SEC announces settlement for misleading non-GAAP disclosures
On March 14, 2023, the Securities and Exchange Commission announced settled charges against DXC Technology, an IT services company, for misleading disclosures about its non-generally accepted accounting principles (non-GAAP) financial performance from 2018 until early 2020. In its order, the SEC found that "DXC materially increased its reported non-GAAP net income by negligently misclassifying tens of millions of dollars of expenses as non-GAAP adjustments for so-called transaction, separation, and integration-related (TSI) costs," and that the company's non-GAAP disclosure controls were inadequate to ensure that the company's expense classifications were consistent with the description of TSI in the company's public disclosures. DXC agreed to pay a civil penalty of $8 million. For more information, refer to this Cooley PubCo blog post about the DXC settlement.
The DXC settlement follows a February 2023 report in The Wall Street Journal detailing the SEC's focus on non-GAAP disclosures and the posting of updated non-GAAP Compliance and Disclosure Interpretations in December 2022, which also were highlighted at the time in a Cooley PubCo blog post. Companies should carefully consider the SEC's rules and guidance when deciding which non-GAAP measures to disclose and how to disclose them.
SEC settles charges for misleading disclosures about ransomware attack
On March 9, 2023, the SEC announced settled charges against Blackbaud, a public company that provides donor data management software to nonprofit organizations, for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers. The SEC order claims that Blackbaud announced in 2020 that a ransomware attacker did not access donor bank account information or Social Security numbers, even though just days later, its technology personnel learned that the attacker had in fact accessed this information. Despite this, according to the SEC press release, Blackbaud's employees did not communicate the information to senior management responsible for public disclosures due to the company's failure "to maintain disclosure controls and procedures." As a result, "the company filed a quarterly report with the SEC that omitted this material information about the scope of the attack." Blackbaud agreed to pay a civil penalty of $3 million. In addition to being another example of an SEC enforcement case stemming from inadequate disclosure controls, these charges are reminiscent of other recent actions where the SEC charged companies for disclosing cybersecurity-related risks as hypothetical when they had already come to fruition. For more information, refer to this Cooley PubCo blog post about the Blackbaud settlement.
Mining company settles SEC charges for misleading ESG disclosures
In May 2022, the SEC charged Vale S.A., a publicly traded Brazilian mining company, with violations of securities laws for making "false and misleading claims about the safety of its dams prior to the January 2019 collapse of its Brumadinho dam." The collapse tragically killed 270 people and led to a loss of more than $4 billion in Vale's market capitalization. At the end of March, the SEC announced that Vale agreed to pay $55.9 million to settle the charges. Significantly, the alleged fraudulent statements were contained in both the company's periodic reports and its separate environmental, social and governance (ESG) disclosures, including in its sustainability reports, which the SEC complaint references often. The frequent reference to alleged misleading statements in Vale's sustainability reports is another indication of the SEC's increasing focus on ESG disclosures outside of SEC filings. For more information, refer to this Cooley PubCo blog post about the Vale case and settlement.
BlackRock CEO releases annual letter to investors
On March 15, 2023, BlackRock CEO Larry Fink released his annual letter to investors. In a departure from prior years, he authored one letter to investors that was released to all stakeholders, instead of separate annual letters to CEOs and clients. The letter primarily discusses how BlackRock fulfills its fiduciary duty to clients to achieve optimal risk-adjusted returns in the context of today's challenging environment. Notably, the letter does not mention ESG by name as it did last year. The letter does, however, reiterate BlackRock's focus on climate transition risk and discusses its advocacy for more climate disclosure and planning at portfolio companies. Among other topics, the letter discusses BlackRock's initiative to allow clients to vote their own views, the potential consequences of the recent Silicon Valley Bank disruption on the global financial system, Fink's views on inflation (which he believes is likely to stay closer to 3.5% or 4% in the next few years), the importance of investing for retirement, digital assets, and BlackRock's strategy for long-term growth. For a summary of key portions of the letter, refer to this blog post from TheCorporateCounsel.net.
PwC, Workiva publish survey findings on SEC climate proposal preparedness
While we continue to await the SEC's final climate disclosure rules, PwC and Workiva published a report titled "Change in the Climate," which details the findings from a survey of 300 executives at US-based public companies measuring how they are preparing for the SEC's anticipated final rules. The report finds that there are two divergent moods with respect to ESG reporting: While companies have embraced ESG reporting generally (89% already report some ESG data), they are less encouraged about their readiness for future ESG reporting requirements (with 39% believing they aren't fully prepared to meet the upcoming expected disclosure requirements). Key takeaways from the report include:
- 85% of executives are concerned their company "does not have the right technology in place to support ESG reporting that meets the potential new requirements," with roughly half of executives feeling very concerned.
- 36% of leaders are not fully confident that their company is staffed appropriately to meet the potential requirements of the final rules.
- 61% of respondents believe the rules will cost their company more than $750,000 in the first year of compliance, which is higher than the $640,000 that the SEC estimates.
- More than 70% of executives believe a reasonable timeline for reporting the data required by the proposed rules is at least two years after the rules go into effect.
- 70% of respondents said their company will push ahead and "proceed with compliance" with the proposed changes, even if the final rules are delayed.
- A substantial 96% of executives say they likely will proceed with independence assurance on their Scopes 1 and 2 emissions disclosures, whether or not it's required by the final rules.
Cooley alert covers DOJ's focus on interlocking directorates
On March 29, the Cooley antitrust team published an alert about the Department of Justice's continued focus on interlocking directorships that might violate Section 8 of the Clayton Act, which prohibits competitors from having overlapping directors or managers. The alert explores the results of the DOJ's actions to date, the theory underpinning the DOJ's position, the definition of "competitor" for purposes of Section 8, and the statutory de minimis exemptions reputational risk. Companies with directors who also serve on the boards of competitors should review the alert and consider the ramifications for their board composition.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
