In the aftermath of Equifax’s data breach, a federal court recently found that allegations of poor cybersecurity coupled with misleading statements supported a proper cause of action. In its decision, the U.S. District Court for the Northern District of Georgia allowed a securities fraud class action case to continue against Equifax. The lawsuit claims the company issued false or misleading statements regarding the strength and quality of its cybersecurity measures. In their amended complaint, the plaintiffs cite Equifax’s claims of “strong data security and confidentiality standards” and “a highly sophisticated data information network that includes advanced security, protections and redundancies,” when, according to the plaintiffs’ allegations, Equifax’s cybersecurity practices “were grossly deficient and outdated” and “failed to implement even the most basic security measures.” The court found that data security is a core aspect of Equifax’s business and that investors are likely to review representations on data security when making their investment decisions.
Continue Reading Court Finds Cybersecurity-Related Claims Sufficient in Securities Class Action

Public reporting companies that have material weaknesses in their internal control over financial reporting (“ICFR”) are required under Rule 308 of the Securities Exchange Act of 1934, as amended, to report such material weaknesses in their quarterly and annual reports along with proposed remedial measures. A material weakness is defined as a deficiency, or a combination of deficiencies, such that there is a reasonable possibility that a material misstatement of an issuer’s financial statements will not be prevented or detected on a timely basis.
Continue Reading SEC Administrative Proceedings Against Public Companies for Failure to Remediate Material Weaknesses in Internal Control Over Financial Reporting

Last month, Energy XXI, Ltd. (“EXXI”), a publicly-traded oil and gas exploration company, saw its former Chief Executive Officer charged with various securities law violations by the Securities and Exchange Commission (“SEC”). The SEC seeks to have the CEO pay civil money penalties and be barred from any officer or director role with any issuer of registered securities.
Continue Reading “Airing Out the Denny Crane Room”: Recent SEC Action Emphasizes Need for Effective Disclosure Controls and Procedures for Executive Perquisites

On August 17, 2018, the Securities and Exchange Commission (SEC) approved amendments to certain of its disclosure requirements that have become redundant, duplicative, overlapping, outdated, or superseded, in light of other SEC disclosure requirements, U.S. generally accepted accounting principles (GAAP), international financial reporting standards (IFRS), or changes in the information environment. These changes include amendments to Regulation S-K and Regulation S-X, which provide many of the disclosure requirements that apply to annual reports on Form 10-K, quarterly reports on Form 10-Q, proxy statements, registration statements and other documents filed with the SEC. These amendments become effective 30 days after publication in the Federal Register.
Continue Reading SEC Approves Updated Disclosure Requirements

On February 21, the Securities and Exchange Commission issued new Interpretive Guidance regarding disclosures of cybersecurity-related information by publicly traded companies. This guidance comes in the context of public pressure on the SEC to update its 2011 Division of Corporation Finance guidance regarding cybersecurity risks and incidents. According to SEC Chairman Jay Clayton’s statement, this new document serves to reinforce and expand the prior guidance. It lays out principles that companies should follow in determining when cybersecurity information should be disclosed, and what should be disclosed.
Continue Reading SEC Takes Baby Steps on Cyber, but Signals Greater Vigilance

On October 26, 2016, the SEC amended Rule 504 of Regulation D under the Securities Act of 1933 (the “Securities Act”) to increase the maximum amount of securities that may be sold thereunder in any 12-month period from $1 million to $5 million. Consequently, the rarely used Rule 504 may now prove useful to issuers of securities in smaller capital raising and M&A transactions.
Continue Reading Rule 504 Becomes Useful Tool for Smaller Capital Raising and M&A Transactions

So, fortune has smiled upon you. A partner has handed you a draft Form 10-K for a client and asked you to do a “rule check” or “form check” to confirm that no required disclosures are missing.

Most often, the Form 10-K template for a reporting company has evolved over a number of years, with significant input from the company’s accounting and legal professionals, and is generally in pretty good shape.

However, mistakes get made — and it’s your job to find them!

Here is a list of 12 items that even seasoned reporting clients frequently omit or prepare incorrectly when drafting the Form 10-K.Continue Reading 12 Common 10-K Mistakes — And How To Find Them

There are plenty of articles about how to write good MD&A – referring of course to the “Management’s Discussion and Analysis of Financial Condition and Results of Operations” section of your company’s Form 10-K, Form 10-Q or Securities Act registration statement.

The purpose of this article is to give you concrete tips on how to write bad MD&A, section by section.Continue Reading How to Write Bad MD&A

On July 1, 2016, the Securities and Exchange Commission (the “SEC”) approved, on an accelerated basis, proposed amendments to the listing rules of The Nasdaq Stock Market LLC (“Nasdaq”) to require Nasdaq-listed companies to disclose annually any “compensation” or “other payment” provided by third parties to directors or director-nominees in connection with their candidacy or service on the company’s board of directors. These arrangements are referred to as “golden leash” arrangements and commonly occur when an activist stockholder compensates its nominee for service on the company’s board of directors based on achieving certain criteria that are important to the activist stockholder. The new rule, Nasdaq Rule 5250(b)(3) (the “Rule”), became effective July 31, 2016.
Continue Reading SEC Approves Nasdaq’s Proposed Rule on Third Party Payments to Directors and Director-Nominees – The “Golden Leash” Disclosure

On July 10, 2013, the SEC adopted the amendments required under the JOBS Act to Rule 506 that would permit issuers to use general solicitation and general advertising to offer their securities, subject to certain limitations. In addition, the SEC amended Rule 506, as required by the Dodd-Frank Act, to disqualify felons and other bad actors from being able to rely on Rule 506. The long-awaited new rules will allow issuers that are permitted to rely on Rule 506 to more widely solicit and advertise for potential investors, including on the Internet and through social media.

The SEC also adopted an amendment to Rule 144A that provides that securities may be offered pursuant to Rule 144A to persons other than qualified institutional buyers, provided that the securities are sold only to persons that the seller and any person acting on behalf of the seller reasonably believe are qualified institutional buyers.Continue Reading SEC Eliminates the Prohibition on General Solicitation for Rule 506 and Rule 144A Offerings