Disclosure Guidance

Subscribe to Disclosure Guidance via RSS

Risks of Cyber Attacks

If you are an executive for a public company, new SEC guidance requires you to consider cybersecurity in your ongoing periodic reports.  As evidenced by the barrage of news reports over the past couple of years, cyber incidents have become very significant events for all types of companies.  A recent example was the data breach of Sony Corporation’s Playstation Network.  These cyber incidents can cause companies to spend substantial amounts of money and time to attempt to reduce or correct the associated damage, including significant reputational damage.  All companies must make significant capital investments for systems and measures designed to prevent future cyber incidents or at least mitigate their harmful effects. Unfortunately, the number of cyber incidents will continue to increase, and the tactics used by hackers will become more sophisticated and harder to prevent and control.

Congress Gets Involved

Last year, a group of U.S. senators recognized that cybersecurity incidents and the associated costs were a major risk for many companies and that many public companies were not adequately disclosing these events. The Senators also recognized the growing risks of cybersecurity and cyber incidents, and that there was very little guidance for public companies on their disclosure responsibilities in connection with cybersecurity. These senators wrote a letter to SEC Chairman Shapiro asking for some interpretative guidance on how to address disclosure of cybersecurity and cyber incidents and the associated risks and economic effects.

SEC Sets Expectations

In response to the Senate inquiry, the SEC recently issued CF Disclosure Guidance:  Topic No. 2 (the “Disclosure Guidance”), which set forth the SEC’s expectations of public company cybersecurity disclosure. Public companies of all sizes and industries should
Continue Reading New Cybersecurity Disclosure Obligations for SEC Filings

Last Friday, the SEC’s Division of Corporate Finance issued its fourth topic in its CF Disclosure Series, which periodically provides the SEC’s views on various topics.  This time, the SEC addressed, what it believes to be, inconsistent disclosures on European sovereign debt holdings.  The SEC reminds registrants, particularly bank holding companies, of their obligations to

Section 1502 of the Dodd-Frank Act mandates the SEC to adopt rules requiring reporting companies to disclose whether certain minerals used in production chains originate from the Democratic Republic of the Congo or its neighboring countries. Minerals sourced from these areas of central Africa often fund militia and other military groups’ operations which have exacerbated

The SEC is currently considering a petition submitted by a group of 10 law professors asking the SEC to adopt rules that would require public reporting companies to disclose political contributions in their annual proxy statements. As justification for the proposal, the petitioners assert that there is empirical evidence that indicates public company shareholders are

The Dodd-Frank Act mandated the SEC to adopt rules to require reporting companies to make certain “social disclosures.” For example, Section 1502 of Dodd-Frank requires the SEC to adopt disclosure rules that will require reporting companies to make certain disclosures if “conflict minerals” are “necessary to the functionality or production” of its manufactured products. Metals

In a resounding victory for public companies Friday, the United States Court of Appeals for the District of Columbia Circuit struck down the Securities and Exchange Commission’s rule on proxy access.  The controversial proxy access rule would have permitted shareholders to more easily and more cheaply nominate a minority slate of director candidates for election