Archive for the ‘Regulations & Legislation’ Category

NACD BLC 2014 Breakout Session – Inside the SEC: Anatomy of an Agency

October 28th, 2014 | By

The Securities and Exchange Commission (SEC) is charged with maintaining fair and efficient markets, facilitating capital formation, and, like directors, protecting investor interests. This regulatory arm of the federal government has a significant impact on businesses, but many may not effectively understand the commission’s inner workings. Providing directors with an insider look at the SEC was a panel comprised of: Mark D. Cahn, former general counsel of the SEC’s Office of the General Counsel, and partner at WilmerHale; Thomas J. Kim, partner at Sidley Austin and former chief counsel and associate director of the SEC’s Division of Corporation Finance; Troy Paredes, senior strategy and policy advisor at PwC and former SEC commissioner; and moderator Kendra Decker, partner in Grant Thornton’s National Professional Standards Group.

The SEC has five commissioners, each of whom is selected by the president of the United States, and no more than three of them can be from the same political party. The president also selects one commissioner to serve as chair. The chair sets the agenda and makes senior hiring decisions; however, this does not create a hierarchy as that professional title might imply. The commissioners are like a board of directors, with each person maintaining their own, independent voice as they vote on the issues set before them.

“No one commissioner has the power to do anything,” Kim said. “They only have power by acting as a commission, just like a board must act as a collective body.” Although the SEC is generally thought of as a rulemaking entity, Cahn pointed out that it’s a relatively infrequent occurrence that commissioners actually cast a vote. The organization’s day-to-day workings are processed at the staff level—and, in turn, the division heads engage with the commissioners.

The panel also drew attention to challenges within the commission. For Cahn, the biggest challenge with regard to rulemaking is the Government in the Sunshine Act of 1976, which requires all commission deliberations to be carried out in public. “You end up with meetings of two commissioners with staff members to discuss issues when they could be much more productive to work out matters as a group.”

In addition, trying to pass a rule through a multi-member commission can turn into a game of chess, with each member making suggestions for changes up until the last minute. If a rule passes with a split vote, those dissenting opinions serve as a roadmap to potential litigants who want to challenge the rule—a factor that emphasizes the importance of unanimity within the commission. “I think it [speaks] well for the agency overall when there’s consensus,” Parades said. “But sometimes you can’t bridge those differences. Another aspect is, from time to time, chairs have had a norm where they wouldn’t go forward unless there was a norm of four. What that does, it forces people to compromise and it doesn’t allow those in the majority to say that ‘this is what we’re going to do, regardless.’”

Despite these complexities, Paredes stressed the critical importance of third-party engagement. “The SEC is able to better evaluate the consequences of their rulemaking if they are able to hear from the people their rules are going to impact,” he said. “If [SEC] folks aren’t hearing that through one mechanism or another, there are going to be serious blind spots.”

Current Efforts Toward Corporate Disclosure Reform

August 22nd, 2014 | By

The discussion surrounding corporate disclosure reform has consistently centered on the issue of how to provide sufficient levels of information to investors and other readers without overburdening those responsible for preparing the disclosures. On July 29, the U.S. Chamber of Commerce’s Center for Capital Markets Competitiveness (CCMC) hosted an event addressing corporate disclosure reform. A variety of issues involving disclosure reform were discussed in panels featuring general counsels from leading companies, former officials from the Securities and Exchange Commission (SEC), the current head of the SEC’s Division of Corporation Finance, and other stakeholders.

Corporate disclosure reform has also been a recurring topic of discussion among the delegates of NACD’s advisory council meetings. Delegates are committee chairs of Fortune 500 companies and, along with key stakeholders, they discuss the issues and challenges currently affecting the boardroom. In particular, NACD’s Audit Committee Chair Advisory Council has discussed this topic at length, and this issue featured prominently in the discussions at the June 2013, November 2013 and March 2014 meetings. In particular, the November meeting featured senior leaders from the Society of Corporate Secretaries and Governance Professionals to discuss their efforts to streamline disclosures, while the March meeting included analysts from Moody’s Analytics and Morgan Stanley to share how they use disclosures.

Many of the key takeaways from the CCMC’s July meeting have been echoed at NACD’s advisory council meetings. These include:

The “disclosure burden” is largely driven by a desire to reduce liability. The first CCMC panel focused on the perspectives of two former SEC commissioners: Roel Campos, who is currently a partner at Locke Lord; and Cynthia Glassman, now a senior research scholar at the Institute for Corporate Responsibility at the George Washington University School of Business. There was agreement that disclosures have become documents of litigation. The usefulness of many disclosures was called into question, and in fact, many of the disclosures found on today’s financial statements are not actually mandated. For example, while comment letters issued by SEC staff from the Division of Corporation Finance and the Division of Investment Management “do not constitute an official expression of the SEC’s views” and are “limited to the specific facts of the filing in question and do not apply to other filings,”[1] many companies include disclosures based on these comment letters, often aiming to reduce their company’s liability by accounting for every possible contingency.

What’s more, if one company is asked by the SEC to provide a particular disclosure, other companies may feel compelled to disclose the same information even though they may operate in different industries.

Nevertheless, elimination of unnecessary or outdated disclosures requires a lengthy review process. Without a champion for reform, disclosures can linger on financial statements in perpetuity. An advisory council delegate noted: “It’s possible to take the initiative and cut the 10-K down. But it’s a significant time commitment, so you need buy-in from the CEO, CFO, and audit committee.”

Technology provides promising solutions. It was also observed that many disclosures are mandated by laws and rules stemming from the 1930s to the 1980s, when corporate information was only accessible in a physical form. Today, company websites often provide more detailed, current information than the 10-K. One CCMC panelist suggested that the SEC should encourage companies to rely more on these websites for the disclosure of certain information, such as historical share prices.

CCMC panelists also discussed ways to take advantage of technology to redesign and standardize the financial statements themselves, which could make them searchable and allow investors to make comparisons over time or across companies more easily. One panelist suggested that disclosure transparency could be enhanced by creating a “digital executive summary” document. In this summary, new, newly relevant, and the most material disclosures could be grouped in one place with hyperlinks to more detailed information. A similar notion has been discussed at recent Audit Advisory Council meetings, as one delegate offered: “Perhaps we need a second document, aside from the 10-K, that provides a shorter, more meaningful narrative that’s focused on the material issues that investors are interested in.”

Disclosure reform involves multiple stakeholder groups. The second CCMC panel of the morning focused on balancing the disclosure needs of various stakeholders. The panel included the perspectives of several professionals whose work is heavily influenced by the disclosure regime. They included Julie Bell Lindsay, managing director and general counsel for capital markets and corporate reporting, Citigroup Inc.; Chris Holmes, national director of SEC regulatory matters, Ernst & Young; Flora Perez, vice president and deputy general counsel, Ryder System Inc.; and Ann Yerger, executive director, Council of Institutional Investors.

From the investors’ perspective, it was noted that because investors are voracious consumers of information, they will rarely say “no” if offered more information.

Several corporate counsels noted initiatives at their companies that are designed to increase disclosure transparency, including efforts to work directly with investors to determine the information that was the most important to them. In fact, nearly half of the respondents to the 2013–2014 NACD Public Company Governance Survey indicated that a representative of the board had met with institutional investors in the past 12 months:

survey graphic

The SEC is currently developing solutions. The final panel of the morning featured Keith Higgins, director of the SEC’s Division of Corporation Finance, who provided his views regarding the state of the disclosure system and described how the division is currently conducting its disclosure reform initiatives. More details regarding the division’s plans to tackle disclosure reform can be found in this speech by Higgins to the American Bar Association in April.

Throughout the morning’s discussions, there were also points of disagreement, such as the relevance of specific disclosures. Each session, however, provided evidence that on all sides of the issue there are those making good-faith efforts to improve the system.

[1] http://www.sec.gov/answers/commentletters.htm.

Voluntary Public-Private Partnership on Cyber-Risk Oversight

July 30th, 2014 | By

On Tuesday, the U.S. Department of Homeland Security selected and posted the NACD Director’s Handbook on Cyber-Risk Oversight on the Critical Infrastructure Cyber Community (C3) Voluntary Program website. At a press conference yesterday, four panelists, Ken Daly, president and CEO, NACD; Mark Camillo, head of cyber products for the Americas Region, AIG; Larry Clinton, president and CEO, ISA; and Dr. Andy Ozment, Assistant Secretary for Cybersecurity and Communications, DHS, spoke generally about cybersecurity as an issue for directors, and specifically about the contents of the handbook, created by NACD in association with AIG and ISA, which focuses on cybersecurity oversight at the board level.

Larry Clinton observed that the first of two goals for combatting cyber risks at board level is to raise awareness of cybersecurity as a risk directors must oversee. NACD has been actively engaged in educating the board member community on cyber issues for some time. In summer 2013, The Art of Cyber War graced the cover of NACD Directorship, followed by coverage in subsequent issues; NACD has held multiple roundtables and events focused on cybersecurity issues, including a day-long cyber-risk summit in Chicago, and has built the topic into the flagship Master Class program. In addition to the director’s handbook, other recent NACD thought leadership includes the white paper Cybersecurity: Boardroom Implications and a video series focused on technology and cybersecurity.

On Tuesday, Dr. Ozment emphasized the fact that cyber risks affect organizations of all sizes, sectors, and industries, stating that a director who doesn’t know about cyber incidents falls into one of two categories: either “your CEO doesn’t think you care about cyber incidents,” or “your CIO doesn’t know about the cyber incidents.” He followed with, “unfortunately the bad guys are doing more for cybersecurity awareness than any one of us can do.” Clinton’s first goal, realizing the “why” of cyber-risk oversight at board level, has been scarred into directors’ understanding.

Clinton’s second goal is simple but even more challenging: we have to work together to “solve it.” According to the forthcoming 2014-2015 NACD Public Company Governance Survey, 90 percent of directors believe their boards’ understanding of cyber risk needs improvement. Though directors get the “why,” they need guidance on the “how,” advice practical to boards’ oversight of cyber risk.

The NACD Director’s Handbook on Cyber-Risk Oversight provides insight into the “how.” Daly stated that cyber “is simply another risk [that] fits within the enterprise risk management system.” Camillo indicated that the handbook’s five principles “can be used immediately” and applied to an organization’s existing ERM program:

  • Principle 1: Directors need to understand and approach cybersecurity as an enterprise-wide risk management issue, not just an IT issue.
  • Principle 2: Directors should understand the legal implications of cyber risks as they relate to their company’s specific circumstances.
  • Principle 3: Boards should have adequate access to cybersecurity expertise, and discussions about cyber-risk management should be given regular and adequate time on the board meeting agenda.
  • Principle 4: Directors should set an expectation that management establish an enterprise-wide cyber-risk management framework with adequate staffing and budget.
  • Principle 5: Board-management discussions about cyber risk should include identification of which risks to avoid, accept, mitigate, or transfer through insurance, as well as specific plans associated with each approach.

Daly further emphasized the “voluntary public-private partnership” between NACD, ISA, AIG, and DHS reflected in the fact that the handbook is the first, and currently only, private-sector document featured on the DHS C3 Voluntary Program website. The concept of cross-sector partnership to combat cyber risks is a centerpiece of the president’s 2013 executive order, Improving Critical Infrastructure Cybersecurity. The handbook’s release signifies that the partnership-based approach is bearing fruit and the private sector is taking responsibility for cyber risk. Dr. Ozment agreed, stating that “managing cybersecurity is a shared responsibility,” and this handbook demonstrates widespread acceptance of the NIST cybersecurity framework. The handbook’s creators’ combined cyber, risk, and governance expertise to provide recommendations, broadly applicable to directors of all economic sectors, for combatting a national and international problem.