As companies prepare for the second year of filings under the Securities and Exchange Commission’s (“SEC”) new conflict minerals rule, many companies are looking for guidance from the first annual filings, which were due June 2, 2014. As expected, the inaugural Form SD and conflict minerals report filings reflect diverse approaches to the new compliance and disclosure requirements. We offer below some observations based on the first round of conflict minerals filings for companies to consider as they address their compliance programs and disclosures for the 2014 calendar year. It is important to note, however, that the shape of future compliance and reporting obligations will be impacted by the outcome of the pending litigation challenging the conflict minerals rule, which also is discussed below, and any subsequent action by the SEC.
In a December 15, 2014, post to this Harvard Corporate Governance blog, (here) Professor Jonathan R. Macey suggests that the article I co-authored with Dan Gallagher, “Did Harvard Violate Federal Securities Laws? The Campaign Against Classified Boards of Directors,” (here) wrongfully accuses Harvard’s Shareholder Rights Project of fraud. Professor Macey’s post presents a detailed critique, and I greatly appreciate Harvard’s courtesy in providing this opportunity for response.
Thank you and good morning. I want to start by welcoming the members of the Advisory Committee on Small and Emerging Companies to today’s meeting. I appreciate your efforts and look forward to today’s discussions. I would also like to thank the staff of the Division of Corporation Finance’s Office of Small Business Policy for organizing this meeting.
Since its formation in 2011, this Committee has provided the Commission with advice related to privately-held small businesses and the smaller publicly traded companies. It is well-known that these businesses have an outsized impact on the growth of our country’s economy and on job creation for all Americans.
As you know, today’s meeting will focus on the definition of “accredited investor.” This definition is critical to the Commission’s Regulation D exemption from the registration requirements of the Securities Act of 1933. Regulation D may be the Commission’s most widely used exempted offering. It is regularly used by small businesses to raise funds in the capital markets.
“The scope of [the Sony Pictures Entertainment (SPE)] attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public…. The bottom line is that this was an unparalleled and well planned crime, carried out by an organized group, for which neither SPE nor other companies could have been fully prepared.”
— Remarks by Kevin Mandia, “Sony Investigator Says Cyber Attack ‘Unparalleled’ Crime,” Reuters, December 7, 2014. 
“The days of the IT guy sitting alone in a dark corner are long gone. Cybersecurity has become an obvious priority for C-Suites and boardrooms, as reputations, intellectual property and ultimately lots of money are on the line.”
— Priya Ananda, “One Year After Target’s Breach: What Have We Learned?” November 1, 2014. 
“Resiliency is the ability to sustain damage but ultimately succeed. Resiliency is all about accepting that I will sustain a certain amount of damage.”
— NSA Director and Commander of U.S. Cyber Command Admiral Mike Rogers, September 16, 2014. 
We have definitively learned from the past few months’ worth of catastrophic cyber security breaches that throwing tens of millions of dollars at “preventive” measures is simply not enough. The bad guys are too far ahead of the malware curve for that.  We have also learned that there are no such things as quick fixes in the cyber security world. Instead, the best approach is a holistic approach: basic blocking and tackling such as password protection, encryption, employee training, and strong, multi-faceted intrusion detection systems  really trump reliance on a “50 foot high firewall” alone. But there are also two more things that are critical to a holistic cyber security approach: a strong, well-practiced Incident Response Plan (IRP), and, as Admiral Rogers noted above, the concept of cyber-resiliency, i.e., the ability to take your lumps, but continue your business operations unabated.
In this post, we tackle two questions: (1) What are the essential elements of a Cyber IRP? and (2) Why are IRPs so important to your organization?
Political spending and climate change, key topics during the 2014 proxy season, are expected to feature heavily again in 2015 shareholder proposals. This post reviews the content of the social and environmental proposals voted on most frequently by shareholders of Russell 3000 companies during the 2014 season, including the topics that received the highest average shareholder support. The complete publication provides examples of proposal text and sponsor supporting statements, as well as board responses and related corporate disclosure.
Nearly 40 percent of all shareholder proposals submitted at Russell 3000 companies that held meetings during the first half of 2014 were related to social and environmental policy issues, up from 29.2 percent in 2010, as documented in Proxy Voting Analytics (2010-2014). Social and environmental policy proposals now represent the second-largest category of the subjects in terms of both the number submitted and the number voted, narrowly behind corporate governance.
In our paper, Capital Allocation and Delegation of Decision-Making Authority within Firms, forthcoming in the Journal of Financial Economics, we use a unique data set that contains information on more than 1,000 Chief Executive Officers (CEOs) and Chief Financial Officers (CFOs) around the world to investigate the degree to which executives delegate financial decisions and the circumstances that drive variation in delegation. Our results can be grouped into four themes.
After a year of “first ever” actions targeting private equity, fund managers should be vigilant, even about seemingly small issues.
In reviewing the results of SEC Enforcement’s fiscal year that ended on September 30, the agency congratulated itself on its comprehensive approach to enforcement and its “first-ever” cases. Private equity fund managers should consider a number of important takeaways.
The SEC Continues to Pursue a Broken Windows/Zero Tolerance Approach
Although the Enforcement Division announced a record number of enforcement actions, and the largest aggregate financial recovery, 2014, unlike in years past, did not include a headline-grabbing case such as Enron, Worldcom or Madoff. More recently, the agency has chosen to emphasize its pursuit of smaller cases as a way of improving compliance in the industry. SEC Chair Mary Jo White and Enforcement Director Andrew Ceresney have each touted the agency’s “broken windows” approach to enforcement. A “broken windows” strategy means that the SEC will pursue even the smallest violations on the theory that publicly pursuing smaller matters will reduce the prevalence of larger violations. Ceresney has described “broken windows” as a zero tolerance policy. This past year illustrated the agency’s commitment to applying enforcement sanctions to what some might consider “foot fault” incidents. For example, in September 2014, the SEC announced a package of three dozen cases involving a failure to promptly file Section 13D and Section 13G reports, as well as Forms 3 and 4. Many of the filers charged were just days or weeks late in disclosing their positions. In announcing the cases, Ceresney emphasized that inadvertence was not a defense to late filings.
In our paper, CEOs and the Product Market: When Are Powerful CEOs Beneficial?, which was recently made publicly available on SSRN, we explore what the central factors are that influence when and how powerful CEOs may add value and how the benefits and costs of CEO power vary with industry conditions. In an ideal world, shareholders would grant an optimal level of power, weighing various costs and benefits specific to the firm’s characteristics and the business conditions in which it operates. We hypothesize that the optimal amount of power changes based on product market conditions.
Most recent research has shown that CEO power is negatively associated with firm value and is associated with negative outcomes for the firm. Articles have suggested that powerful CEOs may be bad news for shareholders (e.g., Bebchuk, Cremers, and Peyer 2011; Landier, Sauvagnat, Sraer, and Thesmar 2013). Morse, Nanda, and Seru (2011) provide evidence that powerful CEOs may have more favorable incentive contracts. Khanna, Kim, and Lu (forthcoming) show that CEO power arising from personal decisions can increase the likelihood of fraud within corporations.
Earlier today [Wednesday, December 10, 2014], the Second Circuit Court of Appeals issued an important decision overturning the insider trading convictions of two portfolio managers while clarifying what the government must prove to establish so-called “tippee liability.” United States v. Newman, et al., Nos. 13-1837-cr, 13-1917-cr (2d Cir. Dec. 10, 2014). The Court’s decision leaves undisturbed the well-established principles that a corporate insider is criminally liable when the government proves he breached fiduciary duties owed to the company’s shareholders by trading while in possession of material, non-public information, and that such a corporate insider can also be held liable if he discloses confidential corporate information to an outsider in exchange for a “personal benefit.”
Here is something that one does not see every day. In their recent paper “Did Harvard Violate Federal Securities Law? The Campaign Against Classified Boards of Directors” posted on December 10, 2014, a sitting Commissioner of the Securities and Exchange Commission and a former SEC Commissioner accuse the Shareholder Rights Project at Harvard Law School (SRP) of violating the anti-fraud provisions of the securities laws. The alleged fraud occurred when institutional investors represented by the SRP proposed shareholder resolutions encouraging shareholders in U.S. public companies to vote to de-stagger their companies’ boards.
In this submission I present my analysis of this paper, concluding that the SRP proposals were not fraudulent or misleading and that the aggressive application of the anti-fraud provisions of the securities laws advanced by the authors of the “Did Harvard Violate Federal Securities Law?” would be inconsistent with the law and, by the authors’ own admission, inconsistent with the current policy and practice of the staff of the Securities and Exchange Commission.