BCLP – US Securities and Corporate Governance – Bryan Cave Leighton Paisner

US Securities and Corporate Governance

Other Posts

Main Content

Risk factor reminders for upcoming 10-Qs

As companies prepare upcoming periodic reports, they should focus on carefully reviewing and updating their risk factors. Some of the considerations may include:

  • COVID Risks. As a number of business sectors improve, it may be advisable to revise COVID-related risk factors to reflect the changing economic climate.  In some cases, the focus may need to shift to address challenges in increasing production, managing supply chains, hiring workers or otherwise responding to increasing customer demand.  In other cases, companies that benefited from dramatic changes in the economy during the pandemic peak may need to address potential risks associated with a return to normalcy.  For example, consider whether recent growth trends are viewed as sustainable in light of the MD&A requirement to discuss “known trends or uncertainties” that the company “reasonably expects will have a material favorable or unfavorable impact on net sales or revenues or income.”  At the same time, it may be appropriate to continue to caution investors as to uncertainties as to the future course of the pandemic – particularly as concern with the impact of variants evolves.
  • Labor Markets. Many sectors and regions are experiencing labor shortages. To the extent material, companies should consider disclosing in MD&A the effect of labor market conditions on their results of operations, and discussing possible future impacts in risk factors. 
  • Hypothetical Risks. Risk factors typically include a wide range of topics intended to warn investors of potential adverse events, most of which may not have not ever materialized. These are included

Beware of Insider Trading Whistleblower Scams

What You Should Do First with Anonymous Reports

There has recently been a rash of similar anonymous whistleblower tips to public companies, each claiming that an unnamed company supervisor boasted about reaping profits from insider trading. The number of public companies receiving very similarly worded anonymous reports leads to the conclusion that they may be hoaxes. While the apparent scheme’s ultimate goals are unclear, companies should be very cautious about engaging with sources of such anonymous complaints, especially given the risk of ransomware and other forms of cyberattack. One theory is that these reports may be the first step in a sophisticated campaign to inject ransomware or facilitate other forms of cyberattack.

These complaints present a challenging development for ethics and compliance reporting systems, since they require companies to quickly assess whether a whistleblower report is bona fide and address issues at the intersection of ethics policies and cybersecurity controls.

Several things should be considered by a company that receives a confidential whistleblower report alleging insider trading that does not name the employee involved:

  • The most immediate concern is determining whether the report appears to be authentic and legitimate (regardless of merit), and not a hoax or some form of cyberattack. Anonymous submissions should be handled in accordance with the company’s data and cybersecurity policies and procedures, since files and links are potentially dangerous vectors for cyberattacks. A senior IT employee should review the submission (without seeking to identify the purported whistleblower) and consulted in connection with any engagement

NYSE Revises Related Party Transaction Approval Rule

Companies listed on the New York Stock Exchange should review their policies on related party transactions and related processes to confirm they are consistent with recent revisions to the applicable NYSE rules.

Longstanding NYSE rules required that “an appropriate body” within listed companies review related party transactions, but did not expressly define what constituted a related party transaction. The conventional wisdom was that related party transactions referred to transactions required to be disclosed under Item 404 of Regulation S‑K, which generally requires disclosure of transactions in which (i) the amount involved exceeds $120,000 and (ii) a related party has a direct or indirect material interest.

In April, the Securities and Exchange Commission approved amendments to Section 314.00 of the NYSE Listed Company Manual. The revised NYSE rule expressly:

  • Defines a related party transaction as a transaction required to be disclosed under Item 404 of Regulation S-K without applying the $120,000 threshold thereunder;
  • Provides that the audit committee or comparable independent body of the board must conduct an independent prior review of all related party transactions; and
  • Requires that the audit committee (or comparable independent body) prohibit related party transactions it determines to be inconsistent with the interests of the company and its shareholders.

As a result of the NYSE’s exclusion of the $120,000 transaction value threshold, for some companies the scope of related party transactions requiring review and approval by the audit committee under the NYSE rule may be broader than the related

Disclosure Controls and Procedures – Not Just a Quarterly Certification

On June 15, 2021, the SEC announced that it had settled charges against First American Financial Corporation for failures in First American’s disclosure controls and procedures.  Rule 13a-15(a) under the Exchange Act requires issuers to maintain disclosure controls and procedures designed to ensure that information required to be disclosed by an issuer in reports it files or submits under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in the SEC’s rules and forms. 

According to the SEC’s order, in May 2019, company management learned from a journalist that the company was experiencing a cybersecurity vulnerability that had resulted in the inadvertent public availability of customers’ personal data.  First American responded by issuing a statement to the press explaining that the company had learned of a design defect that had resulted in “possible unauthorized access to customer data” and had taken “immediate action to address the situation and shut down external access” to the data.  A few days later, First American issued a press release that was also furnished on Form 8-K.  In the release, the company reported that there was “[n]o preliminary indication of large-scale unauthorized access to customer information.”

Contrary to these disclosures, the SEC found that the vulnerability had exposed sensitive personal data, including social security numbers, in over 800 million images of customer documents for a period dating back to as early as 2003.  The SEC also found that the senior executives of the company who were

Lessons from GameStop: Small Investors “100% Don’t Care” About Risk

Like KC Chiefs quarterback Patrick Mahomes eating green beans in a recent commercial, even though he “100% [doesn’t] like them,” it appeared the Reddit r/WallStreetBets group that banded together to buy GameStop shares “100% don’t care” about market risk and potential investment losses.  

Inspired by social media cheerleaders, thousands of small investors acted with irrational exuberance, driving the share price from less than $20 on January 15, 2021 to $483 on January 28, 2021 before it closed that day below $200, and plummeted more than 40% to $53 on February 4.  

Average investors watched in disbelief as trading markets were turned upside down by investors who appeared to ignore financial and other disclosures, disregarding the risks of possible complete loss of their investments.

Understandably, the executives of GameStop and some players on the social media investor radar screen have so far declined to comment.  The social media blitz was completely outside control of the issuer’s management and they likely don’t have sufficient information to attempt to explain it.  To wit, one of GameStop’s reactions to the inexplicable volatility was to restrict trading in its shares.

Regardless of how this saga ultimately ends for GameStop, it has raised important questions like whether a company should keep its trading window closed even after earnings are announced and the company has disclosed all material nonpublic information.  Normally, there “ought not” be any liability concerns for an issuer in such a situation, but that could be risky when judged in hindsight.  Large

SEC Amends Acquired Business Financial Statement Requirements

On May 21, 2020 the Securities and Exchange Commission adopted a number of amendments intended to reduce the complexity of financial disclosures required for business acquisitions and dispositions by U.S. public companies. These amendments will, among other things, (i) revise the requirements for financial statements and pro forma financial information for acquired businesses, (ii) revise the tests used to determine significance of acquisitions and dispositions, and (iii) for certain acquisitions of a component of a business, allow financial statements to omit certain expenses. The amendments are effective January 1, 2021, but registrants may voluntarily comply with the rules as amended prior to the effective date.

When a registrant acquires a business that is “significant,” other than a real estate operation, Rule 3-05 of Regulation S-X generally requires a registrant to provide separate audited financial statements of that business and pro forma financial information under Article 11 of Regulation S-X. The number of years of financial information that must be provided depends on the relative significance of the acquisition to the registrant. Similarly, Rule 3-14 of Regulation S-X addresses the unique nature of real estate operations and requires a registrant that has acquired a significant real estate operation to file financial statements with respect to such acquired operation.

The significance of an acquisition or disposition is based on an Investment Test, an Asset Test, and an Income Test. The amendments revise the Investment Test to compare a registrant’s investments in and advances to the acquired or disposed business to the

U.S.: SEC Staff Issues COVID-19 Related Guidance

The SEC Staff has provided guidance as to disclosure and other securities law obligations (the Guidance) related to COVID- 19 and related business and market disruptions.

The Guidance provides the SEC Staff’s views on

  • disclosure related to COVID-19
  • material non-public information related to COVID-19 and
  • reporting earnings and financial results during this period, including guidance with respect to non-GAAP measures related to COVID-19.

Assessing and Disclosing the Evolving Impact of COVID-19. The SEC Staff reminds companies that the effects COVID-19 has had on a company, what management expects its future impact will be, how management is responding to evolving events, and how it is planning for COVID-19-related uncertainties can be material to investment and voting decisions.

The Guidance lists a number of detailed questions management should consider relating to, among other things: a company’s financial condition and results of operations; capital and financial resources; valuation of balance sheet assets; possible material impairments; effects on operations resulting from remote work arrangements, including on controls; business continuity plans; customer demand; supply chains; human capital resources and productivity; and the effects of travel and border restrictions.

The Staff encourages companies “to provide disclosures that allow investors to evaluate the current and expected impact of COVID-19 through the eyes of management, and that companies proactively revise and update disclosures as facts and circumstances change.”

Material Non-Public Information. The Guidance includes a reminder that if COVID-19 has affected a public company in a material way, or where the company has become aware

The attorneys of Bryan Cave Leighton Paisner make this site available to you only for the educational purposes of imparting general information and a general understanding of the law. This site does not offer specific legal advice. Your use of this site does not create an attorney-client relationship between you and Bryan Cave LLP or any of its attorneys. Do not use this site as a substitute for specific legal advice from a licensed attorney. Much of the information on this site is based upon preliminary discussions in the absence of definitive advice or policy statements and therefore may change as soon as more definitive advice is available. Please review our full disclaimer.