SEC Wins “Shadow Trading” Case
The SEC notched a major win in its recent Panuwat case, described as the first-ever “shadow trading” enforcement action. After a biotech executive learned about his company’s imminent acquisition, he purchased short-dated, out-of-the-money call options for the stock of an industry peer, making a $100,000 profit from the call options. His company’s insider trading policy prohibited using the company’s confidential information to trade not only in the company’s securities but also (a key fact) in the securities of other companies. After an eight-day trial, a civil jury deliberated for two hours to find the executive liable for insider trading. Describing the verdict, an SEC official stated that “there was nothing novel about this matter,” calling it “insider trading, pure and simple.” The case has prompted widespread consideration of trading policy terms and considerable debate over whether and how to update trading policies. Advisability of changes can depend on the circumstances and warrants discussion with outside counsel.
SEC Freezes Climate Disclosure Rules During Legal Challenge
The SEC has paused its recently finalized climate disclosure rules due to lawsuits challenging their validity. Energy companies, 21 state attorneys general and industry groups sued in federal court to block the rules. After the multiple lawsuits were consolidated and assigned to the Eighth US Circuit Court of Appeals, the SEC stayed the rules. The pending litigation reduces the urgency surrounding implementation, and companies need not begin immediate compliance efforts. The outcome of the SEC litigation will take months or possibly years to play out and, even if some or all of the SEC rules survive, the delay will very likely result in a post-litigation transition period for companies to comply with the rules. Even so, companies are continuing to plan for some climate reporting based on climate-disclosure rules unrelated to the SEC, such as those in California and the EU.
Boards Consider Oversight of Cyber Risks Amid New SEC Disclosures
Recent cyber incident disclosures show companies grappling with the dynamic nature of cyber incidents and the special challenges these incidents present. Event-driven disclosures require companies to balance prompt disclosure with evolving materiality assessments as internal investigations progress. Annual disclosures reflect wide variation in granularity regarding cyber risk management, strategy, governance, oversight and reporting structures. Diversity of practice in the newly mandated SEC cyber disclosures has prompted boards to consider how their oversight duties apply to cyber risks and how best to review management’s role in mitigating cyber risks. As a result, boards are considering market standards in reviewing cyber risk oversight, and companies are reviewing internal processes and procedures to reflect industry-specific risks in light of SEC comment trends and enforcement activity.
SEC Enforcement Focuses on Artificial Intelligence Disclosures
Companies are reviewing their AI-related disclosures after SEC enforcement actions targeting false claims of “predictive algorithmic” and other false AI capabilities. Within a broader regulatory sweep by the SEC, DOJ and FTC, government authorities are scrutinizing the accuracy of AI-related statements. As a result, boards are assessing their oversight of AI-related risks and related public disclosures, including whether public statements about the use of AI accurately represent genuine AI capabilities and reasonably supportable claims.
Companies Contend With New CTA Reporting Requirements
The recently enacted Corporate Transparency Act seeks to combat tax fraud, money laundering and terrorism financing by increasing transparency of corporate structures and ownership. The CTA requires businesses to submit beneficial ownership reports to the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN). These reporting requirements exempt public companies but not their joint ventures or other entities that are not wholly-owned. As a result, public companies are reviewing the entities in their organizational structure for compliance with CTA reporting requirements and assessing how to establish compliance systems and procedures.