June 2012

Following the recent financial crisis and government bailouts of major U.S. financial institutions, the federal government has gradually facilitated a power shift from companies and their officers and boards of directors to their shareholders. A prime example of this is the recently enacted “say-on-pay voting” requirements. Through provisions of the Dodd-Frank Act which was passed in July 2011, Congress directed the SEC to adopt rules requiring public companies to give their shareholders a vote, on an advisory basis, on the approval of executive compensation (“say-on-pay”). The implemented rules also require public companies to hold an advisory vote on the frequency (“say-on-when”) with which the say-on-pay vote would occur. Taking into account the results of the say-on-when vote, companies determined whether to hold say-on-pay votes on an annual, biennial, or triennial basis, with most electing to hold annual say-on-pay votes. Despite these shareholder votes being advisory, and as we explained in a previous blog, these votes may actually be more impactful than originally anticipated due to the effect of poor or failed say-on-pay votes on the recommendations from proxy advisory firms, such as ISS. For example, a “poor” (i.e., less than 70% shareholder approval) or “failed” say-on-pay vote result (i.e., less than 50% shareholder approval) could lower one or more of a company’s ISS “GRId” scores (or other proprietary proxy advisory firm corporate governance rating scores) which would negatively impact the recommendations published by the proxy advisory firms with respect to the election of directors and other corporate governance matters being put to a vote of the shareholders at the annual meeting. By way of example, if a public company receives less than 70% shareholder approval for executive compensation, the company must show that it took steps to address its perceived executive pay shortcomings, otherwise ISS will recommend a “withhold” vote for the directors up for re-election at the next annual meeting.

Going one-step further, however, the United Kingdom announced on June 20, 2012 that it will be implementing a binding say-on-pay vote requirement for public companies. According to the Department for Business Innovation and Skills, the U.K. government will “introduce a new binding vote on companies’ pay policies in order to empower shareholders and
Continue Reading Binding say-on-pay: Is it coming to a public company near you?

The “Risk Factors” section of any disclosure document is vital to the protection of the issuer. Generations of securities lawyers and accountants have worked into the night to develop lists of risks that would make any sane potential investor run away screaming. Most of us have seen innumerable examples of conventional risk factors like competition, legal and regulatory changes, impact of the loss of key personnel and others. Many of these risk factors are virtually identical regardless of the issuer’s industry space, and it’s doubtful that many readers of disclosure materials pay much attention to these risk factors.

The new breed of public technology companies, however, present some novel and interesting risks. The disclosure of these risks still strives to protect the issuer and give the potential purchaser the relevant information necessary to make an informed investment decision, but they focus on areas that are quite different from the disclosures used by more conventional companies. These technology company disclosure documents still contain many conventional risk factors, but it’s interesting to see the new areas that are considered material risks for these companies.

Here are several of the key items that been used as material risk factors in recent technology company disclosure documents filed by prominent technology companies:

Data Security.  This is a very hot issue for most technology companies these days, especially in the social media space. Facebook is a great example, as it has data from close to 900 million users. LinkedIn has similar dynamics and issues on a smaller scale. A data breach for any of these companies would have huge legal ramifications, as state, Federal and international regulatory authorities and private plaintiffs would quickly react. LinkedIn recently experienced these negative ramifications first hand as it was sued for $5 million in connection with its recent data breach.  The potential damage to a company’s brand and credibility could also be significant.  Click here for language from the Facebook prospectus and the LinkedIn prospectus as good examples. The SEC also offered some guidance on this topic in “CF Disclosure Guidance Topic No. 2 – Cybersecurity”.
Continue Reading That sounds risky: New generation of risk factors for technology companies