and monitoring risk, and informing policy.

 

©2019 Greenberg Traurig, LLP. All rights reserved.
This article was written by Arthur Don and Vincent Lewis of Greenberg Traurig, LLP.

Supreme Court Resolves Constitutionality of SEC’S ALJ Appointments — Now What?

Last week, the United States Supreme Court settled a circuit split regarding the constitutionality of the appointment of Administrative Law Judges (“ALJs”) by the Securities and Exchange Commission (“SEC” or the “Commission”).  In Lucia v. SEC, the Court held that the Commission’s five ALJs are “officers” subject to the Constitution’s Appointments Clause, which requires officers to be appointed by the President, “Courts of Law,” or “Heads of Departments.”  And because the SEC’s ALJs were hired by the agency’s staff, the Court reasoned, their appointments were unconstitutional.  The SEC reacted quickly, immediately issuing an order staying all pending administrative proceedings, the constitutionality of which is now unclear.

The Road to the Supreme Court

The Supreme Court’s decision arose from an SEC administrative proceeding against radio personality Raymond Lucia, charging him with violations of the Investment Advisers Act.  An ALJ, Cameron Elliot, heard the case and issued an initial decision finding against Lucia.  Lucia appealed to the SEC, arguing that because ALJ Elliott had not been constitutionally appointed, he lacked authority to issue such findings.  The SEC disagreed and affirmed the initial decision, prompting Lucia to appeal to the D.C. Circuit Court of Appeals.  Siding with the SEC, the D.C. Circuit held that SEC ALJs are not “inferior officers,” as Lucia argued, but rather “employees,” and therefore not subject to Appointments Clause requirements.  Meanwhile, in a similar case, Bandimere v. SEC, the Tenth Circuit reached the opposite conclusion, creating a circuit split requiring Supreme Court resolution.

The Ruling

In last week’s majority opinion, authored by Justice Kagan, the Court applied a test articulated in Freytag v. Commissioner, 501 U.S. 868 (1991) for distinguishing between officers and employees for Appointments Clause purposes.  In concluding that SEC ALJs are officers, the Court relied on the following facts: (1) they have career appointments and hold a continuing office established by law; (2) they exercise “significant discretion” when carrying out “important functions,” such as taking testimony, receiving evidence, examining witnesses, and enforcing discovery orders; and (3) when the SEC declines to review an ALJ’s initial decision, it becomes final and is deemed the action of the Commission.  In short, the Court held, the SEC’s ALJs are “near carbon copies” of the tax court judges found to be “officers” in Freytag.

Issues Left Unresolved

While the decision clearly settles the matter for Mr. Lucia, it leaves a number of issues unresolved, and its broader implications remain unclear.

Validity of SEC’s Prior Ratification

The biggest question left unanswered is whether the SEC’s attempt last year to cure any constitutional defect in its appointments scheme was sufficient.  While Luciawas pending before the Court, the Commission issued an order “ratifying” the prior appointments of its ALJs.  (See our prior blog post for additional discussion).  Lucia argued that the ratification was invalid and that the action did not in fact resolve the appointment defect.  The Court, however, declined to address this argument, noting in a footnote that the SEC had not indicated whether it intended to “assign Lucia’s case on remand to an ALJ whose claim to authority rests on the ratification order. The SEC may decide to conduct Lucia’s rehearing itself.  Or it may assign the hearing to an ALJ who has received a constitutional appointment independent of the ratification.”  The Court’s observation could be taken to suggest that the SEC’s ratification of the prior ALJ appointments did not in fact satisfy the Appointments Clause.  Perhaps in recognition of that possibility, the SEC promptly issued an order staying for thirty days, or until further other from the Commission, all of its pending administrative proceedings, including those in which an ALJ has already issued a decision.  The Commission presumably is now evaluating whether it needs to go beyond ratification to immunize its administrative proceedings from further constitutional attack.

Impact on Other Agencies

Another open question concerns the impact on other agencies’ administrative proceedings.  At oral argument, Justices Breyer and Sotomayor expressed concern that, if the Court were to rule in Lucia’s favor, proceedings in other federal agencies could be undermined as well.   While the majority opinion is silent on that question, Justice Breyer warned in his concurrence that the majority’s approach “risks . . . unraveling, step-by-step, the foundations of the Federal Government’s administrative adjudication system as it has existed for decades.”

ALJ Removal

Last, as noted in Justice Breyer’s concurrence, the Court’s decision raises questions about the constitutionality of limitations on ALJ removal under the Administrative Procedures Act (“APA”).   The APA provides that ALJs may only be removed “for cause.”  But if an SEC ALJ is a constitutional “officer,” that limitation may be invalid, as duly appointed officers are subject to removal at will.  Justice Breyer observed that, if ALJs are vulnerable to removal at any time, it could transform them “from independent adjudicators into dependent decisionmakers, serving at the pleasure of the Commission,” and therefore raise fundamental doubts about the legitimacy of their decisions.

Next Steps

As a result of the Court’s decision, Lucia himself will be entitled to a new hearing before a properly appointed ALJ or the Commission itself.  Given the questions that the Court declined to answer, and the SEC’s decision to temporarily stay its proceedings, however, we can expect further developments and continuing litigation in this area in the days and years to come.

 

© Copyright 2018 Squire Patton Boggs (US) LLP
For more coverage of the Supreme Court, see the National Law Review’s Litigation Page.

SEC Issues Updated Disclosure Guidance on Cybersecurity

On February 21, 2018, the U.S. Securities and Exchange Commission (“SEC”) issued updated interpretative guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents. The updated guidance reinforces and expands upon the prior guidance on cybersecurity disclosures issued by the SEC’s Division of Corporation Finance in October 2011. In addition to highlighting the disclosure requirements under the federal securities laws that public companies must pay particular attention to when considering their disclosure obligations with respect to cybersecurity risks and incidents, the updated guidance (1) emphasizes the importance of maintaining comprehensive policies and procedures related to cybersecurity risks and incidents, and (2) discusses the application of insider trading prohibitions and Regulation FD and selective disclosure prohibitions in the cybersecurity context. The guidance specifically notes that the SEC continues to monitor cybersecurity disclosures carefully through its filing review process.

Cybersecurity-Related Disclosures

Timely Disclosure of Material Nonpublic Information

In determining disclosure obligations regarding cybersecurity risks and incidents, companies should analyze the potential materiality of any identified risk and, in the case of incidents, the importance of any compromised information and the impact of the incident on the company’s operations. When assessing the materiality of cybersecurity risks or incidents, the SEC notes that the following factors, among others, should be considered:

  • Nature, extent, and potential magnitude (particularly as it relates to any compromised information or the business and scope of company operations), and
  • Range of possible harm, including harm to the company’s reputation, financial performance, customer and vendor relationships, and possible litigation or regulatory investigations (both foreign and domestic).

When companies become aware of a cybersecurity incident or risk that would be material to investors, the SEC expects companies to disclose such information in a timely manner and sufficiently prior to the offer and sale of securities. In addition, steps should be taken to prevent directors and officers (and other corporate insiders aware of such information) from trading in the company’s securities until investors have been appropriately informed about the incident or risk. Importantly, the SEC states that an ongoing internal or external investigation regarding a cybersecurity incident “would not on its own provide a basis for avoiding disclosure of a material cybersecurity incident.”

Risk Factors

In evaluating cybersecurity risk factor disclosure, the guidance encourages companies to consider the following:

  • the occurrence of prior cybersecurity incidents, including severity and frequency;
  • the probability of the occurrence and potential magnitude of cybersecurity incidents;
  • the adequacy of preventative actions taken to reduce cybersecurity risks and the associated costs, including, if appropriate, discussing the limits of the company’s ability to prevent or mitigate certain cybersecurity risks;
  • the aspects of the company’s business and operations that give rise to material cybersecurity risks and the potential costs and consequences of such risks, including industry-specific risks and third party supplier and service provider risks;
  • the costs associated with maintaining cybersecurity protections, including, if applicable, insurance coverage relating to cybersecurity incidents or payments to service providers;
  • the potential for reputational harm;
  • existing or pending laws and regulations that may affect the requirements to which companies are subject relating to cybersecurity and the associated costs to companies; and
  • litigation, regulatory investigation, and remediation costs associated with cybersecurity incidents.

The guidance also notes that effective communication of cybersecurity risks may require disclosure of previous or ongoing cybersecurity incidents, including incidents involving suppliers, customers, competitors and others.

MD&A of Financial Condition and Results of Operations

The guidance reminds companies that MD&A disclosure of cybersecurity matters may be necessary if the costs or other consequences associated with such matters represent a material event, trend or uncertainty that is reasonably likely to have a material effect on the company’s operations, liquidity or financial condition or would cause reported financial information not to be necessarily indicative of future results. Among other matters, the cost of ongoing cybersecurity efforts (including enhancements to existing efforts), the costs and other consequences of cybersecurity incidents, and the risks of potential cybersecurity incidents could inform a company’s MD&A analysis. In addition to the immediate costs incurred in connection with a cybersecurity incident, companies should also consider costs associated with:

  • loss of intellectual property;
  • implementing preventative measures;
  • maintaining insurance;
  • responding to litigation and regulatory investigations;
  • preparing for and complying with proposed or current legislation;
  • remediation efforts; and
  • addressing harm to reputation and the loss of competitive advantage.

The guidance further notes that the impact of cybersecurity incidents on each reportable segment should also be considered.

Business and Legal Proceedings

Companies are reminded that disclosure may be called for in the (1) Business section of a company’s SEC filings if cybersecurity incidents or risks materially affect a company’s products, services, relationships with customers or suppliers, or competitive conditions, and (2) Legal Proceedings section if a cybersecurity incident results in material litigation against the company.

Financial Statement Disclosures

The SEC expects that a company’s financial reporting and control systems would be designed to provide reasonable assurance that information about the range and magnitude of the financial impacts of a cybersecurity incident would be incorporated into its financial statements on a timely basis as the information becomes available. The guidance provides the following examples of ways that cybersecurity incidents and risks may impact a company’s financial statements:

  • expenses related to investigation, breach notification, remediation and litigation, including the costs of legal and other professional services;
  • loss of revenue, providing customers with incentives or a loss of customer relationship assets value;
  • claims related to warranties, breach of contract, product recall/replacement, indemnification of counterparties, and insurance premium increases; and
  • diminished future cash flows, impairment of intellectual, intangible or other assets; recognition of liabilities; or increased financing costs.

Board Risk Oversight

The securities laws require a company to disclose the extent of its board of directors’ role in the risk oversight of the company, including how the board administers its oversight function and the effect this has on the board’s leadership structure. To the extent cybersecurity risks are material to a company’s business, the disclosure should include the nature of the board’s role in overseeing management of that risk.

Cybersecurity-Related Policies and Procedures

Disclosure Controls and Procedures

The guidance encourages companies to adopt comprehensive policies and procedures related to cybersecurity and to regularly assess their compliance. Companies should evaluate whether they have sufficient disclosure controls and procedures in place to ensure that relevant information about cybersecurity risks and incidents is processed and reported to the appropriate personnel to enable senior management to make disclosure decisions and certifications and to facilitate policies and procedures designed to prohibit directors, officers, and other corporate insiders from trading on the basis of material nonpublic information about cybersecurity risks and incidents. Controls and procedures should enable companies to identify cybersecurity risks and incidents, assess and analyze their impact on a company’s business, evaluate the significance associated with such risks and incidents, provide for open communications between technical experts and disclosure advisors, and make timely disclosures regarding such risks and incidents.

The certifications and disclosures regarding the design and effectiveness of a company’s disclosure controls and procedures should take into account the adequacy of controls and procedures for identifying cybersecurity risks and incidents and for assessing and analyzing their impact. In addition, to the extent cybersecurity risks or incidents pose a risk to a company’s ability to record, process, summarize, and report information that is required to be disclosed in filings, management should consider whether there are deficiencies in disclosure controls and procedures that would render them ineffective.

Insider Trading

Companies and their directors, officers, and other corporate insiders should be mindful of compliance with insider trading laws in connection with information about cybersecurity risks and incidents, including vulnerabilities and breaches. The guidance urges companies to consider how their code of ethics and insider trading policies take into account and prevent trading on the basis of material nonpublic information related to cybersecurity risks and incidents. Specifically, the guidance suggests that as part of the overall investigation and assessment during significant cybersecurity incidents, companies should consider whether and when it may be appropriate to implement restrictions on insiders trading in their securities to avoid the appearance of improper trading during the period following a cybersecurity incident and prior to the dissemination of disclosure.

Regulation FD and Selective Disclosure

Companies are expected to have policies and procedures in place to ensure that any disclosures of material nonpublic information related to cybersecurity risks and incidents are not made selectively, and that any Regulation FD required public disclosure is made simultaneously (in the case of an intentional disclosure) or promptly (in the case of a non-intentional disclosure) and is otherwise compliant with the requirements of Regulation FD.

 

© 2018 Jones Walker LLP
This post was written by Monique A. Cenac and Brett Beter of Jones Walker LLP.

Supreme Court Limits Scope of Dodd-Frank Whistleblower Protections

On February 21, the US Supreme Court decided Digital Realty Trust, Inc. v. Somers (583 U.S. ____ (2018)), which resolved a circuit split related to whether the anti-retaliation provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act, 124 Stat. 1376 (Dodd-Frank) extend to individuals who have not reported a securities law violation to the Securities and Exchange Commission and, therefore, falls outside of Dodd-Frank’s definition of a “whistleblower.”

Paul Somers alleged that Digital Realty Trust, Inc. (Digital Realty) terminated his employment shortly after reporting suspected securities-law violations to the company’s senior management. Somers filed a case in the US District Court for the Northern District of California (District Court) alleging that his termination amounted to whistleblower retaliation under Dodd-Frank. Digital Realty moved to dismiss the claim on the grounds that Somers did not qualify as a “whistleblower” for purposes of Dodd-Frank because (1) the statute defines a “whistleblower” as someone “who provides . . . information relating to a violation of the securities laws to the [SEC];” and (2) Somers failed to report the allegations to the SEC prior to his termination. The District Court denied Digital Realty’s motion and the Ninth Circuit affirmed on the grounds that Dodd-Frank’s whistleblower protections should be read to protect employees regardless of whether they provide information to the SEC.

Reversing the District Court and the Ninth Circuit, Justice Ruth Bader Ginsburg, writing for the Court, explained that Dodd-Frank’s whistleblower retaliation provisions do not extend to an individual who has not reported alleged securities law violations to the SEC. Citing Dodd-Frank’s definition of a “whistleblower,” the Court determined that the statute explicitly required an individual to report such violations to the SEC in order to receive whistleblower protections. The Court found this interpretation of the whistleblower definition to be corroborated by Dodd-Frank’s intended purpose of motivating individuals to report securities law violations directly to the SEC.

The text of the decision is available here.

©2018 Katten Muchin Rosenman LLP
Read more Litigation news on the National Law Review Litigation page.

SEC Observations from Recent Cybersecurity Examinations Identify Best Practices

The SEC continues to focus on cybersecurity as an area of concern within the investment management industry.

On August 7, the US Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert summarizing its observations from a recent cybersecurity-related examination of 75 firms—including broker-dealers, investment advisers, and investment companies (“funds”) registered with the SEC.

The SEC staff has made it clear that cybersecurity remains a high priority and is likely to be an area of continued scrutiny with the potential for enforcement actions. During a recent interview,[1] the SEC’s co-directors of Enforcement, Stephanie Avakian and Steven Peikin, stated their belief that “[t]he greatest threat to our markets right now is the cyber threat.” This pronouncement follows on the heels of OCIE’s identification of cybersecurity as one of its examination priorities for 2017,[2] OCIE’s release of a Risk Alert on the “WannaCry” ransomware virus,[3] and several significant Regulation S-P enforcement actions involving firms that failed to adequately protect customer information.[4]

This LawFlash details OCIE’s observations from its recent cybersecurity-related examination that were discussed in its Risk Alert.

OCIE’s Examination Identifies Common Issues

OCIE staff observed common issues in a majority of the firms and funds subject to examination. These common issues include the following:

  • Failure to reasonably tailor policies and procedures. Specifically, the examination found issues with policies and procedures that

    • incorporated only general guidance;

    • identified limited examples of safeguards for employees to consider; and

    • did not articulate specific procedures to implement policies.

  • Failure to adhere to or enforce policies and procedures. In some cases, policies and procedures were confusing or did not reflect a firm’s actual practices, including in the following areas:

    • Annual customer protection reviews not actually conducted on an annual basis

    • Policies providing for ongoing reviews to determine whether supplemental security protocols were appropriate performed only annually, or not at all

    • Policies and procedures creating contradictory or confusing instructions for employees[5]

    • Firms not appearing to adequately ensure that cybersecurity awareness training was provided and/or failing to take action where employees did not complete required cybersecurity training

  • Regulation S-P issues among firms that did not appear to adequately conduct system maintenance. Because Regulation S-P was enacted to safeguard the privacy of customer information, OCIE observed that issues arose where firms failed to install software patches to address security vulnerabilities and other operational safeguards to protect customer records and information.

  • Failure to fully remediate some of the high-risk observations that firms discovered when they conducted penetration tests and vulnerability scans.

Cyber Best Practices and Other Observations

OCIE identified elements of what it viewed as “robust” cybersecurity policies and procedures from its examinations. Such elements should be considered as best practices and instructive for broker-dealers, investment advisers, and funds in implementing, assessing, and/or enhancing existing cybersecurity-related policies and procedures. Such elements are as follows:

  • Maintenance of data, information, and vendor inventory, including risk classifications

  • Detailed cybersecurity-related instructions, including instructions related to penetration tests, access rights, and reporting guidelines for lost, stolen, or unintentionally disclosed sensitive information

  • Maintenance of prescriptive schedules and processes for testing data integrity and vulnerabilities, including patch management policies

  • Access controls for data and systems

  • Mandatory employee training upon onboarding and periodically thereafter

  • Engaged senior management

OCIE staff noted an overall improvement in firms’ awareness of cyber-­related risks and the implementation of certain cybersecurity practices since its previous Cybersecurity 1 Initiative.[6] Most notably, all broker-dealers, all funds, and nearly all investment advisers in the more recent examinations maintain written policies and procedures related to cybersecurity that address the protection of customer/shareholder records and information. This finding is in contrast to the Cybersecurity 1 Initiative, where OCIE found that comparatively fewer broker-dealers and investment advisers had adopted this type of written policies and procedures.

OCIE staff also noted the following:

  • Nearly all broker-dealers and many investment advisers and funds conducted periodic risk assessments, penetration tests, and vulnerability scans.

  • All broker-dealers and nearly all investment advisers and funds had a process in place for ensuring regular system maintenance.

  • All firms utilized some form of system, utility, or tool to prevent, detect, and monitor data loss as it relates to personally identifiable information.

  • All broker-dealers and a majority of investment advisers and funds maintained cybersecurity organizational charts and/or identified and described cybersecurity roles and responsibilities for the firms’ workforces.

  • Almost all firms either conducted vendor risk assessments or required that vendors provide the firms with risk management and performance reports (i.e., internal and/or external audit reports) and security reviews or certification reports.

  • Information protection programs at the firms typically included relevant cyber-related policies and procedures as well as incident response plans.

Key Takeaways

SEC-registered broker-dealers, investment advisers, and funds should evaluate their policies and procedures to determine whether there are gaps or areas that could be improved based on OCIE’s articulation of best practices. Firms and funds should further evaluate their policies and procedures to ensure that they reflect actual practices and are reasonably tailored to the particular firm’s business. As OCIE notes, effective cybersecurity requires a tailored and risk-based approach to safeguard information and systems.[7]

This post was written by Mark L. Krotoski,  Merri Jo Gillette , Sarah V. Riddell Martin Hirschprung and  Jennifer L. Klass of Morgan, Lewis & Bockius LLP.

Read more legal analysis at The National Law Review.


[1] Sarah Lynch, Exclusive: New SEC Enforcement Chiefs See Cyber Crime as Biggest Market Threat, Reuters.com (Jun. 8, 2017).

[2] OCIE, Examination Priorities for 2017 (Jan. 12, 2017).

[3] National Exam Program Risk Alert, Cybersecurity: Ransomware Alert (May 17, 2017).

[4] In re Morgan Stanley Smith Barney LLC, Exchange Act Release No. 78021, Advisers Act Release No. 4415 (Jun. 8, 2016); In re R.T. Jones Capital Equities Management Inc., Advisers Act Release No. 4204 (Sept. 22, 2015); and In re Craig Scott Capital LLC, Exchange Act Release No. 77595 (Apr. 12, 2016).

[5] OCIE provides an example of confusing policies regarding remote customer access that appeared to be inconsistent with those for investor fund transfers, making it unclear to employees whether certain activity was permissible based on the policies.

[6] See, e.g., OCIE Cybersecurity Initiative (Apr. 15, 2014); see also National Exam Program Risk Alert, Cybersecurity Examination Sweep Summary (Feb. 3, 2015).

[7] For example, the National Institute of Standards and Technology Cybersecurity Framework 1.0 (Feb. 12, 2014) provides a useful flexible approach to assess and manage cybersecurity risk.

Using “Finders” to Find Capital: Avoiding Problems for Your Company

Raising money for your startup can be hard. Not every entrepreneur can walk into Silicon Valley with a business idea and walk out with multiple VC term sheets in hand. Sometimes the only path to financing your startup is through the hard work of pitching and cobbling together a group of angels and other individual investors. But that path takes time and can be frustrating. Potential investors may hesitate to commit or, even worse, give you the dreaded “you’re-too-early-for-us” response. The offer from a “finder” to introduce you to investors with cash sounds attractive. Why not, right? What’s the downside?

You can use a finder if their role is limited and their compensation is structured properly. But you can cause major problems for yourself and the finder if they’re too involved and paid commissions on the money raised. These are activities that only registered broker-dealers (persons or firms engaged in the business of buying and selling securities for themselves or others) can engage in. If your company uses a finder acting as a broker-dealer, you might find your fundraising round unraveling, and your finder might find themselves in trouble with the Securities and Exchange Commission (SEC).

A “true” finder

A “true” finder can be OK if they limit their role to making introductions, receive a flat or hourly consulting fee that is not contingent on the success of the offering, and avoid any active role in negotiating and completing the investment. Finders acting in this very limited capacity are not considered broker-dealers. As a result, true finders are largely unregulated under the securities laws and need not be registered with the state or federal government as broker-dealers. This area is murky, however, because there are not clear regulations and the rules of the road have been developed in court cases and case-by-case “no-action” letters from the SEC.

The real problem is that many finders do not limit their activities to mere introductions. These finders end up assisting in structuring and negotiating the offering, providing advice regarding the offering and investment, and even encouraging and inducing investors to invest. These activities make them a “broker” under the securities laws, and federal and state governments require that brokers be registered. Often the finder is not registered as a broker.

Finders also prefer success-based compensation, calculated as a percentage of the funds raised by the company, and companies prefer to pay finders only if and when they’re successful in helping to raise capital. Both courts and the SEC, however, take the position that such success-based compensation (also referred to as transaction-based compensation) is the telltale factor indicating whether a finder is acting as an unregistered broker-dealer.

So, what’s the risk?

For the company, using an unregistered broker-dealer to assist with an offering could create a rescission right in favor of the investors. If investors succeed in rescinding their investments, the company must return their money. For the finder acting as an unregistered broker-dealer, they could be subject to severe SEC sanctions and the company could void the finder’s engagement agreement, requiring return of the finder’s compensation. Moreover, even if a finder’s activities and compensation are perfectly legal, the relationship alone can still give rise to problems for the company. Any financial relationship with a finder must be disclosed to investors and listed on the company’s Form D filed with the SEC and state securities departments. Disclosure of such a relationship, again, even if perfectly legal, may nevertheless prompt some states to initiate an investigation.

The situation in Michigan, however, is even murkier. In the recent case Pransky v. Falcon Group, the Michigan Court of Appeals held that a “finder” as defined in the Michigan Uniform Securities Act, was not required to be registered with and regulated by the State of Michigan, even where the company agreed to pay success-based compensation. Michigan companies and finders, however, should not take the opinion as a green light to engage in a finder relationship, structured with success-based compensation, without fear of regulatory oversight. The trial court initially dismissed the case on summary judgment, and as a result there was no evidence in the record of whether or not the finder’s activities went beyond mere introductions. In addition, some commentators have criticized the court’s decision. Perhaps sensing such impending criticism, the Court of Appeals, in a footnote, cautioned that the “better course of action would be for finders acting pursuant to similar contracts to protect themselves by registering, at the very least, as broker-dealers; the line between a finder’s activities and that of a broker-dealer…is a thin one and persons acting under such contracts without being registered are inviting litigation.”

The bottom line

Using finders for raising capital is not the easy solution it appears to be at first glance. Worse yet, it can lead to significant problems. As the saying goes, nothing worth having is easy. If you don’t have a VC-backable business, you may have an even harder time raising capital than most. Regardless, when it comes to raising money for your startup, be your own “finder”. Network, hustle, and tell your story. No one is more effective than you at explaining your business and the investment opportunity.

For more legal analysis check out the National Law Review.

This post was written by Matthew W. Bower of  Varnum LLP.

Chairman Clayton Outlines His “Guiding Principles” for SEC

In remarks to the Economic Club of New York on July 12, 2017, SEC Chairman Jay Clayton outlined eight guiding principles for his chairmanship and identified certain areas in which such principles could be put into practice.  Chairman Clayton’s remarks – his first public speech as SEC Chairman – indicated his interest in, among other things, creating a Fixed Income Market Structure Advisory Committee to give advice to the SEC on regulatory issues impacting fixed income markets and coordinating with the U.S. Department of Labor (DoL) to bring “clarity and consistency” to the issue of standards of conduct for investment professionals, noting the DoL’s Fiduciary Rule is now partially in effect.

Guiding Principles

Clayton stated that the following principles will guide his SEC chairmanship:

• Principle 1: “The SEC’s mission is our touchstone.” Chairman Clayton stated that each tenet of the SEC’s three-part mission – (1) to protect investors, (2) to maintain fair, orderly, and efficient markets, and (3) to facilitate capital formation – is critical.

• Principle 2: “Our analysis starts and ends with the long-term interests of the Main Street investor.”  According to the Chairman, an assessment of whether the SEC is abiding by its threepart mission must focus on the impact of its actions on “Mr. and Ms. 401(k)” and whether the SEC’s actions further the long-term interests of such investors.

• Principle 3: “The SEC’s historic approach to regulation is sound.” The SEC’s regulatory approach, focusing on disclosure and materiality, and using the SEC’s “extensive enforcement capabilities” as a “back-stop” to disclosure rules and oversight systems, is sound. In expressing his support for disclosure-based rules, Clayton asserted that informed decision-making by investors supports more accurate valuations of securities and more efficient allocation of capital.  As to the “back-stop,” the anti-fraud regime established by Congress and the SEC, Clayton noted the government’s “extensive enforcement capabilities on those who try to circumvent established investor protections or otherwise engage in deceptive or manipulative acts in the markets.”  Taking the foregoing into account, Chairman Clayton maintained that “wholesale changes” to the SEC’s fundamental regulatory approach would “not make sense.”

• Principle 4: “Regulatory actions drive change, and change can have lasting effects.”  Although Chairman Clayton endorsed the disclosure-based regime of the SEC, he cautioned that the incremental impact of regulatory changes to this regime has included a significantly expanded scope of required disclosures “beyond the core concept of materiality.”  He cited increased disclosure as among the factors that may make alternatives for raising capital increasingly attractive for small and medium-sized companies.  Chairman Clayton added that fewer small and mediumsized public companies may mean less liquid trading markets for those that remain public and, to the extent companies are not raising capital in public markets,  “the vast majority of Main Street investors will be unable to participate in their growth.”

• Principle 5: “As markets evolve, so must the SEC.”  Noting that technology and innovation are changing the way markets work and investors transact, Chairman Clayton stated that the SEC must take this “dynamic atmosphere” into account and “strive to ensure that our rules and operations reflect the realities of our capital markets.”   Further to this point, Clayton remarked that the evolution of capital markets presents opportunities for regulatory improvements and efficiencies and noted that the SEC is “adapting machine learning and artificial intelligence to new functions, such as analyzing regulatory filings.” Chairman Clayton cautioned, however, that implementing regulatory change has costs, including the “significant resources” spent by companies to build compliance systems.

• Principle 6: “Effective rulemaking does not end with rule adoption.”  Chairman Clayton stated that the SEC should review its rules “retrospectively,” and listen to investors and others as to areas in which rules are, or are not, functioning as intended.

• Principle 7: “The costs of a rule now often include the cost of demonstrating compliance.”  Chairman Clayton noted that the SEC must ensure that, at the time of adoption, the SEC has a “realistic version for how rules will be implemented,” as well as how the SEC will examine for compliance.  In this regard, according to Clayton, “[v]aguely worded rules can too easily lead to subpar compliance solutions or an overinvestment in control systems.”

• Principle 8: “Coordination is key.”  According to Chairman Clayton, coordination with, between, and among all of the various U.S. federal regulatory bodies, state securities regulators, selfregulatory organizations  and various other regulatory players “is essential to a well-functioning regulatory environment.”  To illustrate his point, Clayton cited the dual regulatory structure for over the-counter derivatives called for by the Dodd-Frank Act and working with the CFTC in this respect.  Chairman Clayton noted that cybersecurity is also an area where coordination is critical, adding that the SEC is working with “fellow financial regulators to improve our ability to receive critical information and alerts and react to cyber threats.”

Fixed Income Markets

In a portion of his remarks titled, “Putting Principles into Practice,” Chairman Clayton observed that the “time is right for the SEC to broaden its review of market structure to include specifically the efficiency, transparency, and effectiveness of our fixed income markets.”  The SEC, according to Clayton, must explore whether fixed income markets “are as efficient and resilient as we expect them to be, scrutinize our regulatory approach, and identify opportunities for improvement.”  In this connection, Chairman Clayton stated that he has asked the SEC staff to develop a plan for creating a Fixed Income Market Structure Advisory Committee.

Fiduciary Rule

Chairman Clayton also touched upon the DoL’s Fiduciary Rule, noting that he recently issued a statement seeking public input on standards of conduct for investment advisers and broker-dealers.  Chairman Clayton expressed hope that the SEC can “act in concert with our colleagues at the [DoL] in a way that best serves the long-term interests of Mr. and Ms. 401(k).”  He also noted that “any action will need to be carefully constructed, so that it provides appropriate and meaningful protections but does not result in Main Street investors being deprived of affordable investment advice or products.”

The transcript of Chairman Clayton’s remarks is available at: https://www.sec.gov/news/speech/remarks-economicclub-new-york.

Read more SEC news at the National Law Review.

This post was by the Investment Services Group of Vedder Price

U.S. Supreme Court Rules That An SEC Enforcement Claim For Disgorgement Is Subject To A Five-Year Statute Of Limitations

Today, the U.S. Supreme Court unanimously held that any claim for disgorgement in an SEC enforcement action must be commenced within five years of the date the claim accrued. The decision in Kokesh v. SEC, No. 16-529, resolved a split among Courts of Appeals whether the statute of limitations that applies to SEC enforcement actions seeking a penalty or forfeiture (28 U.S.C. § 2462) applies when disgorgement is sought. The Court had earlier applied that statute of limitations to claims by the SEC seeking a civil monetary penalty, and held that the limitations period begins to run when the violation occurs, not when it is discovered by the government. Gabelli v. SEC, 568 U.S. 442 (2013).

Supreme Court SCOTUS Class-Action WaiverThe five-year statute of limitations applies to “an action, suit or proceeding for the enforcement of any civil fine, penalty, or forfeiture.” The Court held that the imposition of disgorgement in an SEC enforcement action is a “penalty,” thus subject to the five-year limitations period. In reaching that conclusion, the Court noted that disgorgement is imposed as a consequence of violation of a public law, not because some individual was aggrieved. Another element of the Court’s reasoning was that when disgorgement is ordered in an enforcement action the remedy is not compensatory. Instead, disgorged profits are paid to the court, and it is within the discretion of the court to determine how and to whom the money will be distributed.

Perhaps most important among the Court’s rationales, the primary purpose of disgorgement ordered in an enforcement action is deterrence, and sanctions imposed to deter infractions of public laws are “inherently punitive.” The Court noted that the amount paid is often greater than the defendant’s gain so that the defendant is not, in all cases, merely restored to the status it would have occupied had it not broken the law.

The oral argument in the case included considerable colloquy on the source of a court’s power to order disgorgement in an SEC enforcement action. In its decision the Court stated, “Nothing in this opinion should be interpreted as an opinion on whether courts possess authority to order disgorgement in SEC enforcement proceedings . . . .” (Slip Op., p. 5, n. 3)

The obvious effect of the decision will be to require the SEC to be expeditious in filing cases seeking not only civil monetary penalties but also, now, disgorgement. The Court did not address whether the remedy of an injunction, which often has collateral consequences for the defendant, or of declaratory relief is subject to this statute of limitations. The Court also did not discuss the effect a tolling agreement would have on the running of the statute.

This post was written by Allan Horwich of Schiff Hardin LLP.

New Developments and Uncertainties for Conflict Minerals Disclosure

SEC conflict mineralsThe Securities and Exchange Commission (SEC) Division of Corporate Finance issued a new statement adding some uncertainty to company obligations and enforcement exposure under the SEC conflict minerals rule ahead of the May 31, 2017 filing deadline.  The statement is one of several moving pieces in an unprecedented wave of activity on conflict minerals in recent weeks.  Companies should review these developments and their approach to meeting legal obligations imposed by the SEC’s implementation of Section 1502 of Dodd Frank, alongside the broader expectations of customers, activists and investors.

Summary of Recent Developments

Highlights of the recent developments are listed below, followed by more detailed discussions on several of these key points.

  • On April 3, 2017 the U.S. District Court for the District of Columbia entered a final judgment in the conflict minerals litigation. The judgment put an end to the litigation and remanded the SEC rule to the agency for further action consistent with a 2014 decision from the U.S. Court of Appeals for the District of Columbia Circuit (D.C. Circuit) striking down a narrow portion of the SEC rule.

  • SEC Acting Chairman Michael Piwowar released a statement on April 7, 2017 questioning whether the SEC could reconcile the D.C. Circuit’s decision with Congress’s intent in Section 1502. The Acting Chairman concluded that in light of the “regulatory uncertainties” outlined in his statement, it is “difficult to conceive of a circumstance that would counsel in favor of enforcing” paragraph (c) of Item 1.01 of Form SD (i.e., the rule’s requirements to conduct due diligence and file a Conflict Minerals Report).

  • On the same day, the SEC’s Division of Corporate Finance released a separate statement reporting that the Acting Chairman had requested the Division’s consideration of the regulatory uncertainties facing the Commission. In response, the Division declared that it “will not recommend enforcement action” to the Commission for companies that only file disclosures related to their scoping and reasonable country of origin inquiry under the provisions of paragraphs (a) and (b) of Item 1.01 of Form SD, even if they are required to conduct due diligence and file a Conflict Minerals Report pursuant to paragraph (c).  The Division also declared that the statement is “subject to any further action that may be taken by the Commission, expresses the Division’s position on enforcement action only, and does not express any legal conclusion on the rule.”

  • Earlier this year, the SEC had announced plans to reconsider the SEC rule and requested public comments on all aspects of the rule. In the April 7, 2017 statement, the Acting Chairman reported that he had instructed SEC staff to begin work on a recommendation for future Commission action to consider, among other things, the public comments received in response to the January 31, 2017 request for comment.

  • Democratic lawmakers on the Senate Banking Committee have called on the SEC’s Inspector General to investigate whether the Acting Chairman exceeded his authority in asking staff to assess whether “additional relief” from the SEC rules is appropriate.

Other developments suggest changes to the conflict minerals requirements in the SEC rule or in Section 1502 are likely in the future.

  • On March 27, 2017 the State Department issued a broad request for stakeholder input to inform “recommendations” signaling a broader inter-agency effort to consider new approaches to addressing the responsible sourcing of minerals in the region. Comments are due to the Department of State by April 28, 2017.

  • President Donald Trump may still be considering the Presidential Memorandum that was circulated in February, which would seek to waive the SEC conflict minerals rule for up to two years based on national security interests.

  • In Congress, the Senate Subcommittee on Africa and Global Health Policy held a hearing on April 5, 2017 on the effects of Section 1502 on the Democratic Republic of the Congo (DRC) and the region, increasing speculation that legislation may soon be introduced to fully or partially repeal the conflict mineral provisions of Dodd-Frank.

Beyond Dodd Frank and the SEC rule, requirements for conflict minerals due diligence and disclosure are expanding in other contexts.

  • EPEAT, a leading environmental rating system for the procurement of electronic products used by the U.S. government and other institutional purchasers, announced a new standard for mobile phones (and in the future servers) that includes mandatory criteria for due diligence and public disclosure related to conflict minerals.

  • The European Council adopted a new conflict minerals regulation on April 3, 2017 focused on EU importers of covered minerals, metals, and their ores from “high risk” and “conflict affected” areas.

More Details

SEC Rule Litigation Wraps Up

On April 3, 2017 the U.S. District Court for the District of Columbia entered a final judgment remanding the SEC rule to the agency for further action consistent with the 2014 D.C. Circuit decision, as the parties to the legal challenge of the SEC’s conflict minerals rule requested. In the 2014 decision, the D.C. Circuit had held that the portion of the rule requiring issuers to describe their products as “not found to be DRC conflict free” was compelled speech in violation of the First Amendment to the U.S. Constitution. The SEC issued a partial stay of the rule in April 2014, providing that no company is required to describe its products using the SEC descriptors “DRC conflict free,” “not found to be ‘DRC conflict free,’” or “DRC conflict undeterminable” and staying the requirement to obtain an independent private sector audit as long as companies did not describe products as “DRC conflict free” in their disclosures. After requests for rehearing were denied and the D.C. Circuit reaffirmed its decision, the case was eventually remanded to the District Court and assigned to Judge Ketanji Brown Jackson, who entered the final judgment. The practical effect of the District Court’s final judgment is that any further changes to the conflict minerals requirements stemming from the case will be left to the discretion of the SEC (unless Congress or the Administration take action first) rather than handled in the courts.

SEC Statements Following Final Judgment

In his April 7 statement following the District Court’s final judgment, the Acting Chairman questioned whether the SEC could reconcile the D.C. Circuit’s decision with Congress’s intent in Section 1502. He noted that the Commission will now be called upon to determine how to address the D.C. Circuit’s decision – including whether Congress’s intent in Section 1502 can be achieved through a descriptor that avoids the constitutional defect identified by the court – and how that determination affects overall implementation of the SEC rule. According to the Acting Chairman, because “the primary function of the extensive and costly requirements for due diligence on the source and chain of custody of conflict minerals set forth in paragraph (c) of Item 1.01 of Form SD is to enable companies to make the disclosure found to be unconstitutional,” along with other “regulatory uncertainties,” it is “difficult to conceive of a circumstance that would counsel in favor of enforcing” paragraph (c). On the same day, the SEC Division of Corporate Finance released a statement echoing the Acting Chairman’s concerns and announcing that “it will not recommend enforcement action” to the Commission for companies that conduct and report on a reasonable country of origin inquiry pursuant to paragraphs (a) and (b) of Item 1.01 of Form SD but do not go on to conduct heightened due diligence and file a Conflict Minerals Report pursuant to paragraph (c).

The legal effect of these two SEC statements is unclear. The Division’s position on enforcement is not binding on the Commission, and even though it appears that the Division and the Acting Chairman coordinated with respect to their recent statements, it is not clear that the SEC is of “one mind” with respect to conflict minerals implementation. For example, it is reported that SEC Commissioner Kara Stein commented in response to the Acting Chairman’s statement that the action “engages in de facto rulemaking” and “represents a troubling attack not only on the Commission process, but also on the restraints of government power.”  Moreover, the SEC has not modified the rule or explicitly changed its 2014 partial stay of the rule. Therefore the rule remains in effect, including, if necessary based on the results of a company’s reasonable country of origin inquiry, the requirement to conduct due diligence and file a Conflict Minerals Report as an exhibit to Form SD by May 31, 2017 pursuant to paragraph (c) of Item 1.01 of From SD. A decision by a reporting company to disregard any applicable requirements to conduct due diligence or file a Conflict Minerals Report should be very carefully considered.

In the meantime, companies should continue to monitor for potential activity in response to the SEC’s statements, which could include potential legal action by interested social justice organizations or renewed Congressional requests that the SEC Inspector General conduct an internal inquiry.

SEC Request for Comment

In January the Acting Chairman issued several statements regarding reconsideration of the conflict minerals rule. The statements, available here and here, direct staff to consider whether the 2014 guidance (i.e., the statements issued in conjunction with the partial stay of the rule’s requirements following the 2014 D.C. Circuit decision) is still appropriate and whether any additional relief is appropriate. The statement titled “Reconsideration of Conflict Minerals Rule Implementation” suggests that the current rule and general withdrawal from the region “may undermine U.S. national security interests by creating a vacuum filled by those with less benign interests.” The statements requested comments on “all aspects of the rule and guidance.” Comments were requested  within 45 days of the statements (by March 17, 2017). According to the Acting Chairman, the SEC staff has been instructed to begin work on a recommendation for future Commission action to consider, among other items, the comments received as part of the SEC’s consideration of potential changes to the rule or guidance.

State Department Seeks Recommendations

The Department of State on March 27, 2017 published a request for comments from stakeholders to inform “recommendations of how best to support responsible sourcing of tin, tantalum, tungsten and gold.” In the brief notice, the Department provides a high level overview of U.S. efforts to break the link between armed groups and minerals in the Africa Great Lakes Region. The State Department may be seeking stakeholder input on further actions that could be taken to further responsible sourcing to inform ongoing discussions within the Administration (and in Congress) on alternative approaches to the current Dodd Frank due diligence and disclosure framework. Comments are due to the Department of State by April 28, 2017.

Potential Presidential Action

A draft Presidential Memorandum circulated in early February 2017 indicates that the White House may seek to temporarily waive the requirements of the conflict minerals rule. Under the Dodd-Frank Act the SEC “shall revise or temporarily waive” the requirements of the conflict minerals rule if the President transmits to the SEC a determination that such revision or waiver is “in the national security interest of the United States and the President includes the reasons therefor;” and establishes a date within two years that the exemption expires. The draft Presidential Memorandum states that the conflict minerals rule has caused harm to some parties in the region, thereby contributing to instability in the region and threatening the national security interest of the United States. The draft Memorandum directs the SEC to temporarily waive the requirements of the conflict minerals rule for two years and directs the Secretaries of State and Treasury to propose a plan for addressing human rights violations and funding of armed groups in the Democratic Republic of the Congo or an adjoining country within 180 days of the Memorandum.

The draft Presidential Memorandum raises a number of questions without clear answers. For example, it is unclear whether or when the SEC would be required to act as directed by the Memorandum, and whether an SEC action would be subject to notice and comment rulemaking or judicial review. Also unclear is how a temporary suspension of the SEC rule would affect efforts to incorporate conflict minerals reporting obligations into public and private procurement requirements or independent certifications such as EPEAT. The Administration has not indicated whether or when it might move forward with a final memorandum.

New EPEAT Procurement Criteria

Conflict minerals due diligence is also being integrated into institutional procurement criteria for certain electronic products. EPEAT is a leading environmental rating system for electronics that a wide variety of institutional purchasers (including federal, state and some foreign governments) have incorporated into procurement requirements. The Federal Acquisition Regulation (FAR) currently requires federal agencies to procure EPEAT-registered electronic products and prescribes language that must be used in procurement contracts for goods and services. EPEAT is in the process of expanding its registry to cover two new product categories and both are expected to include new mandatory criteria on conflict minerals.

On March 24, 2017, EPEAT and Underwriters Laboratory published an EPEAT standard for mobile phones. The mobile phone standard lays out three criteria (one required, two optional) related to conflict minerals. The new standard requires manufacturers to “provide a public disclosure relevant to due diligence performed in accordance with an internationally recognized standard to determine whether the supply chain for the product contains conflict minerals necessary to the functionality or production of their products.” If a manufacturer finds that the supply chain does contain conflict minerals necessary to the functionality or production of its product, the manufacturer must prepare the “relevant disclosures related to SEC requirements under Dodd-Frank and the SEC rule or related to the OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas.”

Significantly, these requirements apply to all manufacturers registering mobile phone products under the standard, regardless of whether they are SEC registrants. There are two optional conflict minerals criteria, both relating to conflict minerals sourcing. An EPEAT server standard is also under development and, if adopted, is expected to include conflict minerals provisions.

New EU Conflict Minerals Regulation 

In early April, the European Union took the final steps to adopt a new conflict minerals regulation aimed at stopping the financing of armed groups in “high risk” and “conflict affected” areas. The Council adopted the regulation on April 3, 2017, following approval by the European Parliament in early March.

The regulation, the first version of which was introduced in March 2014, establishes an approach that is fundamentally different than that under the Dodd-Frank Act and the SEC rule. Unlike the U.S. scheme, supply chain due diligence requirements under the EU regulation do not extend to downstream users of the metals, including importers of products containing those metals, and instead focus entirely on mandatory due diligence requirements for importers of the minerals, metals, and their ores. The geographic scope of the regulation also extends to conflict-affected and high-risk areas globally, extending beyond the DRC and adjoining countries covered by Dodd-Frank and the SEC rule.

Importers will be covered by the new due diligence requirements as of January 1, 2021. The new EU requirements are likely to enhance due diligence on the sourcing of conflict minerals from the DRC and other regions. Although downstream users or importers of products containing tin, tantalum, tungsten or gold would not be subject to mandatory due diligence requirements, the Commission is expected to address conflict minerals in non-binding guidance under the EU Non-Financial Reporting Directive that will set forth the methodology and topics for disclosures by companies covered by the Directive.

© 2017 Beveridge & Diamond PC

Dodd-Frank Rollback Begins – Congress Overturns SEC’s Resource Extraction Issuer Payment Disclosure Rule

SEC resource extractionLast week, Congress utilized the Congressional Review Act (CRA) to pass a joint resolution that disapproves Rule 13q-1 adopted by the SEC,1which would have implemented the resource extraction issuer payment disclosure provisions of Section 1504 of the Dodd-Frank Wall Street Reform and Consumer Protection Act. The disapproval resolution has been sent to President Trump for his signature, which he is expected to sign.2

Under the SEC’s rule, a public company that qualified as a “resource extraction issuer” would have been required to publicly disclose in an annual report on Form SD information relating to any single “payment” or series of related “payments” made by the issuer, its subsidiaries or controlled entities of $100,000 or more during the fiscal year covered by the Form SD to a “foreign government” or the U.S. Federal government for the “commercial development of oil, natural gas, or minerals” on a “project”-by-“project” basis. Resource extraction issuers were not required to comply with the rule until their first fiscal year ending on or after September 30, 2018 and their first report on Form SD was not due until 150 days after such fiscal year end.

As a result of the disapproval resolution (assuming President Trump signs, and does not veto, the resolution), issuers that expected to be subject to the SEC’s rule can cease their compliance preparations. Under the CRA, a disapproved rule may not be reissued in substantially the same form or as a new rule that is substantially similar to the disapproved rule unless specifically authorized by a subsequently enacted law. Despite the disapproval resolution and the CRA, Dodd-Frank Section 1504’s mandate for the SEC to adopt a resource extraction disclosure rule remains intact unless and until Section 1504 is repealed. In light of the CRA’s prohibition on the reissuance of a substantially similar rule, the rule’s contested history3 and the expected reintroduction of the Financial CHOICE Act, which if enacted into law in the form introduced during the previous session of Congress would repeal Section 1504, the SEC is unlikely to commence the rulemaking process for resource extraction issuer payment disclosures for a third time.

Some public companies may still have to disclose similar payment information as required under the SEC’s rule pursuant to international resource extraction disclosure laws (for example, the EU Accounting Directive, the EU Transparency Directive and Canada’s Extractive Sector Transparency Measures Act).


1. H.J.Res.41, available at https://www.congress.gov/bill/115th-congress/house-joint-resolution/41/text.

2. The White House, Press Release, H.J. Res. 38, H.J. Res. 36, H.J. Res. 41, H.J. Res. 40, H.J. Res. 37 – Statement of Administration Policy (Feb. 1, 2017), available at https://www.whitehouse.gov/the-press-office/2017/02/01/statement-adminis….

3. For a brief discussion of the legal challenges to the rulemaking process, see our client alert dated December 17, 2015, SEC Re-Proposes Disclosure Rules for Payments by Resource Extraction Issuers.