The U.S. Court of Appeals for the Fifth Circuit has granted a stay pending appeal of a recent district court order that preliminarily enjoined enforcement of the Corporate Transparency Act (CTA).[1]

The stay renders the district court’s order ineffective while the government appeals it.  FinCEN responded the same day providing an extension of the reporting deadline for most reporting companies until January 13, 2025.[2]  Therefore, the CTA is enforceable but with new timelines, more fully set out below. Please note that certain reporting deadlines were not explicitly extended, and in parsing FinCEN’s release it appears that the filing deadline for entities newly created or registered between September 24 and December 2, 2024 remains set at 90 days from such entity’s formation.

An update on case developments since our December 16, 2024 Client Alert can be found immediately below. For additional background information, please refer to the remainder of this Client Alert or our Client Alerts issued on December 5December 9, and December 16, 2024.

On December 13, the Department of Justice, on behalf of the Financial Crimes Enforcement Network (FinCEN), filed a motion in the Fifth Circuit asking that court to stay the district court’s nationwide preliminary injunction against enforcement of the CTA, pending appeal of that order.[3]

On December 23, the Fifth Circuit granted the government’s request and stayed the district court’s order pending appeal.[4]  The Fifth Circuit panel consisted of Judges Stewart, Haynes, and Higginson.  Judge Haynes joined the order in part and disagreed in part, noting her agreement that a nationwide injunction was inappropriate but that she would deny the stay pending appeal with respect to the parties.[5]

The panel agreed with the government that it was likely to succeed on the merits of its appeal because, in its view, the CTA falls within the scope of Congress’s power under the Commerce Clause: The CTA “regulates anonymous ownership and operation of businesses”—”‘part of an economic class of activities that have a substantial effect on interstate commerce.’”[6]  Moreover, the court credited the government’s argument that a facial challenge to the CTA was unlikely to succeed because the Act “at least operates constitutionally when it requires that corporations engaged in business operations affecting interstate commerce disclose their beneficial owner and applicant information.”[7]

Turning to the other factors that courts consider when evaluating stay requests, the panel concluded that the government demonstrated irreparable harm because it was enjoined from effectuating a statute enacted by Congress, and the equities weighed in favor of a stay because companies’ reporting costs would be minimal compared to the government’s interest in combatting financial crime and protecting national security.[8]  It also noted that although the injunction would be lifted shortly before the January 1, 2025 reporting deadline, businesses have had nearly four years since the CTA’s enactment and one year since FinCEN announced the reporting deadline to prepare.[9]

Late on December 23, 2024, FinCEN announced that it “recognizes that reporting companies may need additional time to comply given the period when the preliminary injunction had been in effect” and so has extended the reporting deadlines for most companies to January 13, 2025.

Additionally, on December 24, 2024, the plaintiffs filed an emergency petition for rehearing en banc, which is currently pending.[10]  The plaintiffs are asking the en banc Fifth Circuit to act on that petition by January 6, 2024, and the plaintiffs indicated that they may also seek relief in the U.S. Supreme Court prior to January 13, 2024.[11]

What the Stay Means for Entities Subject to the CTA

Now that the district court’s order has been stayed, the CTA and FinCEN’s beneficial ownership information (BOI) Reporting Rule are enforceable again.  Based on FinCEN’s reporting extensions on December 23, the following are the operative Reporting Rule deadlines for non-exempt reporting companies as noted in the FinCEN announcement[12]:

Category

New Reporting Deadline

Original Reporting Deadline

Entities created or registered prior to 2024

January 13, 2025

January 1, 2025

Entities created or registered between January 1 and September 3, 2024

The original 90-day reporting deadline for these entities had already passed as of the district court’s December 3, 2024 stay order. FinCEN did not extend the original reporting deadline for these entities.

Entities created or registered between September 4 and 24, 2024 (referred to by FinCEN as entities created or registered “on or after September 4, 2024 that had a filing deadline between December 3, 2024 and December 23, 2024”)

January 13, 2025

90 days from creation or registration

Entities created or registered between September 24 and December 2, 2024[13]

90 days from creation or registration (no extension provided)

90 days from creation or registration

Entities created or registered between December 3 and 23, 2024

21 days after the original reporting deadline

90 days from creation or registration

Entities created or registered between December 24 and 31, 2024

90 days from creation or registration (no extension provided)

90 days from creation or registration

Entities created or registered on or after January 1, 2025

30 days from creation or registration (no extension provided)

30 days from creation or registration

Entities that qualify for disaster relief extensions

For any entity that qualifies for a disaster relief extension, FinCEN has provided that the later of January 13, 2025 and the original reporting deadline (as extended pursuant to disaster relief) will apply.

blank space

Entities that believe they may be subject to the Reporting Rule should closely monitor this matter, and consult with their CTA advisors as necessary, to understand their obligations under the CTA and the Reporting Rule under the new reporting deadlines set out above.

Additional Background

The CTA, enacted in 2021, requires corporations, limited liability companies, and certain other entities created (or, as to non-U.S. entities, registered to do business) in any U.S. state or tribal jurisdiction to file a “BOI” report with FinCEN identifying, among other information, the natural persons who are beneficial owners of the entity.[14] A regulation, the Reporting Rule, helps implement the CTA by specifying compliance deadlines—including the original January 1, 2025 deadline for companies created or registered to do business in the United States before January 1, 2024—and detailing what information must be reported to FinCEN.[15]

The December 3, 2024 Ruling

On December 3, 2024, in ruling on a lawsuit challenging the constitutionality of the CTA and Reporting Rule on various grounds, Judge Amos L. Mazzant of the U.S. District Court for the Eastern District of Texas granted plaintiffs’ motion for a preliminary injunction.[16] Unlike another court that had held the CTA unconstitutional,[17] Judge Mazzant preliminarily enjoined enforcement of the CTA and Reporting Rule nationwide.[18] Moreover, the court invoked its power under the Administrative Procedure Act’s stay provision, 5 U.S.C. § 705, to “postpone the effective date of” the Reporting Rule.[19]

Government’s Initial Response[20]

On December 5, the Department of Justice, on behalf of the Department of the Treasury, filed a notice of appeal from the court’s opinion and order to the U.S. Court of Appeals for the Fifth Circuit.[21]

FinCEN also posted a statement to its website.[22]  In sum, FinCEN noted that, because of the court’s order, “reporting companies are not currently required to file their beneficial ownership information with FinCEN and will not be subject to liability if they fail to do so while the preliminary injunction remains in effect. Nevertheless, reporting companies may continue to voluntarily submit beneficial ownership information reports.”  FinCEN also noted the appeal filed by the Department of Justice.

[1]  A prior alert by Gibson Dunn explaining the district court’s ruling is available at https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwide.  See Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[2]  https://www.fincen.gov/boi.

[3] Texas Top Cop Shop, Inc. v. Garland, No. 24-40792, Dkt. 21 (5th Cir. Dec. 13, 2024).

[4] Texas Top Cop Shop, Inc. v. Garland, No. 24-40792, Dkt. 140-2 (5th Cir. Dec. 23, 2024).

[5] Id. at 2 n.1.

[6] Id. at 3 (quoting Gonzales v. Raich, 545 U.S. 1, 17 (2005)).

[7] Id. at 5.

[8] Id. at 5–7.

[9] Id. at 7 n.7.

[10]  Texas Top Cop Shop, Inc. v. Garland, No. 24-40792, Dkt. 143 (5th Cir. Dec. 24, 2024).

[11]  Texas Top Cop Shop, Inc. v. Garland, No. 24-40792, Dkt. 142 (5th Cir. Dec. 24, 2024).

[12]  https://www.fincen.gov/boi.

[13]  FinCEN’s notice did not expressly address or provide an extension for entities created or registered between these dates.

[14] See William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, Div. F., § 6403 (adding 31 U.S.C. § 5336).  Prior alerts by Gibson Dunn explaining the Corporate Transparency Act are available at: https://www.gibsondunn.com/top-12-developments-in-anti-money-laundering-enforcement-in-2023https://www.gibsondunn.com/the-impact-of-fincens-beneficial-ownership-regulation-on-investment-fundshttps://www.gibsondunn.com/the-corporate-transparency-act-reminders-and-key-updates-including-fincen-october-3-faqs.

[15] 31 C.F.R. § 1010.380.

[16] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[17] Nat’l Small Business United v. Yellen, 721 F. Supp. 3d 1260 (N.D. Ala. 2024); see https://www.gibsondunn.com/corporate-transparency-act-declared-unconstitutional-what-it-means-for-you.

[18] Id. at 77.

[19] Id. at 78.

[20] See Gibson Dunn’s December 9 Client Alert describing the government’s initial response to the district court ruling, available at https://www.gibsondunn.com/us-government-appeals-and-fincen-issues-guidance-about-nationwide-preliminary-injunction-of-corporate-transparency-act-enforcement.

[21]  Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkts. 32, 34 (E.D. Tex. Dec. 6, 2024).

[22]  https://fincen.gov/boi.


The following Gibson Dunn lawyers assisted in preparing this update: Kevin Bettsteller, Stephanie Brooker, Matt Gregory, Justin Newman, Dave Ware, Shannon Errico, Sam Raymond, Chris Jones, and Connor Mui.

Gibson Dunn has deep experience with issues relating to the Bank Secrecy Act, the Corporate Transparency Act, other AML and sanctions laws and regulations, and challenges to Congressional statutes and administrative regulations.

For assistance navigating white collar or regulatory enforcement issues, please contact the authors, the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s Anti-Money Laundering, Administrative Law & Regulatory, Investment Funds, Real Estate, or White Collar Defense & Investigations practice groups.

Please also feel free to contact any of the following practice group leaders and members and key CTA contacts:

Anti-Money Laundering:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
M. Kendall Day – Washington, D.C. (+1 202.955.8220, [email protected])
David Ware – Washington, D.C. (+1 202-887-3652, [email protected])
Ella Capone – Washington, D.C. (+1 202.887.3511, [email protected])
Sam Raymond – New York (+1 212.351.2499, [email protected])
Chris Jones – Los Angeles (+1 213.229.7786, [email protected])

Administrative Law and Regulatory:
Stuart F. Delery – Washington, D.C. (+1 202.955.8515, [email protected])
Eugene Scalia – Washington, D.C. (+1 202.955.8673, [email protected])
Helgi C. Walker – Washington, D.C. (+1 202.887.3599, [email protected])
Matt Gregory – Washington, D.C. (+1 202.887.3635, [email protected])

Investment Funds:
Kevin Bettsteller – Los Angeles (+1 310.552.8566, [email protected])
Shannon Errico – New York (+1 212.351.2448, [email protected])
Greg Merz – Washington, D.C. (+1 202.887.3637, [email protected])

Real Estate:
Eric M. Feuerstein – New York (+1 212.351.2323, [email protected])
Jesse Sharf – Los Angeles (+1 310.552.8512, [email protected])
Lesley V. Davis – Orange County (+1 949.451.3848, [email protected])
Anna Korbakis – Orange County (+1 949.451.3808, [email protected])

White Collar Defense and Investigations:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
Winston Y. Chan – San Francisco (+1 415.393.8362, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
F. Joseph Warin – Washington, D.C. (+1 202.887.3609, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

From the Derivatives Practice Group: The CFTC approved a final rule regarding safeguarding and investment of customer funds by FCMs and DCOs and another final rule codifying the no-action position in CFTC staff letter 19-17 regarding separate account treatment by FCMs. The CFTC also has suggestions on your New Year’s resolution.

New Developments

  • Customer Advisory: Avoiding Fraud May be Your Best Resolution. A new CFTC customer advisory suggests adding “spotting scams” to your list of New Year’s resolutions. The Office of Customer Education and Outreach’s Avoiding Fraud May be Your Best Resolution says that with scammers robbing billions of dollars from Americans through relationship investment scams, resolving to be careful about who you trust online, staying informed, and learning all you can about trading risks are admirable 2025 resolutions. [NEW]
  • CFTC Approves Final Rule on Margin Adequacy, Treatment of Separate Accounts of a Customer by Futures Commission Merchants. On December 20, 2024, the CFTC announced a final rule to implement requirements for futures commission merchants related to margin adequacy and the treatment of separate accounts of a customer. The rule finalizes the Commission’s proposal, published in the Federal Register in March, to codify the no-action position in CFTC staff letter 19-17 regarding separate account treatment. [NEW]
  • CFTC Approves Final Rule Regarding Safeguarding and Investment of Customer Funds. On December 17, the CFTC announced that it approved a final rule amending the CFTC’s regulations that govern how futures commission merchants and derivatives clearing organizations safeguard and invest customer funds held for the benefit of customers engaging in futures, foreign futures, and cleared swaps transactions. The amendments revise the list of permitted investments in CFTC Regulation 1.25 and make other related changes and specifications. The amendments also eliminate the CFTC requirement that an FCM deposit customer funds with depositories that provide the CFTC with read-only electronic access to such accounts. The compliance date for the revisions is 30 days after the final rule is published in the Federal Register, except for the revisions to the Segregation Investment Detail Reports (“SIDR”) specified in CFTC Regulations 1.32, 22.2(g)(5), and 30.7(l)(5), and the revisions to the customer risk disclosure statement required under CFTC Regulation 1.55. The compliance date for the revisions to the SIDR and the risk disclosure statement is March 31, 2025. [NEW]
  • CFTC Commissioner Kristin N. Johnson Announces Reports and Recommendations Advanced by MRAC in 2024. The Market Risk Advisory Committee (“MRAC”) held a public meeting Dec. 10 during which the MRAC adopted three sets of recommendations for the CFTC’s consideration. The reports and accompanying recommendations address (i) U.S. Treasury markets with a focus on effective risk management practices for the cash-futures basis trade, (ii) modernization of regulation governing cyber resilience and critical third-party service providers for central counterparties, and (iii) the potential benefits and limitations of formally adopting obligations to employ legal entity identifiers for beneficial account holders of certain intermediaries. Commissioner Johnson also announced that Danielle Abada, Christopher Lamb and Nita Somasundaram have joined her staff [NEW]
  • CFTC Grants QC Clearing LLC DCO Registration. On December 17, 2024, the CFTC announced that it issued QC Clearing LLC an Order of Registration as a derivatives clearing organization under the Commodity Exchange Act. QC Clearing LLC permitted to clear, in its capacity as a DCO, fully collateralized positions in futures contracts, options on futures contracts, and swaps. [NEW]
  • CFTC Staff Issues Advisory Regarding Form 304 Submission Format Beginning January 15, 2025. On December 12, the CFTC Division of Market Oversight issued an advisory notifying all merchants and dealers of cotton holding or controlling positions for future delivery in cotton (traders) that beginning next year they must submit the regulatory filing identified as “Form 304” through the CFTC’s online filings portal. The advisory notes that all traders who are subject to CFTC Regulation 17 CFR 19.00(a) beginning January 15, 2025, Form 304 must be submitted through the CFTC’s online filings portal, which has been updated for traders’ use. Form 304 should continue to be submitted via email through January 14, 2025.
  • CFTC Staff Issues Advisory Related to the Use of Artificial Intelligence by CFTC-Registered Entities and Registrants. On December 5, the CFTC’s Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants issued a staff advisory on the use of artificial intelligence in CFTC-regulated markets by registered entities and registrants. The advisory is intended to remind CFTC-regulated entities of their obligations under the Commodity Exchange Act and the CFTC’s regulations as these entities begin to implement AI. CFTC staff noted that it is closely tracking the development of AI technology and AI’s potential benefits and risks and that it values its ongoing dialogue with CFTC-regulated entities and intends to monitor these entities’ use of AI as part of the agency’s routine oversight activities. According to the CFTC, the advisory is informed, in part, by public comments received in response to the staff’s January 25, 2024 Request for Comment on AI.
  • CFTC Releases FY 2024 Enforcement Results. On December 4, the CFTC announced record monetary relief of over $17.1 billion for fiscal year 2024. With the resolution of digital asset cases that resulted in the agency’s largest recovery ever, this record amount included $2.6 billion in civil monetary penalties and $14.5 billion in disgorgement and restitution. In FY 2024, the agency brought 58 new actions including, in the CFTC’s words, precedent-setting digital asset commodities cases, its first actions addressing fraud in voluntary carbon credit markets, complex manipulation cases in various markets, and significant compliance cases – including its largest compliance case ever. The CFTC also said that it continued to vigorously litigate pending actions, resulting in significant litigation victories and recoveries.

New Developments Outside the U.S.

  • ESMA Consults on the Internal Control Framework for Some of its Supervised Entities. On December 19, ESMA launched a consultation on draft Guidelines related to the Internal Control Framework for some of its supervised entities. ESMA said that the proposed draft Guidelines build on the Internal Control Guidelines currently in place for Credit Rating Agencies and extend them to include also Benchmark Administrators, and Market Transparency Infrastructures (Trade Repositories, Data Reporting Services Providers and Securitization Repositories). The draft Guidelines outline ESMA’s expectations for the components and characteristics of an effective internal control system, intended to ensure: a strong framework, detailing the internal control environment and informational aspects, and effective internal control functions, including compliance, risk management, and internal audit. The draft Guidelines also explain how ESMA applies proportionality in its expectations regarding the internal controls for a supervised entity. According to ESMA, the consultation is primarily aimed at ESMA supervised entities and prospective applicants for ESMA supervision. [NEW]
  • ESMA Releases Last Policy Documents to Get Ready for MiCA. On December 17, ESMA published its last package of final reports containing Regulatory Technical Standards and guidelines ahead of the full entry into application of the Markets in Crypto Assets Regulation. Specifically, the package includes Regulatory Technical Standards on market abuse and guidelines on reverse solicitation, suitability, crypto-asset transfer services, qualification of crypto-assets as financial instruments and maintenance of systems and security access protocols. [NEW]
  • ESMA Consults on Proposals to Digitalize Sustainability and Financial Disclosures. On December 13, ESMA published a Consultation Paper seeking stakeholders’ views on how the European Single Electronic Format can be applied to sustainability reporting. The proposals also aim to ease the burden associated with financial reporting. Interested stakeholders are invited to submit their feedback by March 31, 2025.
  • ESMA Consults on Open-Ended Loan Originating Alternative Investment Funds. On December 12, ESMA published a consultation paper on draft regulatory technical standards on open-ended loan originating Alternative Investment Funds (“AIFs”) under the revised Alternative Investment Fund Managers Directive (“AIFMD”). AIFMD review has introduced some harmonized rules on loan originating funds. The goal of these rules is to provide a common implementing framework by determining the elements and factors that Alternative Investment Fund Managers need to consider when making the demonstration to their Competent Authorities that the loan originated AIFs they manage can be open-ended.
  • ESMA Consults on Technical Advice on Listing Act Implications. On December 12, ESMA launched a consultation to gather feedback following changes to the Market Abuse Regulation (“MAR”) and Market in Financial Instruments Directive II (“MiFID II”) introduced by the Listing Act. Regarding MAR, ESMA is inviting feedback on: a non-exhaustive list of the protracted process and the relevant moment of disclosure of the relevant inside information (together with some principles to identify the moment of disclosure for protracted not listed processes); a non-exhaustive list of examples where there is a contrast between the inside information to be delayed and the latest public announcement by the issuer; and a methodology and preliminary results for identifying trading venues with a significant cross-border dimension, for the purposes of establishing a Cross Market Order Book Mechanism. Regarding MiFID II, ESMA’s proposals cover: a systematic review of the relevant provisions in Commission Delegated Regulation 2017/565 to ensure that a Multilateral Trading Facility (“MTF”) (or a segment of it) to be registered as small and medium-sized enterprises growth market complies with the relevant requirements in the revised MiFID II; and some conditions to meet the registration requirements for a segment of an MTF, as specified in the revised MiFID II.
  • ESAs Provide Guidelines to Facilitate Consistency in the Regulatory Classification of Crypto-Assets by Industry and Supervisors. On December 10, the European Supervisory Authorities (the “ESAs”) published joint Guidelines intended to facilitate consistency in the regulatory classification of crypto-assets under Markets in Crypto Asset Regulation. The Guidelines include a standardized test to promote a common approach to classification as well as templates market participants should use when communicating to supervisors the regulatory classification of a crypto-asset.
  • IOSCO Publishes Final Report on Regulatory Implications and Good Practices on the Evolution of Market Structures. On November 29, IOSCO published its Final Report on the Evolution in the Operation, Governance, and Business Models of Exchanges. According to IOSCO, the Final Report addresses significant changes in exchange business models and market structures, highlighting the impact of increased competition, technological advancements, and cross-border activity on exchanges. Additionally, it outlines a set of six good practices for regulators to consider in the supervision of exchanges that cover three key areas: (1) Organization of Exchanges and Exchange Groups (2) Supervision of Exchanges and Trading Venues within Exchange Groups and (3) Supervision of Multinational Exchange Groups.

New Industry-Led Developments

  • FRTB Implementation Challenges: Capitalization of Funds. On December 13, ISDA published a second whitepaper on the capitalization of equity investment in funds (“EIIFs”) under the Fundamental Review of the Trading Book (“FRTB”) framework. This paper builds upon an earlier ISDA publication in 2022 that highlighted the overly conservative capital requirements and operational complexities resulting from the proposed Basel III framework associated with EIIFs. Since then, several jurisdictions have implemented the FRTB (Canada and Japan), while others have finalized their FRTB rules (the EU and the UK) or are consulting on the final rules (the US). This topic continues to be a globally important issue for the industry, with many unresolved concerns related to the treatment of EIIFs.
  • ISDA Responds to HM Treasury on Financial Services Growth and Competitiveness Strategy. On December 12, ISDA submitted its response to HM Treasury’s call for evidence on its financial services growth and competitiveness strategy. In the response, ISDA focused on innovation, technology, international partnerships and trade and sustainable finance. ISDA also urged the UK government to progress its review of markets and infrastructure regulation and retain its focus as a world leading host for central counterparties. [NEW]
  • Joint Associations Send Letter on UK CCP Equivalence and Recognition. On December 12, ISDA and eleven other trade associations representing a broad group of market participants sent a letter to Commissioner Albuquerque requiring that the European Commission extends the equivalence decision for UK Central Counterparties in a non-time-limited manner and well in advance of March 31, 2025. The current time-limited equivalence decision is set to expire on June 30, 2025.
  • ISDA Publishes Paper on Compliance Requirements under MIFIR. On December 9, ISDA published a paper that maps out an approach to post-trade transparency under the revised Markets in Financial Instruments Regulation for reporting single-name credit default swaps referenced to global systemically important banks, supporting meaningful transparency and implementation practicability.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus  – New York (212.351.3869,  [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

An annual update of observations on new developments and highlights of considerations for calendar-year filers preparing their Annual Reports on Form 10-K for 2024 and proxy statements for annual meetings in 2025.

Each year we offer our observations on new developments and highlight select considerations for calendar-year filers as they prepare their Annual Reports on Form 10-K. This year, we are also including a discussion of select proxy statement considerations. This alert touches upon recent rulemaking from the U.S. Securities and Exchange Commission (the “SEC” or “Commission”), emerging trends among reporting companies, recent comment letters issued by the staff of the SEC’s Division of Corporation Finance (the “Staff”) and developments in the securities litigation and SEC enforcement landscape.

Despite the forthcoming changes in presidential administration and Commission leadership, public companies continue to be subject to rules adopted and guidance issued during Gary Gensler’s chairmanship. While we anticipate that changes in Commission leadership will likely result in shifts in the SEC’s disclosure review focus and enforcement priorities, we believe public companies are wise to stay the course and react to changes in policy or practice with respect to SEC and investor disclosures only after such changes are implemented.

An index of the topics described in this alert is provided below.

I. New Disclosure Requirements for 2024 Form 10-Ks and 2025 Proxy Statements
        A. New Form 10-K Disclosure Requirements
                1. Discuss Insider Trading Policies and Procedures in the Form 10-K (and Proxy
                Statement)
                2. File Insider Trading Policies and Procedures with the Form 10-K
                3. iXBRL Tagging for Cybersecurity Disclosures
        B. New Proxy Statement Disclosure Requirements
                1. Option Award Grant Timing Disclosures
                2. Discuss Insider Trading Policies and Procedures in the Proxy Statement (and
                Form 10-K)
II. Disclosure Trends and Considerations for the 2024 Form 10-K
        A. Cybersecurity
        B. Human Capital
        C. Climate Change and ESG
        D. Generative Artificial Intelligence
        E. Geopolitical Conflict
        F. Issues for China-based Companies
        G. Inflation and Interest Rate Concerns
III. Disclosure Trends and Considerations for the 2025 Proxy Statement
        A. Officer Exculpation
        B. Director Time Commitments (Overboarding)
        C. Director Independence Determinations
        D. Pay vs. Performance
        E. Continued SEC Scrutiny of Perquisites
        F. Nasdaq Board Diversity Rules
IV. SEC Comment Letter Trends
        A. Management’s Discussion and Analysis
        B. Non-GAAP Financial Measures
        C. Segment Reporting
V. Securities Litigation
VI. SEC Enforcement
        A. Defense Against Cybersecurity Risks
        B. Use of Emerging Technologies
        C. Internal Controls
        D. Enforcement Priorities in 2025
VII. Other Reminders and Considerations
        A. EDGAR Next
        B. Disclosure of Significant Segment Expenses in Notes to Financials
        C. Clawback Policies and Checkboxes
        D. Filing Requirement for “Glossy” Annual Report
        E. Cover Page XBRL Disclosures
VIII. Looking Forward

I. New Disclosure Requirements for 2024 Form 10-Ks and 2025 Proxy Statements

The pace of SEC rulemaking regarding public company disclosures slowed in 2024 compared to prior years, particularly the period of breakneck rulemaking that began when Chair Gensler became the Chair of the Commission in 2021 and continued through the end of 2023. The main disclosure requirements that became effective in 2024 resulted from final rules adopted by the SEC in December 2022.

While the SEC’s Regulatory Flexibility Agendas for Spring and Fall 2024 continued to include a bevy of new rulemaking projects, only a few impacting the disclosure obligations of public companies made it to the proposed or final rule stage. When the Trump-appointed Chair, currently expected to be former SEC Commissioner Paul Atkins, takes over at the SEC, several of the rulemaking projects that currently remain under consideration (e.g., board diversity, human capital) are likely to be relegated to the back burner or abandoned altogether.

Set forth below are discussions of the most significant new disclosure requirements that public companies need to consider heading into 2025.

A. New Form 10-K Disclosure Requirements

1. Discuss Insider Trading Policies and Procedures in the Form 10-K (and Proxy Statement)

Pursuant to Item 408(b) of Regulation S-K, companies with a December 31 fiscal year end will be required to disclose whether they have adopted insider trading policies and procedures governing the purchase, sale, and other dispositions of their securities by directors, officers, and employees, or the company itself, that are reasonably designed to promote compliance with insider trading laws, rules, and regulations, and any listing standards applicable to the company. If a company has not adopted such insider trading policies and procedures, it must explain why it has not done so.

Form 10-K vs. Proxy Statement

The information required by Item 408(b) must be included in Part III, Item 10 of Form 10-K[1] every year (either directly or by forward incorporation by reference to the proxy statement) and in the proxy statement for any meeting involving the election of directors.

Because companies are permitted to forward incorporate Form 10-K Part III information by reference to a proxy statement filed within 120 days of the end of the year covered by the Form 10-K, companies may decide to simply include the disclosure in the proxy statement as is commonly done with other Part III information. Companies that decide to go this route should make sure that the insider trading disclosure in the proxy statement is adequately covered by the incorporation by reference language included in Item 10 of Form 10-K. To comply with Exchange Act Rule 12b-23, companies should identify in the Form 10-K the information intended to be incorporated as well as the section of the proxy statement in which that information can be found.

Based on a review of the 95 S&P 500 companies that had filed an insider trading policy as of November 22, 2024, we compiled several observations that are set forth in this alert. For information about the results of an earlier survey based on our review of the insider trading policies filed by S&P 500 companies as of June 30, 2024, see our client alert “Early Insights from Insider Trading Policies Filed by S&P 500 Companies under the SEC’s New Exhibit Requirement“ (the “September 2024 Insider Trading Policy Survey”).[2]

Out of the above-mentioned 95 companies, 56 have filed both their proxy statement and their Form 10-K.[3] Of these 56 companies, 95% included the disclosure in their proxy statement, with 57% including the disclosure only in the proxy statement (and incorporating by reference in the Form 10-K); 32% including the disclosure in the proxy statement and Form 10-K; and 9% having a deficient Form 10-K because they did not include or incorporate by reference the disclosure. The remaining 5% of the 56 companies had a deficient proxy statement because they included the disclosure only in the Form 10-K.

Content of Item 408(b) Disclosure

Companies seem to take varying approaches to the content of their Item 408(b) disclosure. While some of the companies that included the disclosure in both the Form 10-K and the proxy statement had the same or virtually the same disclosure in both filings, others varied it, with some companies largely tracking the language provided in Item 408(b) in the Form 10-K, referring readers to the policies and procedures filed as exhibits to the Form 10-K, but providing more detailed disclosure in their proxy statement, and other companies including more detailed disclosure in the Form 10-K than the proxy statement. A majority of the companies that included the disclosure only in the proxy statement included more detailed disclosure than the language provided in Item 408(b), in many cases by including the key terms of the policy and weaving into the discussion the hedging policy disclosure required by Item 407(i).

“Policies and procedures governing … the registrant itself”

As mentioned above, Item 408(b) requires a company to disclose whether it has adopted insider trading policies and procedures governing transactions in company securities by the company itself, and, if so, to file the policies and procedures, or, if not, to explain why.

Of the 95 S&P 500 companies that had filed their insider trading policy as of November 22, 2024, a majority (69%) did not address insider trading policies or procedures governing companies’ transactions in their own securities.[4] Twenty-six percent of the surveyed companies addressed this requirement by including in their primary insider trading policy a brief sentence or two about the company’s policy of complying with applicable laws when trading in its own securities. Four percent of the surveyed companies filed a separate company repurchase policy, either as a separate exhibit (3%) or with the company’s primary insider trading policy as a single exhibit (1%).

Comparing these findings to the results of our survey of insider trading policies as of June 30, 2024 shows that more companies are complying with the requirement to file policies applicable to company transactions. In fact, almost half of the companies that filed their insider trading policy exhibits after August 30, 2024 complied with the requirement, as compared with 22% of companies that had filed as of June 30, 2024.

2. File Insider Trading Policies and Procedures with the Form 10-K

Pursuant to the exhibit requirements in Item 601(b)(19) of Regulation S-K and the new insider trading rule in Item 408(b)(2), calendar year-end companies are required to file with their 2024 Form 10-K “[a]ny” “insider trading policies and procedures governing the purchase, sale, and/or other dispositions of the registrant’s securities by directors, officers and employees, or the registrant itself, that are reasonably designed to promote compliance with insider trading laws, rules and regulations, and any listing standards applicable to the registrant.”

In September 2024, we published our September 2024 Insider Trading Policy Survey. The discussion below covers some of the questions raised by the new exhibit requirement and looks at how some filers handled these issues.

Ancillary Materials to Primary Insider Trading Policy

For many companies, there is not simply one document setting forth every policy applicable to directors, officers and employees that is “reasonably designed to promote compliance with insider trading laws, rules and regulations, and [applicable] listing standards.” A company’s primary insider trading policy is frequently accompanied by:

  • appendices or other ancillary documents setting forth additional details, such as a schedule listing the people subject to additional trading windows or preclearance procedures, additional guidelines applicable to Rule 10b5-1 trading arrangements, or frequently asked questions;
  • training materials used to promote compliance with insider trading laws, rules, regulations, and listing standards by directors, officers, and employees; and/or
  • specific instructions for how directors, officers, and employees can obtain preclearance or any other approvals referenced in the policy (e.g., who to contact, what systems to use).

Similarly, for the convenience of its users, historically some policies hyperlinked to other information relevant to the policy, such as applicable definitions, examples of what constitutes material non-public information (“MNPI”), and a routinely updated schedule of quarterly trading blackout windows.

When preparing to file Exhibit 19 to Form 10-K, companies will want to consider whether any of these ancillary materials should be filed with the company’s primary insider trading policy. In the absence of guidance from the SEC, one reasonable approach would be to file any ancillary materials that impose additional substantive requirements on directors, officers, and employees, but omit ancillary materials that simply repeat or provide examples or interpretations of the requirements set forth in the main policy.

Based on the insider trading policies filed as of November 22, 2024, a significant majority (86%) of the companies filed only a single insider trading policy and no other related policies or documents (even where the insider trading policy referenced other related policies).[5] In the small number of cases where multiple policies were filed, the additional policies were often supplemental guidelines or policies covering topics typically not applicable to all employees at larger companies (e.g., trading windows, preclearance procedures, 10b5-1 plans).

Unwritten Procedures

Item 408(b)(2) seems to presume the policies and procedures are in writing, but nowhere has the SEC addressed what is to be done to comply with the exhibit requirement in Item 601(b)(19) if the policy or, more likely, procedures are not written. In the absence of guidance from the SEC, to the extent companies have policies or procedures that are not written, they will need to decide whether to (1) memorialize their previously unwritten policies or procedures in writing (either through a detailed description or a more high-level summary) so they can be filed or (2) leave the policies or procedures unwritten and forego filing.

Personal Information in Policies

Many insider trading policies have historically included the names and contact information for the individuals responsible for administering the policy. In anticipation of the filing requirement, many companies have removed that information from the policy altogether. We also believe it is reasonable to retain the information in the internal, non-public facing policy but to redact the information from the exhibit filed with the Form 10-K pursuant to Item 601(a)(6), which allows companies to redact information “if disclosure of such information would constitute a clearly unwarranted invasion of personal privacy (e.g., disclosure of bank account numbers, social security numbers, home addresses, and similar information).”

3. iXBRL Tagging for Cybersecurity Disclosures

Beginning with the 2024 Form 10-K, the required cybersecurity disclosures that calendar year-end companies first began including in their 2023 Forms 10-K pursuant to Item 106 of Regulation S-K will need to be tagged in Inline XBRL (“iXBRL”), including by block text tagging narrative disclosures and detail tagging quantitative amounts.[6] The SEC has stated that companies must use the “Cybersecurity Disclosure (CYD)” taxonomy tags within iXBRL to tag these disclosures.[7] Companies need to be aware that significant judgment will be required to apply these tags. Not only will companies be required to determine the provision of Item 106 to which each part of the narrative disclosure is responsive, but companies will also need to determine which flags to mark as “true” or “false.”

Importantly, under the CYD taxonomy, there is a flag for “Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant,” and it is our understanding that to properly apply the flag, each company must select “true” or “false.” As discussed in Section II.A. (Cybersecurity) below, the requirement to describe whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the registrant caused consternation among many companies and resulted in wide variety of responses during the first year of compliance. With the iXBRL requirement going into effect, companies that have addressed Item 106(b)(2) by including slightly vague or ambiguous disclosure in Item 1C or by cross-referencing their risk factors will need to carefully consider how they will handle these new tagging requirements.

B. New Proxy Statement Disclosure Requirements

1. Option Award Grant Timing Disclosures

The SEC adopted new rules requiring companies to disclose their policies and practices related to the timing of granting option awards (including stock appreciation rights) and the relationship between grants and the release of MNPI. Specifically, pursuant to Item 402(x) of Regulation S-K, companies must explain how the board decides when to grant these awards (e.g., whether they follow a set schedule), whether the board or compensation committee considers MNPI when deciding the timing and terms of such awards (and if so, how they consider such MNPI) and whether the company has timed the release of MNPI to influence the value of executive compensation. In addition, a new table is required to be included for option awards granted during the last fiscal year to a named executive officer within four business days before or one business day after the filing of a Form 10-Q or Form 10-K, or the filing or furnishing of a Form 8-K that discloses MNPI. Companies are required to include the narrative policies and practices disclosure regardless of whether the company has actually made grants of option awards close in time to the release of MNPI. Although these rules apply only to options and similar awards, we expect many companies to include, or expand on existing, narrative disclosures regarding their policies and practices related to the timing of full value awards as well (i.e., restricted stock units, restricted stock, and performance stock units).

2. Discuss Insider Trading Policies and Procedures in the Proxy Statement (and Form 10-K)

As a result of the overlapping obligations, this proxy statement requirement is discussed above in the section titled “New Form 10-K Disclosure Requirements.”

II. Disclosure Trends and Considerations for the 2024 Form 10-K

A. Cybersecurity

As previously discussed in our client alert “SEC Adopts New Rules on Cybersecurity Disclosure for Public Companies,” on July 26, 2023, the SEC adopted a final rule requiring public companies to provide current disclosure of material cybersecurity incidents and annual disclosure regarding cybersecurity risk management, strategy, and governance.

Under new Item 106, which is required to be addressed in new Item 1C of Form 10-K, public companies must include disclosures in their annual reports regarding their (1) cybersecurity risk management and strategy, including with respect to their processes for identifying, assessing, and managing cybersecurity threats and whether risks from cybersecurity threats have materially affected them; and (2) cybersecurity governance, including with respect to oversight by their boards and management.[8]

The new rule first applied to annual reports on Form 10-K for fiscal years ending on or after December 15, 2023, so most companies provided the required disclosure for the first time in 2024. Gibson Dunn surveyed disclosures made by 97 S&P 100 companies in response to Item 106 requirements as of November 30, 2024.[9] Set forth below is a summary of key trends and insights based on our analysis of these filings. The full results of this survey are included in our alert titled “Cybersecurity Disclosure Overview: A Survey of Form 10-K Cybersecurity Disclosures by the S&P 100 Companies.”

While certain disclosure trends have emerged under Item 106, we note that there is significant variation among companies’ cybersecurity disclosures, reflecting the reality that effective cybersecurity programs must be tailored to each company’s specific circumstances, such as its size and complexity of operations, the nature and scope of its activities, industry, regulatory requirements, the sensitivity of data maintained, and risk profile. Companies must strike a careful balance in their disclosures, providing sufficient decision-useful information for investors, while taking care not to reveal sensitive information that could be exploited by threat actors.[10] We expect company disclosures to continue to evolve as their practices change in response to the ever-evolving cybersecurity threat landscape and as common disclosure practices emerge among public companies.

The key disclosure trends we observed include the following:

  • Materiality. The phrasing used by companies for this disclosure requirement varies widely. Specifically, in response to the requirement to describe whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the company, the largest group of companies (40%) include disclosure in Item 1C largely tracking Item 106(b)(2) language (at times, subject to various qualifiers); 38% vary their disclosure from the Item 106(b)(2) requirement in how they address the forward-looking risks; and 22% of companies do not include disclosure specifically responsive to Item 106(b)(2) directly in Item 1C, although a substantial majority of these companies cross-reference to a discussion in Item 1A “Risk Factors.”
  • Board Oversight. Most companies delegate specific responsibility for cybersecurity risk oversight to a board committee and describe the process by which such committee is informed about such risks. Ultimately, however, the majority of surveyed companies report that the full board is responsible for enterprise-wide risk oversight, which includes cybersecurity.
  • Cybersecurity Program. Companies commonly reference their program alignment with one or more external frameworks or standards, with the National Institute of Standards and Technology (NIST) Cybersecurity Framework being cited most often. Companies also frequently discuss specific administrative and technical components of their cybersecurity programs, as well as their high-level approach to responding to cybersecurity incidents.
  • Assessors, Consultants, Auditors or Other Third Parties. As required by Item 106(b)(1)(ii), nearly all companies discuss retention of assessors, consultants, auditors or other third parties, as part of their processes for oversight, identification, and management of material risks from cybersecurity threats.
  • Risks Associated with Third-Party Service Providers and Vendors. In line with the requirements of Item 106(b)(1)(iii), all companies outline processes for overseeing risks associated with third-party service providers and vendors.
  • Drafting Considerations.
    • Most companies organize their disclosure into two sections, generally tracking the organization of Item 106, with one section dedicated to cybersecurity risk management and strategy and another section focused on cybersecurity governance. Companies typically include disclosures responsive to the requirement to address material impacts of cybersecurity risks, threats and incidents in the section on risk management and strategy.
    • The average length of disclosure among surveyed companies is 980 words, with the shortest disclosure at 368 words and the longest disclosure at 2,023 words. The average disclosure runs about a page and a half.
  • Risk Factors. A substantial majority of companies include a cross-reference to their cybersecurity-related risk factor(s) in Item 1A “Risk Factors” or to risk factors included in Item 1A more generally.

B. Human Capital

Human capital resource disclosures by public companies have continued to be a focus since the SEC adopted the new rules in 2020, not only for companies making the disclosures, but employees, investors, and other stakeholders reading them. As we have done for the past several years, we recently published a survey of the human capital resource disclosures from the S&P 100, available in our client alert titled “Four Years of Evolving Form 10-K Human Capital Disclosures.” The alert also provides practical considerations for companies as we head into 2025.

Overall, our findings indicate that companies are generally making only minor changes to their disclosures year over year, and these minor changes generally included shortening of company disclosures, maintaining or decreasing the number of topics covered, and including slightly less quantitative information in some areas.[11] Specifically, we identified the following trends regarding the S&P 100 companies’ human capital disclosures compared to the previous year:

  • Length of disclosure. Fifty-seven percent of surveyed companies decreased the length of their disclosures, 34% increased the length of their disclosures, and the length of the remaining 9% remained the same.
  • Number of topics covered. Forty-one percent of surveyed companies decreased the number of topics covered, 13% increased the number of topics covered, and the remaining 46% covered the same number of topics.
  • Breadth of topics covered. Across all companies, the prevalence of 10 topics increased, nine topics decreased, and nine topics remained the same.
    • The most significant year-over-year increases in frequency involved Culture Initiatives (30% to 35%) and Pay Equity (48% to 50%) disclosures.
    • The most significant year-over-year decrease involved COVID-19 disclosures, which declined in frequency from 34% to 1%. Other year-over-year decreases related to disclosures addressing Diversity Targets and Goals (21% to 14%), Diversity in Promotion (29% to 26%), Quantitative Diversity Statistics regarding Gender (63% to 60%), and Community Investment (28% to 25%).
  • Most common topics covered. This year, the topics most commonly discussed generally remained consistent with the previous two years. For example, Talent Development, Diversity and Inclusion, Talent Attraction and Retention, Employee Compensation and Benefits, and Monitoring Culture remained the five most frequently discussed topics. The topics least discussed this most recent year, however, changed slightly from that of the previous year as COVID-19 disclosures, and Diversity Targets and Goals dropped into the five least frequently covered topics.
  • Industry trends. Within the technology and finance industries, the trends that we saw in the previous year regarding the frequency of topics disclosed generally remained the same.

C. Climate Change and ESG

The SEC adopted final climate disclosure rules in March 2024.[12] The rules established new disclosure requirements under Regulation S-K related to climate-related risks, governance, and strategy and greenhouse gas emissions (for certain large filers), as well as new financial statement reporting requirements in Regulation S-X related to severe weather events, carbon or energy products, and climate-related targets or transition plans.[13] Following the consolidation of several legal challenges in the Eighth Circuit, the SEC voluntarily stayed the rules in April 2024 pending the litigation’s outcome.[14]

While the litigation is ongoing and the rules do not apply to the upcoming Form 10-K, reporting companies should remain thoughtful about how existing SEC rules may nonetheless require disclosure on many of these topics, including in the risk factors section (related to material climate-related risks), the business section (related to, for example, material climate-related regulatory developments or changes to business strategy), and management’s discussion and analysis (“MD&A”) section (related to, for example, material costs incurred from unique events or invested in climate-related research and development).[15] It can also be prudent to assess the consistency of any sustainability-related disclosure in the Form 10-K with current or anticipated reporting on these topics in non-U.S. or voluntary filings, as mandatory sustainability reporting regulations continue to be adopted outside the United States and may create new areas of legal risk. In particular, companies that are preparing to report under the European Union’s Corporate Sustainability Reporting Directive should consider whether the results of their double materiality assessment or other analyses also require an update to the Form 10-K, including the risk factors discussion.[16]

The Division of Enforcement has also maintained its focus on sustainability-related disclosures and practices despite the dissolution of the standalone ESG Task Force earlier this year.[17] In September 2024, a multinational beverage company agreed to pay a $1.5 million civil penalty to settle SEC claims regarding past Form 10-K statements on testing of the recyclability of the company’s single-use beverage pods. The SEC alleged that statements concerning the successful testing of the recyclability of the pods incomplete and inaccurate by not including that two of the largest recycling companies had expressed concerns about the commercial feasibility of curbside recycling of small format materials and had indicated that at that time they did not intend to accept the pods at their facilities. Notably, the SEC asserted violations of only Section 13(a) of the Securities Exchange Act of 1934 and Rule 13a-1. This standard does not require that the disclosures be material or misleading, or that they be made with any intent—only that the disclosures included in an issuer’s SEC filings be complete and accurate. This enforcement action reinforces that even voluntary or immaterial disclosure on these and other topics may be the subject of regulatory scrutiny and should be appropriately vetted for completeness before filing.

D. Generative Artificial Intelligence

As artificial intelligence (“AI”), including generative AI, becomes increasingly prevalent in the marketplace and incorporated into business operations, companies should assess whether they have adequate AI-related disclosure. Specifically, companies should consider the ways in which the company’s strategy, productivity, market competition and demand for the company’s products, investments and the company’s reputation, as well as legal and regulatory risks, could be affected by AI. To the extent material, disclosure about how the company uses AI and the risks related to its use should be provided in the description of business section, risk factors, MD&A, and the financial statements (as well as the discussion of the board’s role in risk oversight in the proxy statement), as applicable.

When making AI-related disclosures, companies should be careful of general language that could be interpreted as “AI Washing.”[18] As noted by Director Erik Gerding in the Division of Corporation Finance’s announcement in June, the Staff will consider how companies are describing AI-related opportunities and risks, including, to the extent material, whether or not the company: (1) clearly defines what it means by AI and how the technology could improve the company’s results of operations, financial condition and future prospects; (2) provides tailored, rather than boilerplate, disclosure about material risks related to AI; (3) focuses on the company’s current or proposed use of AI; and (4) has a reasonable basis for its claims when discussing AI prospects.[19]

In recent comment letters, the Staff has asked companies to provide additional context to their AI-related disclosure, including to explain the basis of AI-related performance claims and to provide specific descriptions of the AI technology being used by the company, such as the development, implementation and source of the technology, and risks related to such use.[20]

E. Geopolitical Conflict

Public companies should continue to consider the evolving developments related to the continued conflicts between Russia and Ukraine and in the Middle East, as well as continued tensions between China and the United States, including as to whether risks associated with these developments are adequately discussed in the risk factors, as well as their direct and indirect impacts on their business, operating results, and financial condition.

F. Issues for China-based Companies

As discussed in our client alert “Considerations for Preparing Your 2023 Form 10-K,” companies with operations in the People’s Republic of China (the “PRC”) should review the Division of Corporation Finance’s sample comment letter[21] highlighting three focus areas for periodic disclosures related to China-specific matters, including those arising from the Holding Foreign Companies Accountable Act (the “HFCAA”), the Uyghur Forced Labor Prevention Act, and specific government-related operational risks. In addition to posing questions regarding HFCAA disclosures, the sample letter includes comments directed at risk factors and MD&A disclosure.

Director Gerding of the Division of Corporation Finance communicated in June that the Staff would continue to focus on China-based companies and to elicit disclosure from companies on material risks they face from the PRC intervening in, or exercising control over, their operations in the PRC.[22] Director Gerding also noted that the Staff continues to believe that companies should provide more prominent, specific, and tailored disclosures about China-specific matters so that investors have the information they need to make informed investment and voting decisions.

G. Inflation and Interest Rate Concerns

While inflationary pressures have eased and interest rates have decreased as compared to 2023, companies should continue to consider whether their disclosures regarding inflation impacts and risks and uncertainty regarding inflation or future rate changes are adequately discussed, including in light of announced plans from President-elect Trump regarding the implementation of tariffs on U.S. imports as discussed below. Depending on the effect on a company’s operations and financial condition, additional disclosure in risk factors, MD&A, or the financial statements may be necessary.

In June, Director Gerding stressed that material ongoing impacts of inflation, including particularized risks, should continue to be disclosed and companies should not simply discuss high-level trends.[23] Additionally, given the market disruptions in the banking industry that began in 2023, the Staff also indicated that it would continue to scrutinize updated disclosures related to interest rate risk and liquidity risk.[24]

The President-elect has frequently reiterated plans to implement tariffs on U.S. imports of up to 20% on all imports generally, with higher rates for select U.S. trade partners, and has recently communicated that he will impose tariffs of 25% on imports entering the United States from Canada and Mexico, and an additional 10% tariff on imports from China, as one of his first executive orders. Implementation of these tariffs could adversely affect efforts to stem inflationary pressures in the United States and correspondingly influence interest rates. Companies should continue to monitor the risks associated with these proposed policies and confirm that such risks are adequately addressed in their disclosures, including if such proposed plans have already begun to impact their business.

In recent comment letters relating to inflation, the Staff has focused on how current inflationary pressures have materially impacted a company’s operations, including by referring to statements regarding inflation made in a company’s quarterly filings, and sought disclosure to quantify the impact and to identify planned or taken efforts to mitigate the impact of inflation. If inflation is identified as a significant risk, the Staff asked companies to update disclosure if inflationary pressures have resulted in a material impact, to identify the types of inflationary pressures being faced and to quantify the impact of factors contributing to inflationary pressures.[25]

In recent comment letters relating to interest rates, the Staff has asked companies to expand their discussion of interest rates in the risk factors and MD&A sections to specifically identify the impact on the company’s business operations and to discuss specific risk policies and procedures used by the company to manage and monitor interest rate risk.[26]

It is also critical that companies confirm that their disclosures in “Item 7A. Quantitative and Qualitative Disclosures About Market Risk” are up-to-date and responsive to the requirements of Item 305 of Regulation S-K.

III. Disclosure Trends and Considerations for the 2025 Proxy Statement

A. Officer Exculpation

In August 2022, the Delaware General Corporation Law was amended to allow companies to amend their certificate of incorporation to exculpate certain officers from personal liability for monetary damages for breaches of fiduciary duty in a manner similar to, but more narrow than, what is currently permitted for directors.

Such exculpation provisions apply only to direct claims against officers alleging a breach of fiduciary duty of care and provide a basis for early dismissal of certain claims in the preliminary stages of litigation, before extensive and expensive discovery. Because insurance and indemnification already serve to protect officers’ assets in such cases, the company is the primary beneficiary of extending exculpation to officers. This protection must be implemented through an amendment to the company’s certificate of incorporation, requiring both board and shareholder approval.

Although companies initially faced uncertainty regarding the reception of these amendments by proxy advisory firms and institutional investors, most proposals have received strong investor support during 2023, and this support continued in 2024. Between the 2023 and 2024 proxy seasons, approximately 27% of all S&P 500 companies incorporated in Delaware proposed exculpation amendments; all but three (96%) received stockholder approval.[27] Institutional Shareholders Services tends to support these proposals on a case-by-case basis, while Glass Lewis tends to oppose them, absent a “compelling rationale.”

The adoption of officer exculpation amendments reflects evolving expectations around liability protections for corporate officers. Companies contemplating such amendments should consider whether to engage with shareholders in advance to address potential concerns.

B. Director Time Commitments (Overboarding)

Institutional investors are increasingly scrutinizing directors’ time commitments to ensure effective governance. While the primary focus remains adhering to strict numerical limitations on the number of public company boards a director should serve on (generally, no more than two boards for directors who are executive officers and no more than four boards for non-executive directors), there is an increasing push to require companies to disclose their internal director time commitment policies and demonstrate adherence to such policies.[28] With a view to demonstrating the company’s responsiveness to evolving investor expectations and commitment to robust corporate governance, companies should revisit their policy and the processes used by their nominating committee or board of directors to assess director candidates in determining to nominate them for election to the board of directors and consider whether any enhancements are appropriate.

C. Director Independence Determinations

Companies should take a fresh look at their vetting processes to support disclosures with respect to director independence determinations. In 2024, the SEC brought settled charges against a director for proxy rule violations after he was identified in the company’s proxy statement as independent despite maintaining a close personal relationship with an executive officer of the company. The director did not disclose this relationship to the board of directors, thereby allegedly causing the company’s proxy statement to contain materially misleading statements. This enforcement action highlights the need for rigorous diligence in assessing relationships and transactions that could compromise a director’s independence. In light of these developments, companies should assess their independence determination processes, including reviewing their annual directors’ questionnaires and considering whether there are any opportunities to enhance board or nominating committee oversight and related proxy disclosures.

D. Pay vs. Performance

Most companies have already complied with the SEC’s “pay versus performance” (“PvP”) disclosure rules in their annual 2023 and 2024 proxy statements. As companies begin to prepare their 2025 disclosures, we’ve highlighted some notable trends and developments below based on prior proxy seasons and comment letters from the Staff:

  • One additional year. Reminder that companies must add 2024 as an additional year to the PvP table and should not remove any years until after the PvP table contains five years total (three years for smaller reporting companies).
  • Relationship disclosures. Although the rule permits graphical, narrative, or a combination thereof to describe the relationship between compensation actually paid and the various performance metrics, the comment letters from the Staff indicate a preference for graphical depictions. Graphical depictions have also been the majority practice during the last two proxy seasons.
  • Metrics reporting. The Staff has placed an emphasis on ensuring (i) the compensation numbers included in the PvP table reconcile with those disclosed in the Summary Compensation Table, (ii) any Generally Accepted Accounting Principles (“GAAP”) numbers used, including net income, reconcile to the applicable numbers disclosed on the company’s Form 10-K, (iii) companies include clear descriptions of how they calculated any non-GAAP numbers included in the PvP disclosure, and (iv) the company-selected measure in the PvP table is included in the company’s list of the most important measures used to link pay and performance.
  • Reconciliations. As a reminder, footnote reconciliations of the amounts deducted and added to calculate compensation actually paid for years other than the most recent fiscal year are required only if material to an understanding of the PvP information reported for the most recent fiscal year. As such, many companies can streamline their PvP disclosures by omitting prior years’ footnote reconciliations. In line with such guidance, the Staff has indicated that if a company revises the compensation actually paid included for prior fiscal years, then footnote reconciliations for such prior years should be included.
  • Precise headings. The Staff has placed an emphasis on avoiding the use of vague terms in the headings of PvP table footnote reconciliations, such as “year-over-year.” Instead, the Staff prefers specific headings that track closely to the language of the rules, such as “prior fiscal year end to current fiscal year end” or “prior fiscal year end to vesting date.”
  • Peer group changes. As a reminder, if the peer group used for peer group total shareholder return (“TSR”) disclosures in the PvP table changes from the prior year, the footnote must include the reason for the change and a comparison of the company’s TSR with that of both the new peer group and the peer group from the prior year.

In light of the above, companies should review their PVP table and related disclosures to incorporate and consider whether any improvements are necessary to comply with the latest SEC guidance.

E. Continued SEC Scrutiny of Perquisites

The SEC continues to bring enforcement actions against companies relating to perquisite disclosure (as recently as this month), so companies may want to revisit their director and officer questionnaire and other disclosure control processes ahead of the upcoming proxy statement. Perquisites facing scrutiny include personal travel and commuting (including use of corporate aircraft), personal expenses, personal entertainment, personal transportation and personal security.

F. Nasdaq Board Diversity Rules

On December 11, 2024, the U.S. Court of Appeals for the Fifth Circuit vacated the SEC’s approval of Nasdaq’s board diversity disclosure rules, which previously required Nasdaq-listed companies to annually disclose a board diversity matrix with information about each of its director’s self-identified gender and demographic characteristics. Nasdaq has communicated that it does not intend to seek further review. As a result, companies will no longer be required to follow Nasdaq’s board diversity disclosure rules but may want to consider relevant investment community expectations when assessing any changes to their proxy disclosures.

IV. SEC Comment Letter Trends[29]

In 2024, comment letters from the Staff continued an emphasis on addressing disclosures in MD&A as well as the use of non-GAAP measures. Notably, following the adoption and subsequent stay of the SEC’s final climate disclosure rule in 2024, the number of comment letters from the Staff regarding companies’ climate-related disclosures decreased as the SEC reprioritized its focus areas.

A. Management’s Discussion and Analysis

Many of the comment letters addressing MD&A continued to focus on disclosures relating to results of operations, with the Staff often requesting that companies explain related disclosures with more specificity. The Staff has continued to focus on disclosures regarding material period-to-period changes in quantitative and qualitative terms as prescribed by Item 303(b) of Regulation S-K. For example, the Staff has commented on disclosures about factors contributing to period-on-period changes in financial line items, such as revenue, gross margin, cost of sales, expenses and operating cash flows, to request that companies provide both more quantitative detail regarding the extent to which each factor had contributed to the overall change in the line item, as well as qualitative discussion of the underlying factors attributable to such contributing factors.[30] The Staff often requested companies to “use more definitive terminology, rather than general or vague terms such as ‘primarily,’ to describe each contributing factor.”[31] The Staff has also continued to request that companies make disclosures about known trends and uncertainties affecting their results of operations.[32]

Another area that the Staff has continued to focus on is ensuring that key performance indicators (“KPIs”) are properly contextualized so that they are not misleading.[33] The Staff has, in certain circumstances, requested that companies provide additional disclosures regarding how KPIs are defined and calculated, why they are useful to investors and how they are used by management.[34] In addition, the Staff asked companies why KPIs or other performance metrics are discussed in earnings releases or investor presentations if not also discussed in their periodic reports or presented inconsistently.[35]

The Staff has also often asked companies to quantify and provide additional disclosure regarding significant components of financial condition and results of operations that have affected segment results.[36]

Two other key areas of MD&A that the Staff continued to focus on were critical accounting estimates and liquidity and capital resources. The Staff frequently noted that companies’ disclosures regarding critical accounting estimates were too general and requested that companies provide a more robust analysis, including both qualitative and quantitative information necessary to understand the estimation uncertainty and its impact on the financial statements, consistent with the requirement now set forth in Item 303(b)(3).[37] The Staff often indicated that these disclosures should supplement, not duplicate, the disclosures in footnotes to financial statements.[38] The Staff frequently commented on cash flows disclosures regarding enhancing the comparative analysis of the drivers of material changes period-on-period and the underlying reasons for such material changes, with a view to provide investors an understanding of trends and variability in cash flows.[39] The Staff also noted that such disclosures should not merely recite changes evident in the financial statements.[40]

B. Non-GAAP Financial Measures

The Staff has continued to express concerns regarding the improper use of non-GAAP measures in filings and issued several comments aligned with the Staff’s Compliance and Disclosure Interpretations (“C&DIs”).[41] Comments related to the latest C&DIs continued to focus on whether operating expenses are “normal” or “recurring” (Non-GAAP C&DI 100.01), and, therefore, whether exclusion from non-GAAP financial measures might be misleading.[42] The Staff has also asked companies about whether certain non-GAAP adjustments to revenue or expenses have made the adjustments “individually tailored” (Non-GAAP C&DI 100.04).[43] In addition to a continued focus on the topics covered under the C&DIs, the Staff continued to focus on a number of other matters relating to compliance with Item 10(e) of Regulation S-K, including the prominence of non-GAAP measures, reconciliations to GAAP measures and the usefulness and purpose of particular non-GAAP measures.

C. Segment Reporting

The Staff has continued to comment on a number of segment reporting disclosures. Examples of common comments include whether a company’s operating segments are properly categorized and the reasoning behind the aggregation of similar segments (and the factors used to identify different segments). The Staff also continued to focus on the disclosure of segment profit or loss measures and, in some cases, commenting that a measure consolidating segment profit or loss reflected a non-GAAP measure and should not be included in the financial statements.[44] Similarly, the Staff also commented that when a company presents a measure consolidating segment profit or loss outside of the notes in the financial statements, it is a non-GAAP measure and must comply with Item 10(e) and the Non-GAAP C&DIs.[45]

V. Securities Litigation

Companies should be aware of the following recent developments at the Supreme Court. First, earlier this year, the Supreme Court issued its opinion in Macquarie Infrastructure Corp. v. Moab Partners, L.P.¸601 U.S. 257 (2024), about whether Section 10(b) liability can be based on failure to disclose information required by Item 303. Second, the Supreme Court previously was poised to issue a decision in Facebook, Inc. v. Amalgamated Bank, regarding when risk factor disclosures made pursuant to Item 105 of Reg. S-K can be false or misleading under Section 10(b). However, after hearing oral argument, the Supreme Court issued an order in late November dismissing that appeal without issuing an opinion. Macquarie is discussed below.

Macquarie

On April 12, 2024, the Supreme Court unanimously decided Macquarie, holding that an issuer does not violate Section 10(b) or Rule 10b-5 merely by failing to disclose material information—even if that information is required to be disclosed under Item 303.[46] Instead, an omission is actionable under Section 10(b) only if it renders an affirmative statement by the issuer misleading.[47]

Plaintiff claimed that Macquarie violated Section 10(b) by failing to disclose under Item 303 that a new regulation would impact Macquarie’s business going forward.[48] The Court disagreed because plaintiff failed to “plead any statements rendered misleading” by the alleged omission.[49] Because Rule 10b-5 requires only “disclosure of information necessary to ensure that statements already made are clear and complete,” it covers “half-truths,” not “pure omissions.”[50]

While a company may not be held liable under Section 10(b) for a pure omission of information required under Item 303, companies should be mindful that Item 303 violations may be actionable under other provisions of the federal securities laws.

VI. SEC Enforcement

Throughout the past year, the SEC continued bringing enforcement actions against public companies for making allegedly misleading statements within their financial reporting and disclosures. Several themes and trends were apparent from the types of situations and disclosures underlying the Commission’s enforcement actions.

A. Defense Against Cybersecurity Risks

The SEC brought actions against several companies for either allegedly overstating the effectiveness of their respective cybersecurity programs and measures to defend against potential future intrusions, or for allegedly misstating the extent to which known cybersecurity incidents compromised company data. For example, at the end of 2023, the SEC charged SolarWinds for allegedly “overstating . . . cybersecurity practices and understating or failing to disclose known risks” in the years preceding a major cyberattack the company underwent in 2020.[51] Separately, later in 2024, the Commission brought settled charges against four public companies for allegedly understating to investors the extent to which cyberattacks had damaged their infrastructure or compromised their data.[52] The Commission alleged that several of these companies had “hypothetically or generically” framed cybersecurity risk factors even though the alluded-to risks had “already materialized” through known cyber intrusions, and this warranted more specific and deliberate disclosures to investors.

B. Use of Emerging Technologies

Representing somewhat of an inverse of the Commission’s trend of bringing enforcement actions involving alleged misstatements about an entity’s ability to defend against technological threats such as cyberattacks, the SEC also brought enforcement actions involving alleged misstatements about the extent to which entities could marshal emerging technologies to their advantage. For example, it announced settled fraud charges against a publicly traded South Korean crypto asset company for allegedly misrepresenting the extent to which it used blockchain technologies to settle transactions.[53]

Separately, the Commission brought settled charges against investment advisers and a hedge fund for making allegedly misleading disclosures about their purported use of artificial intelligence to improve investment decisions.[54] Though these enforcement actions concerned statements made by financial firms, their lessons can extend to public companies, many of which will inevitably find use cases of their own for artificial intelligence, and will accordingly need to consider disclosure of such capabilities and attendant risks.

C. Internal Controls

As in prior years, the SEC brought actions against companies for allegedly failing to maintain adequate internal accounting and disclosure controls. For example, in June 2024, the Commission brought settled charges against a global provider of business communication and marketing services for allegedly failing to implement internal accounting controls sufficient to restrict access to the company’s information technology systems, or disclosure controls sufficient to provide management with relevant cybersecurity information with which to make appropriate disclosure decisions.[55]

However, a key court decision in the SolarWinds litigation in July 2024 marked what might be a turning point in the SEC’s penchant for finding internal accounting controls violations. There, the United States District Court for the Southern District of New York largely dismissed charges the Commission brought against SolarWinds regarding its cybersecurity controls. On the SEC’s internal accounting controls claim, the court found the claim failed because the cybersecurity controls did not relate to the company’s accounting or finance controls. On the SEC’s disclosure controls and procedures claim, the court found that though the company had misclassified the severity of two cybersecurity incidents, such misclassifications were isolated and could not by themselves support a claim that the controls were inadequate absent evidence of systemic problems with the company’s disclosure process, or a more prolific pattern of misstatements.[56]

D. Enforcement Priorities in 2025

As discussed below, SEC leadership will look different in 2025, and enforcement priorities may change significantly. It is not known what will happen to existing cases in the pipeline. We anticipate many cases will move ahead uninterrupted, while others will be reevaluated by SEC leadership and quietly closed. Suffice it to say, we expect the next 12 months to be a period of significant transition within the Enforcement Division of the SEC.

VII. Other Reminders and Considerations

Set forth below is a discussion of a few other recent rule changes, as well as reminders and considerations to keep in mind as companies prepare their annual reports on Form 10-K and proxy statements.

A. EDGAR Next

Those responsible for making SEC filings should be aware of the significant upcoming changes to the Electronic Data Gathering, Analysis, and Retrieval (“EDGAR”) System. On September 27, 2024, the SEC adopted amendments to Regulation S-T and Form ID to make technical changes to the EDGAR filer access and account management processes (referred to by the SEC as EDGAR Next). While there will be a steep learning curve associated with these significant procedural changes to EDGAR, they are expected to ultimately result in a filing system that is easier for filers and the individuals acting on their behalf to manage. EDGAR Next is currently in a beta testing period and will go live on March 24, 2025, though legacy EDGAR can still be used to make filings through September 12, 2025. EDGAR Next will, among other things, require filers to designate individuals to manage the filers’ EDGAR accounts and file on their behalf. To access EDGAR and make filings, these designated individuals will be required to have their own individual account credentials and complete multifactor authentication.

For a detailed discussion of the amendments to the EDGAR access rules, including an outline of the implementation timeline and an explanation of the steps to take now to prepare for the transition to EDGAR Next, please see our client alert titled “EDGAR Next: Preparing for Upcoming Changes to the EDGAR Access Rules.”

B. Disclosure of Significant Segment Expenses in Notes to Financials

Attorneys responsible for preparing and reviewing Form 10-K filings should also be aware of a recent change in accounting standards that will affect calendar year filers for the first time in the 2024 Form 10-K. On November 27, 2023, the Financial Accounting Standards Board (“FASB”) issued an Accounting Standards Update designed to provide more detailed information about companies’ reportable segment expenses and performance. Companies must now disclose significant segment expenses provided to the chief operating decision maker (“CODM”) and included in each reported measure of segment profit or loss, along with other segment items and their composition. If a company does not disclose significant expense categories and amounts for one or more of its reportable segments, it needs to explain the nature of the expense information the CODM uses to manage operations. The update clarifies that if the CODM uses multiple measures of segment profit or loss, more than one measure can be disclosed in the segment footnote, but at least one measure should be the measure that is most consistent with the measurement principles used in measuring the corresponding amounts in the financial statements. Companies are also required to disclose the CODM’s title and position and explain how the CODM uses these measures in assessing performance and allocating resource. Entities with a single reportable segment must comply with both the new and existing disclosure requirements. The updated guidance is effective for annual periods beginning after December 15, 2023.

In connection with these segment disclosures in the financial statement footnotes, which will provide investors and analysts a broader view of each segment’s operating results, companies should consider whether the discussion in MD&A should be updated to provide additional context about how management views the business conducted by each segment.

C. Clawback Policies and Checkboxes

As a reminder, in connection with the SEC’s adoption of clawback rules in October 2022, a few significant requirements were added that affect Form 10-K filings and proxy statements.

  • Form 10-K Cover Page Checkboxes. Two new checkboxes were added to the Form 10-K cover page, which require companies to indicate whether (i) the financial statements included in the filing reflect the correction of an error to previously issued financial statements, and (ii) any such corrections are restatements that required a recovery analysis pursuant to Rule 10D-1(b). A number of interpretive questions have arisen with respect to the applicability of the checkboxes in various contexts, so companies should carefully consider whether either of those boxes should be checked.
  • Clawback Policy Exhibit with Form 10-K. Companies are now required to file their clawback policy as Exhibit 97 to the Form 10-K.
  • Discussion of Application of Clawback Policy. Item 402 of Regulation S-K was amended to require companies to disclose how they have applied their recovery policies. If, during its last completed fiscal year, a company either completed a restatement that required recovery, or there was an outstanding balance of excess incentive-based compensation relating to a prior restatement, such company must disclose the information required by Item 402 for each restatement in any Form 10-K (either directly or by forward incorporation by reference to the proxy statement) or proxy or information statements that include executive compensation disclosure.

D. Filing Requirement for “Glossy” Annual Report

As a reminder, in June 2022 the SEC adopted amendments requiring that annual reports sent to shareholders pursuant to Exchange Act Rule 14a-3(c), otherwise known as “glossy” annual reports, must also be submitted to the SEC in PDF format using EDGAR Form Type ARS. Because these electronic submissions include the graphics and stylistic presentations of glossy annual reports, the file sizes can be very large, and companies are well advised to conduct a test filing sufficiently in advance of the live filing.

E. Cover Page XBRL Disclosures

On September 7, 2023, the SEC published a sample comment letter regarding XBRL disclosures.[57] The sample comment letter included a comment regarding how common shares outstanding are reported on the cover page as compared to on the company’s balance sheet. The comment addressed instances in which companies “present the same data using different scales (presenting the whole amount in one instance and the same amount in thousands in the second).” Accordingly, companies should consider presenting their outstanding share data consistently throughout their Form 10-K.

VIII. Looking Forward

Much is expected to happen between now and Inauguration Day. On December 4, 2024, President-elect Trump announced that he has selected former SEC Commissioner Paul Atkins to lead the SEC. SEC Commissioner Lizárraga has announced his intention to resign on January 17, 2025, and current SEC Chair Gensler will resign at noon on January 20, 2025.

On January 20 or 21, 2025, we expect the new Chief of Staff to formally instruct the executive agencies to refrain from proposing or issuing new rules, consistent with prior action taken by the Biden Administration and first Trump Administration. The Trump Administration will name an Acting Chair (likely Commissioner Uyeda). Commissioners Uyeda and Peirce are former Counsels to Atkins when he was a Commissioner. The Acting Chair will have a 2-1 majority. In the near-term, we would expect the Acting Chair to make certain personnel decisions, including removing existing Directors of Divisions, appointing new Acting Directors, and making decisions about how the Staff administers the laws.

The 2024 Form 10-K and 2025 proxy statement will require a number of new disclosures and considerations. As always, we recommend that companies start drafting their disclosures earlier rather than later, particularly where disclosures will require coordination among different teams or where benchmarking against peer disclosures may be appropriate.

[1] Foreign Private Issuers are required to disclose similar information in Item 16J of Form 20-F.

[2] For the purposes of the September 2024 Insider Trading Policy Survey, we limited our review to Exhibit 19 filings and did not review the companies’ disclosures in the body of the proxy statement or Form 10-K addressing Item 408(b)(1). The group of 49 S&P 500 companies in the September 2024 Insider Trading Policy Survey includes 23 companies that made Item 408(b) disclosures and 26 companies that were not subject to the disclosure requirements but voluntarily filed their insider trading policies and procedures with a Form 10-K filed prior to June 30, 2024.

[3] The remaining 39 companies include (1) early voluntary filers that filed their insider trading policy as an exhibit to their Form 10-K but did not address the Item 408(b) requirement in their Form 10-K or proxy statement and (2) other non-calendar year companies that filed their fiscal 2024 Form 10-Ks more recently but have not yet filed their proxy statement as of November 22, 2024.

[4] For the purposes of our September 2024 Insider Trading Policy Survey, we limited our review to Exhibit 19 filings and did not review the companies’ disclosures in the body of the proxy statement or Form 10-K addressing Item 408(b)(1).

[5] Under Item 408(b)(2), if all of a company’s insider trading policies and procedures are included in its code of ethics that is filed as an exhibit to the company’s Form 10-K, that satisfies the exhibit requirement. However, many companies do not file their code of ethics and instead rely on one of the alternative means of making the code available allowed under Item 406(c)(2) and (3).

[6] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, SEC Release No. 34-97989 (July 26, 2023), available at https://www.sec.gov/files/rules/final/2023/33-11216.pdf (“For Item 106 of Regulation S-K and Item 16K of Form 20-F, all registrants must begin tagging responsive disclosure in Inline XBRL beginning with annual reports for fiscal years ending on or after December 15, 2024.”)

[7] See the Cybersecurity Disclosure Taxonomy Guide (September 16, 2024), available at https://www.sec.gov/data-research/standard-taxonomies/operating-companies.

[8] Foreign private issuers are required to make similar annual disclosures pursuant to Item 16K of Form 20-F.

[9] As of November 30, 2024, three S&P 100 companies had not yet filed annual reports on Form 10-K for fiscal years ending on or after December 15, 2023.

[10] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023) at 60-63.

[11] Data provided is as of November 10, 2024 and is based on the companies currently included within the S&P 500, so some statistics are slightly different than they were in the prior surveys. The categorization data necessarily involves subjective assessment and should be considered approximate.

[12] See “SEC Adopts Rules to Enhance and Standardize Climate-Related Disclosures for Investors” (Mar. 6, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-31.

[13] For a further discussion of the climate reporting requirements, please see our prior client alert “SEC Adopts Sweeping New Climate Disclosure Requirements for Public Companies,” Gibson Dunn (Mar. 2024), available at https://www.gibsondunn.com/sec-adopts-sweeping-new-climate-disclosure-requirements-for-public-companies/.

[14] For a further discussion of the legal challenges to the climate reporting requirements, please see our prior blog posts “Fifth Circuit Stay of the SEC’s Climate Disclosure Rule Dissolved,” Gibson Dunn (Mar. 2024), available at https://themonitor.gibsondunn.com/fifth-circuit-stay-of-the-secs-climate-disclosure-rule-dissolved/ and “Eighth Circuit Establishes Briefing Schedule for SEC Climate Disclosure Rules Litigation,” Gibson Dunn (May 2024), available at https://themonitor.gibsondunn.com/eighth-circuit-establishes-briefing-schedule-for-sec-climate-disclosure-rules-litigation/.

[15] Prior to adopting the climate disclosure rules, the SEC issued guidance in 2010 explaining how current SEC reporting requirements could already require discussion of climate-related matters. See “Commission Guidance Regarding Disclosure Related to Climate Change” (Feb. 8, 2010), available at https://www.sec.gov/files/rules/interp/2010/33-9106.pdf.

[16] For a further discussion of this legislation and what to do to prepare, see “Webcast: What Does the CSRD Mean for U.S. Businesses?” Gibson Dunn (Nov. 2024), available at https://www.gibsondunn.com/webcast-what-does-the-csrd-mean-for-u-s-businesses/ and “European Corporate Sustainability Reporting Directive (CSRD): Key Takeaways from Adoption of the European Sustainability Reporting Standards,” Gibson Dunn (Aug. 2023), available at https://www.gibsondunn.com/european-corporate-sustainability-reporting-directive-key-takeaways-from-adoption-of-european-sustainability-reporting-standards/.

[17] For a discussion of the dissolution of the ESG Task Force, see “Gibson Dunn Environmental, Social and Governance Update (September 2024),” Gibson Dunn, (Oct. 2024), available at https://www.gibsondunn.com/gibson-dunn-esg-monthly-update-september-2024/.

[18] See “Chair Gary Gensler on AI Washing” (March 18, 2024), available at https://www.sec.gov/newsroom/speeches-statements/sec-chair-gary-gensler-ai-washing.

[19] See “The State of Disclosure Review” (June 24, 2024), available at https://www.sec.gov/newsroom/whats-new/gerding-state-disclosure-review-062424.

[20] Ardent Health Partners, LLC (link); Astera Labs, Inc. (link); Brand Engagement Network Inc. (link); iBio, Inc. (link); OneStream, Inc. (link); Rubrik, Inc. (link); Safe Pro Group Inc. (link).

[21] Available at https://www.sec.gov/rules-regulations/staff-guidance/disclosure-guidance/sample-letter-companies-regarding-china.

[22] See note 19.

[23] Id.

[24] Id.

[25] Casey’s General Stores, Inc. (link); Concentra Group Holdings Parent, Inc. (link); International Paper Company (link); Mueller Water Products, Inc. (link); Proficient Auto Logistics, Inc. (link).

[26] First Commonwealth Financial Corporation (link); Fulton Financial Corporation (link); FT 11735 (link); Glacier Bancorp, Inc.(link); Managed Portfolio Series (link); Premier Financial Corp. (link); Synovus Financial Corp. (link); The Sherman-Williams Company (link); WaFd, Inc. (link).

[27] Information is derived from the Institutional Shareholder Services voting analytics database.

[28] For example, State Street Global Advisors has emphasized the importance of disclosing the company’s director time commitment policy in its 2024 proxy voting guidelines and has indicated that it may vote against nominating and governance committee chairs at S&P 500 companies that fail to adequately disclose their annual director overboarding review process and related numerical limits. Additionally, in 2023, BlackRock voted against directors at 297 companies due to overboarding concerns.

[29] For additional discussion of comment letter trends, see “SEC Reporting Update – Highlights of trends in 2024 SEC staff comment letters” (September 12, 2024), available at https://www.ey.com/en_us/technical/accountinglink/sec-reporting-update-highlights-of-trends-in-2024-sec-staff-comment-letters1.

[30] Corsair Gaming, Inc. (link); GoDaddy Inc. (link); Gogo Inc. (link); Foot Locker, Inc. (link); Newell Brands Inc. (link); Payoneer Global Inc. (link); PetiQ, Inc. (link); Warner Bros. Discovery, Inc. (link); Workday, Inc. (link).

[31] Corsair Gaming, Inc. (link); GoDaddy Inc. (link); Gogo Inc. (link); Workday, Inc. (link).

[32] See note 29.

[33] Id.

[34] Consensus Cloud Solutions, Inc. (link); Martin Midstream Partners L.P. (link).

[35] Gen Digital Inc. (link); HBT Financial, Inc. (link); NCR Atleos Corporation (link).

[36] See note 29. Spectrum Brands Holdings, Inc. (link).

[37] CommScope Holding Company, Inc. (link); Community Bank System, Inc.(link); Gibraltar Industries, Inc. (link); Fidus Investment Corporation (link); HEICO Corporation (link); Methode Electronics, Inc. (link); Turning Point Brands, Inc. (link).

[38] CommScope Holding Company, Inc. (link); Community Bank System, Inc. (link); Gibraltar Industries, Inc. (link); Fidus Investment Corporation (link); HEICO Corporation (link); Methode Electronics, Inc. (link); Turning Point Brands, Inc. (link).

[39] AudioCodes Ltd. (link); Cencora, Inc. (link); Flywire Corporation (link); International Paper Company (link); Lyft, Inc. (link); Traeger, Inc. (link); Turning Point Brands, Inc. (link).

[40] AudioCodes Ltd. (link); Cencora, Inc. (link); Flywire Corporation (link); International Paper Company (link); Lyft, Inc. (link); Sea Limited (link); Traeger, Inc. (link); Turning Point Brands, Inc. (link).

[41] See note 19; Lumentum Holdings Inc. (link); Newell Brands Inc. (link); Penumbra, Inc. (link); Spectrum Brands Holdings, Inc. (link).

[42] Lumentum Holdings Inc. (link); Newell Brands Inc. (link); Spectrum Brands Holdings, Inc. (link); Penumbra, Inc. (link).

[43] Bar Harbor Bank & Trust (link); GoHealth, Inc. (link); Peoples Bancorp Inc. (link); The Cooper Companies, Inc. (link); WaFd, Inc. (link); Wheels Up Experience Inc. (link).

[44] See note 29; nVent Electric plc (link); Orthofix Medical Inc. (link); Pentair plc (link); Warner Bros. Discovery, Inc. (link).

[45] APTIV PLC (link); International Paper Company (link); StandardAero, Inc. (link).

[46] 601 U.S. at 265.

[47] Id.

[48] See id. at 260, 265.

[49] Id. at 265 (emphasis added).

[50] Id. at 264 (emphasis added).

[51] SEC Press Release, “SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures” (Oct. 30, 2023), available at https://www.sec.gov/newsroom/press-releases/2023-227.

[52] SEC Press Release, “SEC Charges Four Companies With Misleading Cyber Disclosures” (Oct. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-174.

[53] SEC Press Release, “Terraform and Kwon to Pay $4.5 Billion Following Fraud Verdict” (June 11, 2024), available at https://www.sec.gov/news/press-release/2024-73.

[54] SEC Press Release, “SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence” (Mar. 18, 2024), available at https://www.sec.gov/news/press-release/2024-36; SEC Press Release, “SEC Charges Rimar Capital Entities and Owner Itai Liptz for Defrauding Investors by Making False and Misleading Statements About Use of Artificial Intelligence” (Oct. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-167.

[55] SEC Press Release, “SEC Charges R.R. Donnelley & Sons Co. with Cybersecurity-Related Controls Violations” (June 18, 2024), available at https://www.sec.gov/news/press-release/2024-75.

[56] Opinion and Order, SEC v. SolarWinds Corp. and T. Brown, 1:23-cv-09518-PAE (S.D.N.Y. July 18, 2024) at 104, 107.

[57] Available at https://www.sec.gov/corpfin/sample-letter-companies-regarding-their-xbrl-disclosures.


The following Gibson Dunn lawyers assisted in preparing this update: Aaron Briggs, Gina Hancock, Elizabeth Ising, Michael Kahn, Julia Lapitskaya, Brian Lutz, James Moloney, Mark Schonfeld, Michael Titera, David Woodcock, Lauren Assaf-Holmes, Spencer Bankhead, Clinton Eastman, Lucy Hong, Rob Kelley, David Korvin, Stella Kwak, Risa Nakagawa, Antony Nguyen, Meghan Sherley, Geoff Walter, Mike Ulmer, and Timothy Zimmerman.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation and Corporate Governance, Executive Compensation and Employee Benefits, or Capital Markets practice groups, or any of the following practice leaders and members:

Securities Regulation and Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Michael Scanlon – Washington, D.C.(+1 202.887.3668, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])

Executive Compensation and Employee Benefits:
Sean C. Feller – Los Angeles (+1 310.551.8746, [email protected])
Krista Hanvey – Dallas (+1 214.698.3425, [email protected])
Kate Napalkova – New York (+1 212.351.4048, [email protected])
Gina Hancock – Dallas (+1 214.698.3357, [email protected])

Capital Markets:
Andrew L. Fabens – New York (+1 212.351.4034, [email protected])
Hillary H. Holmes – Houston (+1 346.718.6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415.393.8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213.229.7242, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

Pizzuto v. Homology Meds., Inc., No. 1:23-CV-10858, 2024 WL 1436025
(D. Mass. Mar. 31, 2024)

Case Highlight

In a securities fraud action earlier this year, an executive’s statement made in an email to a single research analyst was alleged to be false or misleading. In Pizzuto v. Homology Meds (“Pizzuto”), plaintiffs brought a securities class action complaint against Homology Medicines Inc. (“Homology”), a biopharmaceutical company, alleging that the company’s statements regarding the safety and efficacy of its gene therapy treatment were false and misleading. Among the challenged statements was one made by Homology’s Chief Communication Officer (“CCO”) in an email to a research analyst in response to an inquiry about a Facebook post. Specifically, one of Homology’s trial patients had posted about her test results and treatment publicly on Facebook. Although the Facebook post was removed and/or made private within a few hours, analysts reacted quickly to the post. When a research analyst emailed Homology’s CCO inquiring about the post, the CCO replied: “Some Facebook post. Nothing fundamental changed for [Homology] but unfortunately, our stock price.” The plaintiffs alleged that this statement was “affirmatively false or materially misleading” because the post represented “a materially adverse development in the [phase 1] trial data.” Ultimately, the court held that the CCO’s email “was a generic expression of corporate optimism, or ‘puffery’ about how Homology was doing” and, as such, was “immaterial as a matter of law.”

Key Takeaways

Although Homology was not held liable based on its CCO’s email, this case highlights the risk posed by executive emails. Executive emails have come up previously in securities fraud actions in the context of assessing scienter, but rarely are challenged themselves as false or misleading. But it is clear from Pizzuto that the plaintiffs’ bar does not discriminate against the medium in which the alleged misstatements are made and, thus, executives at public companies should take caution that a statement in an email to an analyst may potentially serve as a basis for a future securities fraud claim under Section 10(b). Pizzuto thus serves as a friendly reminder that executives should exercise caution when sending emails to the street—even if the email is directed to a single analyst. Companies should consider holding regular securities litigation training sessions with executives who frequently interface with the market and, as a general practice, in-house or outside counsel should review executive emails to the street to reduce the risk of future securities litigation exposure.


This newsletter has been prepared by the Life Sciences and Securities Litigation teams of Gibson Dunn. For further information, please contact the Gibson Dunn lawyer with whom you usually work, or any of us by email:

Life Sciences:

Ryan Murr – Partner, San Francisco ([email protected])
Branden Berns – Partner, San Francisco ([email protected])

Securities Litigation:

Jessica Valenzuela – Partner, Palo Alto ([email protected])
Jeff Lombard – Of Counsel, Palo Alto ([email protected])
Brian Lutz – Partner, San Francisco ([email protected])
Craig Varnen – Partner, Los Angeles ([email protected])
Monica Loseman – Partner, Denver, New York ([email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

Gibson Dunn’s Workplace DEI Task Force aims to help our clients develop creative, practical, and lawful approaches to accomplish their DEI objectives following the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center. Should you have questions about developments in this space or about your own DEI programs, please do not hesitate to reach out to any member of our DEI Task Force or the authors of this Update (listed below).

Key Developments:

On December 11 and 12, 2024, Do No Harm, represented by Consovoy McCarthy PLLC, filed two new lawsuits challenging scholarship programs. Do No Harm filed a complaint against the Society of Military Orthopaedic Surgeons (“SOMOS”), the U.S. Navy, and the Department of Defense, challenging a jointly-run scholarship program that allegedly provides funding to female students and students of racial backgrounds that are “underrepresented in orthopaedics.” See Do No Harm v. Society of Military Orthopaedic Surgeons, No. 1:24-cv-03457-RBW (D.D.C. 2024). According to Do No Harm, the program excludes white, male applicants and therefore violates Section 1981 and the equal protection component of the Fifth Amendment. Do No Harm also filed a complaint against the University of Colorado challenging its Underrepresented Minority Visiting Elective Scholarship program. See Do No Harm v. Univ. of Colorado, No. 1:24-cv-03441 (D. Colo. 2024). The complaint alleges that the university provides a $2,000 scholarship to visiting medical students in its Radiation Oncology Department, and claims that the scholarship violates the Equal Protection Clause and Title VI because it is only available to students who identify as Black, Native American, Hispanic/Latino, Pacific Islander, LGBT+, or who are from a disadvantaged socioeconomic background.

On December 2, 2024, the U.S. Department of Labor sent a letter to America First Legal (AFL), confirming that the Office of Federal Compliance Programs (OFCCP) “held an informal compliance conference with Southwest Airlines” in relation to a complaint AFL filed with the agency in January 2024. AFL’s complaint quotes Southwest’s public announcements concerning DEI and alleges that Southwest “appears to be unlawfully considering sex, race, and color in its hiring practices.” According to DOL’s letter, Southwest “understands that OFCCP regulations do not permit quotas, preferences, or set asides.” The DOL letter references certain federal rules and regulations, including Executive Order 11246, which “requires Government contractors to take affirmative action to ensure that equal opportunity is provided in all aspects of their employment.” The letter states that these rules and regulations operate as “benchmark[s],” and “are not to be interpreted as a ceiling or floor for the employment of particular groups of persons.” The letter also represents that Southwest agrees to “take appropriate measures” and “remedy any unlawful discrimination” if it fails to meet a utilization goal or hiring benchmark. The letter states that “such remedies may include,” among other things, “broadening recruitment and outreach to increase the diversity of applicant pools, and/or instituting training and/or apprenticeship programs to increase promotion opportunities and applications from underrepresented groups.” On December 13, DOL sent a nearly identical letter to AFL in response to a similar complaint AFL filed against American Airlines.

On December 9, the Wisconsin Institute for Law & Liberty (WILL) sent a letter to the board of directors for the Green Bay Area Public School District, threatening legal action if the school district does not abandon an alleged discriminatory policy “prioritizing” literacy resources for Black, Hispanic, and Native American students. WILL claims that the district’s policy violates Title VI and the Fourteenth Amendment. WILL sent the letter on behalf of a mother of a white student “who suffers from dyslexia” and has allegedly received “less favorable” educational services because of the district policy.

On December 9, the U.S. Supreme Court voted 7-2 to deny a petition for review of the temporary COVID-19-era admissions policy implemented at three competitive Boston public schools. Boston Parent Coalition for Academic Excellence Corp. v. School Comm. for the City of Boston et al., No. 23-1137 (2024). Under the policy, 80% of admissions spots were allocated to high-performing students in Boston zip codes with the lowest median family incomes. The policy resulted in fewer admissions for white and Asian American students, and a parent coalition sought reversal of the First Circuit’s decision that the policy did not violate the Fourteenth Amendment’s Equal Protection Clause. The First Circuit had affirmed the district court’s finding that the Coalition failed to show any relevant disparate impact on white and Asian American students, holding that the policy considered geography, family income, and the student’s GPA—not race—in selecting students for admission. Dissenting from the Court’s decision not to hear the case, Justice Alito, joined by Justice Thomas, wrote that the First Circuit’s decision was flawed because Boston’s policy intentionally discriminated against white and Asian students, citing evidence that the Boston School Committee “put race front and center when it came time to vote on the proposal several weeks later,” including “kick[ing] off with a lengthy statement from ‘anti-racist activist’ Dr. Ibram X. Kendi.” According to Justice Alito, the Committee Chairperson “mocked th[e] names” of three citizens who spoke at the public meeting and “whose names suggested they were of Asian descent.” Justice Alito also cited a series of allegedly anti-white text messages sent by members of the school committee. Justice Gorsuch wrote separately explaining his concurrence in the Court’s denial of certiorari, stating that although he shares Justice Alito’s “significant concerns,” Boston had already “replaced the challenged admissions policy.” Justice Gorsuch stated that “lower courts facing future similar cases would do well to consider” the issues raised in Justice Alito’s concurrence.

On December 10, Students for Fair Admissions (SFFA) filed a complaint against the United States Air Force Academy in the U.S. District Court for the District of Colorado, alleging that the Academy considers race in admissions decisions in violation of the equal protection component of the Fifth Amendment. Students for Fair Admissions v. U.S. Air Force Acad., No. 1:24-cv-03430 (D. Colo. Dec. 10, 2024). SFFA alleges that the Academy impermissibly considers the race of applicants to achieve explicit statistical goals for the racial makeup of each incoming class. SFFA claims that the Academy’s admissions decisions “treat race as a ‘plus factor,’” in violation of Students for Fair Admissions v. President & Fellows of Harvard College. SFFA also alleges that the Academy’s justifications for considering race in admissions—that prioritizing diversity assists with recruiting and retaining top talent and preserves unit cohesion and the Air Force’s legitimacy—are flawed and not meaningfully furthered by the Academy’s admissions policies. SFFA seeks both declaratory relief and a permanent injunction preventing the Academy from considering race in admissions.

On December 11, the Fifth Circuit, sitting en bancvacated an SEC order approving Nasdaq’s Board Diversity Rules, which required listed companies to disclose board diversity information and to either have at least two board members who satisfied Nasdaq’s definition of “diverse” or to explain why they do not. Writing for a 9-8 majority, Judge Oldman stated that the SEC acted arbitrarily and capriciously in concluding that the Rules were consistent with disclosure requirements of Sections 6(b)(5) and 6(b)(8) of the Securities Exchange Act of 1934 (the “Act”), thus triggering approval under Section 19(b)(2)(C)(i). The en banc majority held that the Rule was not “related to the purposes of the Act simply because it would compel disclosure of information about exchange-listed companies” and that, instead, it must relate to the Act’s primary purpose of “limiting speculation, manipulation, and fraud, and removing barriers to exchange competition.” The court concluded that the Rule is satisfied only “investor demand for any and every kind of information about exchange-listed companies” and that such a purpose was “not remotely similar” to the goals of the Act. In addition, the court held that there was little support for the assertion of a link between the “racial, gender, and sexual composition of a company’s board and the quality of its governance.” As further support for its holding, the majority held that the major-questions doctrine foreclosed the SEC’s interpretation of the Act, reasoning that the Rule involves a novel exercise of statutory power on one of the most “politically divisive issues in the Nation.” In dissent, Judge Higginson concluded that it “was not arbitrary and capricious for the SEC to allow, as consistent with the purposes of the Act, this private ordering disclosure rule about corporate leadership composition” in light of the record evidence indicating investor interest in board diversity. In a press statement, Nasdaq indicated that it will not seek further review of the Fifth Circuit’s decision. Gibson Dunn represented Nasdaq in this matter.

On December 11, a South Carolina resident of Chinese, Cuban, and Spanish descent filed a complaint against Governor Henry McMaster in federal court, alleging that membership on the state’s Commission for Minority Affairs is unlawfully restricted on the basis of race. Under South Carolina Code Section 1-31-10, the Governor is responsible for appointing the Commission’s nine members, of whom a “majority . . . must be African American.” The plaintiff, who alleges she “is ready, willing, and able to serve” on the Commission, seeks declaratory and injunctive relief on the ground that the racial quota violates the Fourteenth Amendment.

The Equal Protection Project (EPP) has filed civil rights complaints with the U.S. Department of Education’s Office for Civil Rights (OCR) against three public universities. On November 14, the EPP challenged the University of Minnesota College of Design’s “BIPOC Design Justice Initiative” as unlawfully discriminatory under the Fourteenth Amendment and Title VI because it allegedly “conditions eligibility for participation” on “a student’s race, ethnicity, and skin color.” The organization filed a similar Title VI and Fourteenth Amendment challenge against Northern Illinois University’s Center for Black Studies, which sponsors and promotes the “Black Male Achievement Program” and “Black Male Initiative.” And on December 11, EPP filed a complaint against the University of Rhode Island for offering 51 different scholarships that “discriminate based on race and/or sex” in alleged violation of Title VI, Title IX, and the Fourteenth Amendment.

On December 10, EPP received a letter from OCR providing notice of OCR’s dismissal of EPP’s complaint against Western Kentucky University. EPP had alleged that Western Kentucky’s Athletics Minority Fellowship discriminated based on race and national origin, but OCR dismissed the complaint after Western Kentucky discontinued the Fellowship and removed any reference to it from the university’s website.

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

  • Law360, “DEI Attacks, Hybrid Work, Paid Leave: 2024’s Workplace Shifts” (December 18): Law360’s Anne Cullen reports on the “major evolutions in workplaces in 2024,” including a dramatic escalation in challenges to employers’ diversity, equity and inclusion programs. According to Jason Schwartz, co-leader of Gibson Dunn’s labor and employment practice group, “[t]here’s been a huge demand for DEI-related advice and a huge uptick in DEI-related litigation.” Cullen notes that Gibson Dunn’s DEI Task Force is tracking 58 DEI-related cases filed in 2024 alone, and Schwartz predicts that lawsuits seeking to dismantle workplace DEI efforts “will be even more accelerated next year.” Schwartz says that “[t]here’s a lot of interest by clients to do audits of their DEI programs to make sure they’re compliant and they’re not taking on too much risk in the current environment,” but he notes that most employers “are revising their programs and communications, but not completely backing away.”
  • Reuters, “DOJ v. DEI: Trump’s Justice Department Likely to Target Diversity Programs” (December 10): Andrew Goudsward of Reuters reports that President-elect Donald Trump is expected to throw the weight of the Justice Department behind challenges to DEI programs in higher education. Goudsward reports that Trump has tapped lawyer Harmeet Dhillon to oversee the DOJ’s Civil Rights Division, which was created in 1957 to enforce federal antidiscrimination laws. In announcing Dhillon’s nomination, Trump emphasized her past work “suing corporations who use woke policies to discriminate against their workers.” Goudsward speculates that Dhillon’s appointment may not have a direct effect on private entities’ DEI programming, as the Division generally lacks the authority to enforce federal antidiscrimination laws against private employers. Goudsward also writes that the Equal Employment Opportunity Commission—the sole federal agency with that power—may retain a Democratic majority until 2026. However, Goudsward notes that the Division “can bring employment discrimination cases against state and local governments.”
  • The Guardian, “Trump Promises a Crackdown on Diversity Initiatives. Fearful Institutions Are Dialing Them Back Already” (December 5): Reporting for The Guardian, Alice Speri writes that institutions are bracing for an increase in threats to DEI initiatives under the incoming presidential administration. Speri says that President-elect Donald Trump and his advisors have threatened to withhold funding from universities that maintain DEI initiatives, and have “pledged to dismantle diversity offices across federal agencies, scrap diversity reporting requirements and use civil rights enforcement mechanisms to combat diversity initiatives.” According to Speri, this messaging has led institutions to reevaluate their programming, with some worrying that the federal policies will have a “domino effect on other states, on foundations, [and] on individual donors.” David Glasgow, the executive director of the Meltzer Center for Diversity, Inclusion, and Belonging, says that “people who do this work are nervous and anxious about what might be restricted but their commitment is still there, so it’s really about trying to figure out what they’re going to be able to do.”
  • PoliticoPro, “Companies Feel the Squeeze As Republicans Intensify Attacks on ESG, DEI” (December 10)Politico’s Jordan Wolman reports that companies continue to reassess and scale back DEI and environmental sustainability efforts in anticipation of increased hostility under the upcoming Trump administration and Republican Congress, as well as in response to “questions about companies’ ability to articulate clear financial justifications for such programs.” An October report from nonprofit think tank The Conference Board reveals that although companies are walking back public discussion of and support for DEI initiatives, many of their actual diversity efforts will remain in place: the study found that 60 percent of executives view the political and social climate as challenging, yet fewer than 10 percent of firms plan to reduce DEI resources over the next three years.
  • National Bureau of Economic Research (NBER), “Long-Term Effects of Affirmative Action Bans” (December 1)NBER’s Leonardo Vasquez reports on new research on state-level bans of affirmative action in higher education. Economists Francisca M. Antman (University of Colorado), Brian Duncan (University of Colorado), and Michael Lovenheim (Cornell University) examined outcomes for underrepresented groups in four states—Texas, California, Washington, and Florida—that have implemented affirmative action bans. Antman, Duncan, and Lovenheim found the bans were correlated with reduced educational attainment for Black and Hispanic students, and some labor market consequences. For example, according to the authors, in states with bans, Hispanic women were less likely to complete college, earned less, and had lower employment rates than peers in states without bans. Black men, on the other hand, reportedly had higher employment rates and earned more relative to white men. However, the researchers cautioned that other contextual factors are at work in determining the impact of affirmative action bans on college attendance.

Case Updates:

Below is a list of updates in new and pending cases:

1. Contracting claims under Section 1981, the U.S. Constitution, and other statutes:

  • Alexandre v. Amazon.com, Inc., No. 3:22-cv-1459 (S.D. Cal. 2022); No. 24-3566 (9th Cir.): On September 29, 2022, white, Asian, and Native Hawaiian plaintiffs, on behalf of a putative class of past and future Amazon “delivery service partner” program applicants, challenged an Amazon program that provides $10,000 grants to qualifying delivery service providers who are “Black, Latinx, and Native American entrepreneurs.” Plaintiffs alleged the program violates California state anti-discrimination laws. On May 23, 2024, Judge Michael M. Anello granted Amazon’s motion to dismiss based on the plaintiffs’ lack of standing and failure to state a claim. The plaintiffs appealed to the Ninth Circuit.
    • Latest update: On December 4, 2024, Amazon filed its answering brief arguing that the district court properly held that the plaintiffs lacked standing, and that even if they had standing, they failed to state a claim. On December 11, a coalition of organizations led by the Lawyers’ Committee for Civil Rights Under Law filed an amicus brief in support of Amazon, arguing that the plaintiffs lack standing and that allowing the claims to proceed would undermine the congressional intent of Section 1981.
  • Do No Harm v. Lee II, No. 3:24-cv-01334 (M.D. Tenn. 2024): On November 7, 2024, Do No Harm sued Tennessee Governor Bill Lee, seeking to enjoin Tennessee laws that require the governor to consider racial minorities for appointment to the Board of Chiropractic Examiners and the Board of Medical Examiners. Do No Harm alleges that this racial consideration requirement violates the Equal Protection Clause. This case mirrors Do No Harm v. Lee, currently on appeal in the Sixth Circuit, which seeks to enjoin a law requiring consideration of racial minority candidates for the Board of Podiatric Medical Examiners (No. 3:23-cv-01175-WLC (M.D. Tenn. 2023)).
    • Latest update: On December 5, 2024, Do No Harm moved for a preliminary injunction.
  • American Alliance for Equal Rights v. Southwest Airlines Co., No. 24-cv-01209 (N.D. Tex. 2024): On May 20, 2024, American Alliance for Equal Rights (AAER) filed a complaint against Southwest Airlines, alleging that the company’s ¡Latanzé! Travel Award Program, which awards free flights to students who “identify direct or parental ties to a specific country” of Hispanic origin, unlawfully discriminates based on race. AAER seeks a declaratory judgment that the program violates Section 1981 and Title VI, a temporary restraining order barring Southwest from closing the next application period (set to open in March 2025), and a permanent injunction barring enforcement of the program’s ethnic eligibility criteria. On August 22, 2024, Southwest moved to dismiss, arguing that the case was moot because the company had signed a covenant with AAER that eliminated the challenged provisions from future program application cycles.
    • Latest update: On December 6, 2024, the court granted in part and denied in part Southwest’s motion to dismiss. The court concluded that Southwest’s covenant to eliminate the program rendered moot any claims for declaratory or injunctive relief. However, the court held that it had jurisdiction over the plaintiff’s claims for one cent in nominal damages and allowed those claims to proceed. The court rejected Southwest’s argument that Southwest mooted those claims through an “unsuccessful tender of one cent to [AAER].”
  • Landscape Consultants of Texas, Inc. v. City of Houston, No. 4:23-cv-3516–DH (S.D. Tex. 2023): White-owned landscaping companies challenged the City of Houston’s government contracting set-aside program for “minority business enterprises” as violating the Fourteenth Amendment and Section 1981.
    • Latest update: On November 29, 2024, plaintiffs and Defendant Midtown Management District filed cross-motions for summary judgment. Midtown Management argued that the plaintiffs failed to show the constitutionality of the programs. The City of Houston filed its own motion for summary judgment on November 30, contending that the plaintiffs lack standing and that the programs satisfy the requirements of the Equal Protection Clause.

2. Employment discrimination and related claims:

  • Smith v. Ally Financial Inc., 3:24-cv-00529 (W.D.N.C. 2024): A former employee sued Ally Financial Inc., asserting violations of Title VII and Section 1981. The plaintiff claims that Ally failed to promote him, instead promoting a white woman, a Black woman, and a Black man. The plaintiff also claims that Ally executives unlawfully considered race and gender when making promotion and hiring decisions, pointing to a statement on the company’s website describing Ally’s goal to achieve “a collective environment of different voices and perspectives.”
    • Latest update: On December 10, 2024, the plaintiff filed a stipulation of voluntary dismissal of all claims based on alleged emotional injuries or pain and suffering. The plaintiff’s claims for damages based on lost wages and loss of professional and career development opportunities remain pending.

3. Board of Director or Stockholder Actions:

  • Craig v. Target Corp., No. 2:23-cv-00599-JLB-KCD (M.D. Fl. 2023): America First Legal sued Target and certain Target officers on behalf of a shareholder, claiming the board falsely represented that it monitored social and political risk, when instead it allegedly focused only on risks associated with not achieving ESG and DEI goals. The plaintiffs allege that Target’s statements violated Sections 10(b) and 14(a) of the Securities Exchange Act of 1934 and that Target’s May 2023 Pride Month campaign triggered customer backlash and a boycott that depressed Target’s stock price.
    • Latest update: On December 4, 2024, the district court denied defendant’s motion to dismiss, concluding that the plaintiffs sufficiently pleaded both their Section 10(b) and Section 14(b) claims.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Matt Gregory, Zoë Klein, Cate McCaffrey, Alana Bevan, Jenna Voronov, Emma Eisendrath, Felicia Reyes, Allonna Nordhavn, Janice Jiang, Laura Wang, Maya Jeyendran, Kristen Durkan, Ashley Wilson, Lauren Meyer, Kameron Mitchell, Chelsea Clayton, Albert Le, Emma Wexler, Heather Skrabak, and Godard Solomon.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, [email protected])

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, [email protected])

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, [email protected])

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, [email protected])

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, [email protected])

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, [email protected])

We are pleased to provide you with Gibson Dunn’s ESG update covering the following key developments during November 2024. Please click on the links below for further details.

I.  GLOBAL

  1. COP29 highlights: United Nations (UN) climate talks conclude with climate pledge for developing countries, climate financing goals, and disclosure initiatives

In late November, delegates at COP29, the UN’s annual climate summit, agreed to provide annual funding of $300 billion for developing countries. While the total is three times the previous goal of $100 billion, the funding fell short of the $1 trillion in assistance sought by the recipient countries. The nearly 200 delegate countries further set a goal to scale climate financing from public and private sources to at least $1.3 trillion by 2035. Delegates also agreed to standards for a UN-backed global carbon market to facilitate carbon credit trading.

At COP29, the Global Reporting Initiative (GRI) and CDP signed a memorandum of understanding demonstrating their agreement to increase their technical alignment through streamlined disclosures and allow disclosing companies to use CDP’s annual questionnaire to report data in accordance with GRI’s environmental, social, and economic standards. Through the new agreement, GRI and CDP will increase the interoperability of their assessment tools in an effort to benefit the over 14,000 organizations that use GRI standards and more than 24,800 companies that disclose through CDP.

  1. Institutional Shareholder Services Environmental, Social, and Governance (ISS ESG) launches customizable version of its Climate Impact Report

On November 21, 2024, ISS ESG launched a new version of its Climate Impact Report that investors can customize to better understand their climate impact. Investors can tailor the Scenario Alignment portion of the Climate Impact Report by choosing between a standard package, incorporating two models, or an advanced package, incorporating five models. The report will show investors outputs and charts developed from their chosen model, and up to 22 possible scenarios are available. This new offering features sectoral analysis and uses models from the International Energy Agency, the Network for Greening the Financial System, and the UN Environment Programme.

  1. Glass Lewis publishes 2025 Proxy Voting Policy Guidelines

On November 14, 2024, proxy advisor Glass Lewis released its 2025 Proxy Voting Policy Guidelines for the U.S., UK, and Europe. These guidelines will apply to shareholder meetings held after January 1, 2025, and include additional guidance on board oversight of artificial intelligence, board responsiveness to shareholder proposals, and change-in-control provisions for executive compensation. The guidelines also describe how Glass Lewis will evaluate shareholder proposals on corporate use of artificial intelligence technology. View the policy guidelines by market here.

  1. International Organization for Standardization (ISO) releases ESG Implementation Principles (IWA 48) for implementing ESG principles

ISO published IWA 48 in mid-November. These principles are meant to support companies’ efforts to implement ESG reporting practices into the organization and produce consistent, comparable, and reliable disclosures. While the framework is designed for organizations of all sizes and sectors, small and medium-sized enterprises, organizations in developing countries, and top-level decision-makers are expected to find the principles particularly beneficial. ISO aims to advance global adoption of ESG practices through its publication of IWA 48.

  1. The International Financial Reporting Standards (IFRS) Foundation releases report detailing corporate climate disclosures

On November 12, 2024, the IFRS Foundation released a progress report detailing advancements in mandated and voluntary corporate climate-related disclosures. The IFRS Foundation is now responsible for recording companies’ disclosure progress following the disbanding of the Task Force on Climate-related Financial Disclosures (TFCD) disbanding in October 2023. The report focuses on how closely corporate climate-related disclosures align with the TCFD recommendations and whether reporting referenced the International Sustainability Standards Board (ISSB) standards. While 82% of reviewed companies disclosed information using at least one of the 11 TCFD recommendations, less than 3% disclosed in line with all 11 recommendations. Over 1,000 companies were noted as referencing the ISSB. The report also described progress towards ISSB reporting within legal or regulatory frameworks across 30 jurisdictions.

  1. The International Auditing and Assurance Standards Board (IAASB) releases International Standard on Sustainability Assurance 5000 (ISSA 5000), updating general requirements for sustainability assurance engagements

On November 12, 2024, the IAASB released the ISSA 5000, which provides standalone, general requirements for external sustainability assurance engagements. The standard is designed to apply to disclosures for any sustainability topic across various frameworks and to be used by professional accountants as well as non-accountant assurance professionals. The ISSA 5000 is certified by the Public Interest Oversight Board, which oversaw the development of the standards. The Final Pronouncement of the ISSA 5000 is available here.

II.  UNITED KINGDOM

  1. UK Prime Minister launches Global Clean Power Alliance (Alliance) to accelerate energy transition

On November 19, 2024, UK Prime Minister Kier Starmer launched the Alliance at the G20 Summit in a joint statement with Brazil’s President Luiz Inácio Lula da Silva. The Alliance aims to support emerging and developing economies with the transition to clean energy and builds on commitments made at the COP28 climate summit to triple renewable energy capacity and double the global rate of energy efficiency. Founding members of the Alliance are Brazil, Australia, Barbados, Canada, Chile, Colombia, France, Germany, Morocco, Norway, Tanzania, and the African Union. The United States and the EU have also partnered with the UK on the initiative.

The Alliance will address the most critical energy transition issues through a series of “missions.” The first of these is the Finance Mission, co-led by the UK and Brazil, which focuses on unlocking private sector finance for renewable energy projects in developing nations.

  1. UK Chancellor announces series of sustainable finance initiatives at inaugural Mansion House Speech

On November 14, 2024, Chancellor of the Exchequer Rachel Reeves announced the UK’s long-term sustainable finance framework through a series of policy measures and consultation publications. These initiatives were stated to align with the government’s aim to “harness the strengths of the financial services sector” to make the UK a “global leader in sustainable finance.” The Chancellor then proposed a set of integrity principles for voluntary carbon and nature markets at COP29 on November 15, 2024.

The Chancellor also announced a consultation seeking views of the value of implementing a green taxonomy in the UK, specifically whether it would be additional and complementary to existing sustainable finance policies. The consultation closes on February 6, 2025. In addition, the government plans to announce a transition plan consultation in the first half of 2025 alongside a consultation on UK Sustainability Reporting Standards disclosure requirements for “economically significant” companies in line with the ISSB standards.

  1. HM Treasury publishes its consultation response on the regulation of ESG ratings providers

On November 14, 2024, HM Treasury (the UK Government’s economic and finance ministry) published a consultation response paper on a future regulatory regime for ESG ratings providers together with draft legislation which applies to both the UK and overseas based ESG ratings providers. This follows a previous consultation published on March 30, 2023, which closed on June 30, 2023. A new regulated activity will be introduced and ESG ratings providers will need to obtain authorization from the UK Financial Conduct Authority and comply with the regulatory regime on an on-going basis. The consultation remains open for comment until January 14, 2025. HM Treasury intends to present the final statutory instrument in Parliament in 2025.

  1. UK to become one of the first countries to ban new coal mines

On November 14, 2024, the UK Government announced it will introduce legislation that will prohibit licences for new coal mines. This follows the closure on September 31, 2024, of the UK’s last coal-fired power station at Ratcliffe-on-Soar. There may be limited exceptions required for restoration or maintenance of safety. The announcement follows the UK Government’s commitment to release GBP 1.5 billion previously being withheld from former miners’ pensions following the privatization of British Coal in 1994. On November 29, 2024, over 100,000 former mineworkers received their first pension increase of 32%.

  1. UK Government confirms the introduction of a clean industry bonus for offshore wind developers

On November 11, 2024, UK Prime Minister Kier Starmer announced the Clean Industry Bonus (CIB), an initiative aimed at encouraging offshore wind developers to invest in key industrial regions, coastal communities and oil and gas hubs. The CIB will provide GBP 27 million per gigawatt of offshore wind projects, with potential funding of up to GBP 200 million for projects between seven and eight gigawatts. This bonus aims to accelerate investment in sustainable, local suppliers specifically in industrial communities across Scotland, Wales, and Northern England.

  1. Financial Reporting Council (FRC) announces consultation on UK Stewardship Code

On November 11, 2024, the FRC published a consultation on proposed revisions to the 2020 UK Stewardship Code. The consultation aims to streamline reporting requirements and reduce burdens for signatories whilst ensuring the Code provides a clearer focus on purpose of stewardship and the outcomes it intends to deliver. Key proposals set out in the consultation include (i) a revised definition of stewardship that emphasises the need to create long-term sustainable value for clients and beneficiaries as a key outcome of good stewardship; (ii) a reordered and streamlined reporting process including a new process for FRC evaluations which will focus on activities and outcomes rather than ongoing policies; (iii) two sets of Principles, one for asset owners and asset managers, and the other for service providers and (iv) new guidance to support effective implementation and help signatories with the transition to the new reporting arrangements. The consultation ends on February 19, 2025. An updated Stewardship Code is expected to be published in the first half of 2025 with an effective date of January 1, 2026.

  1. UK Financial Conduct Authority (FCA) publishes pre-contractual disclosure examples for the Sustainability Disclosure Requirements and investment labels regime

On November 1, 2024, the FCA published non-exhaustive illustrative examples and approaches across a selection of labels to showcase how firms can meet the pre-contractual disclosure requirements with respect to sustainable investment products. The Sustainability Disclosure Requirements and investment labels regime entered into force on December 2, 2024, although firms have been using investment labels since July 31, 2024. A key concept of the new regime is that to qualify for a label, firms must meet specific criteria supported by disclosures.

III.  EUROPE

  1. European Financial Reporting Advisory Group (EFRAG) Sustainability Reporting Technical Expert Group approves draft of reporting standards for non-EU entities

Under Article 40a of the Accounting Directive as amended by the Corporate Sustainability Reporting Directive (CSRD), certain in-scope EU entities are required, starting with financial year 2028 (reporting in 2029), to publish and make accessible a sustainability report covering information at group level of their non-EU ultimate parent. For such reports the European Commission will adopt specific reporting standards, known as the Non-European Sustainability Reporting Standards (NESRS), by June 30, 2026, at the latest, to be developed by EFRAG.

On November 21, 2024, the EFRAG Sustainability Reporting Technical Expert Group (TEG) approved the first sector agnostic NESRS draft. The NESRS draft was prepared by tailoring the existing European Sustainability Reporting Standards (ESRS) to non-EU groups. The EFRAG Sustainability Reporting Board (SRB) will review these drafts in December 2024. Public consultation begins Q1 2025, lasting 120 days, with final drafts due by end of 2025.

The NESRS have lighter disclosure obligations than the ESRS. The NESRS require only impact materiality reporting, without the need for a financial materiality assessment. They allow excluding impacts of sales or services outside the EU from the sustainability report. However, unlike the ESRS, they lack transitional provisions for the first years of reporting. Taxonomy reporting is required at the EU undertaking level, consistent with the CSRD, but not under the NESRS.

For the avoidance of doubt, the NESRS will not apply to consolidated CSRD reporting by a non-EU parent in order to exempt the in-scope EU entities according to the Article 29a (8)/19a (9) Accounting Directive. For such reporting the full ESRS apply for the time being until standards for sustainability statements by non-EU undertakings have been developed in accordance with the Article 29b Accounting Directive.

  1. ESG ratings: The Council of the European Union (Council) greenlights new regulation

On November 19, 2024, the Council adopted a regulation on ESG rating activities to enhance consistency, transparency, and comparability within the EU, boosting investor confidence in sustainable financial products. ESG ratings assess a company’s or financial instrument’s sustainability profile and related risks.

The new regulation aims to improve the reliability of ESG ratings by increasing transparency and operational integrity while preventing conflicts of interest. ESG rating providers in the EU must be authorized and supervised by the European Securities and Markets Authority (ESMA) and follow transparency requirements regarding their methodologies and information sources. Non-EU providers must either obtain endorsement from an EU-authorized provider or be included in the EU registry based on an equivalence decision.

  1. European Commission publishes Commission Notice on the interpretation of certain legal provisions of the CSRD

On November 13, 2024, the European Commission finalized its sustainability reporting FAQ document initially published as a draft in August 2024; the final document contains only minor changes to the August draft. This document interprets certain provisions of the CSRD and other related directives and regulations.

The FAQs, now published in the Official Journal of the EU (C/2024/6792), intend to help companies implement legal requirements and ensure the comparability of sustainability information. They provide clarity on application requirements, exemptions, reporting formats, value chain reporting, use of estimates, third-country company reporting, and audit requirements.

Key topics include:

  • Application and exemption options from sustainability reporting.
  • First-time application of sustainability reporting and its format.
  • Reporting over the value chain and using estimates.
  • Reporting by third-country companies, focusing on Article 40a Accounting Directive.
  • Assurance on sustainability reporting.
  1. European Commission provides further clarifications (FAQs) on the EU taxonomy for sustainable economic activities

On November 8, 2024, the European Commission published a new Commission Notice (C/2024/6691) on the interpretation and implementation of certain legal provisions of the EU taxonomy regulatory framework, followed by another draft Commission Notice on November 29, 2024. The Commission Notices contain FAQs to help stakeholders implement the EU taxonomy, a system for classifying sustainable economic activities. This effort is part of further simplifying the disclosure process and reducing administrative burdens for the undertakings applying the EU sustainable finance framework and complements the previous four Commission Notices (2022/C 385/01, 2023/C 211/01, C/2023/267, C/2023/305) that have been published on the EU Taxonomy and its Delegated Acts so far.

The new FAQs offer technical clarifications on general taxonomy requirements, specific activity criteria in the Taxonomy Climate and Environmental Delegated Acts, and the “do no significant harm” criteria. They also clarify the reporting obligations under both the Climate and Environmental Delegated Acts.

  1. CSRD Transposition

The Belgian House of Representatives approved the draft bill transposing CSRD in Belgium on November 28, 2024. On November 30, 2024, Slovenia transposed the CSRD in its Companies Act (ZGD-1M). An overview of the transposition of CSRD into national laws can be found here.

In case you missed it…

On November 21, 2024, Gibson Dunn presented a webcast on the common challenges facing U.S. businesses subject to the CSRD. The webcast and related resources are available here.

IV.  NORTH AMERICA

  1. California solicits input on—and issues enforcement update for—future climate reporting

As described in our recent blog post, on December 16, the California Air Resources Board issued a request for public feedback and information regarding certain implementing regulations for Senate Bill (SB) 253 (the Climate Corporate Data Accountability Act) and SB 261 (the Climate-Related Financial Risk Act).  The request for comments came less than two weeks after CARB’s recent enforcement notice, issued December 5, addressing the greenhouse gas emissions reporting requirements under SB 253.

  1. Eleven state Attorneys General sue large institutional investors alleging a conspiracy to constrict the coal market

On November 27, 2024, 11 state Attorneys General alleged in a federal lawsuit in Texas that BlackRock, Inc., State Street Global Advisors, and The Vanguard Group illegally manipulated the coal market through their investments in publicly traded coal companies. Led by Texas Attorney General Ken Paxton, the group claims that the top three U.S. asset managers used their holdings to push coal companies to reduce their output in violation of U.S. antitrust law and state antitrust laws. In the filing, the plaintiffs consider past and present membership in climate coalitions, such as Climate Action 100+ and the Net Zero Asset Managers initiative, as evidence of collective influence indicating a threat to competition.

  1. Shareholders of major food and drink manufacturers issue public letter requesting greater disclosure regarding healthiness of products

On November 21, 2024, shareholders sent a public letter calling on the chief executives of several large public companies in the food and beverage industry to boost transparency regarding the healthiness of their products. Investors urged the companies to adopt international nutrition profiling models as part of their public disclosures, in addition to particular healthiness metrics. Investors pointed to the impact of unhealthy food sales on productivity, economic growth, and financial returns from their investments as drivers for why such disclosure is needed.

  1. Paul Atkins nominated to lead the U.S. Securities and Exchange Commission (SEC)

On November 21, 2024, the SEC announced that Chair Gary Gensler will resign from his role effective midnight on January 20, 2025. Gensler has served as SEC Chair since April 2021. On December 4, 2024, President-elect Donald Trump selected former SEC Commissioner (2002-2008) Paul Atkins as his intended nominee for SEC Chair. If appointed, Atkins is expected to represent a shift in priorities from the Gensler-led SEC. Atkins has served as co-chair of the Token Alliance of the Digital Chamber of Commerce since 2017. In response to the SEC’s proposed climate change disclosure rules in 2022, Atkins and other former SEC commissioners submitted a comment letter to the proposal, noting it “oversteps the Commission’s congressionally delegated regulatory authority” and that the SEC’s “rulemaking powers simply do not authorize it to require disclosure of the vast quantities of immaterial information.”

  1. U.S. Department of Energy (DOE) releases first-ever clean energy blueprint

On November 18, 2024, the U.S. DOE released its first-ever national blueprint for the manufacturing sector to harness clean energy to build on American manufacturing growth. Titled “The National Blueprint for a Clean & Competitive Industrial Sector,” the blueprint is designed to be led by the private sector. It features five “whole-of-government strategies” to guide federal government involvement: (1) in the near term, accelerate commercially available, cost-effective lower carbon solutions; (2) demonstrate emerging solutions at commercial scale; (3) increase data use to drive emissions reductions and efficiency gains; (4) innovate and advance research to develop transformative processes and products for large greenhouse gas (GHG) emissions reductions; and (5) integrate across the product life cycle to minimize waste and reduce industrial products’ embodied GHG emissions. The blueprint was developed with input from other federal agencies, including the Environmental Protection Agency and Department of Commerce.

  1. SEC charged Invesco Advisers, Inc. (Invesco) for making misleading statements regarding the percentage of assets that integrate ESG factors in investment decisions

On November 8, 2024, the SEC charged Invesco for misleading investors with marketing materials that misstated the percentage of “ESG integrated” assets under management, in violation of the Investment Advisers Act of 1940. In particular, between 2020 and 2022, Invesco claimed that ESG-integrated assets made up 70-94% of its parent company’s assets under management. The SEC order stated that Invesco lacked a clear definition of ESG integration and that the assets included a significant amount held in passive exchange-traded funds without consideration for ESG factors. Invesco agreed to settle the charges by paying a $17.5 million civil penalty.

  1. Challenge to California’s climate disclosure laws progresses to discovery phase

On November 5, 2024, a federal judge in the U.S. District Court for the Central District of California denied a motion for summary judgment by business groups challenging the state’s new climate disclosure laws, Senate Bill (“SB”) 253 and SB 261. The plaintiffs, including the U.S. Chamber of Commerce and business groups, argued that California’s climate disclosure laws conflict with federal regulations and violate the First Amendment by compelling speech. The federal court did not address the merits of plaintiffs’ claims. Instead, the court allowed the case to proceed to the discovery phase for further factual development.

The climate disclosure laws were signed into law by California Governor Gavin Newsom on October 7, 2023. SB 253 requires certain companies to make annual greenhouse gas emissions disclosure, while SB 261 mandates biennial climate-related financial risk disclosure. For further details on SB 253 and SB 261, please see our client alerts on the adoption and amendment of the laws.

In case you missed it…

The Gibson Dunn Workplace DEI Task Force has published its updates for November summarizing the latest key developments, media coverage, case updates, and legislation related to diversity, equity, and inclusion.

V. APAC

  1. Five firms adopt Hong Kong’s Code of Conduct for ESG Ratings and Data Products Providers (the Code)

As covered in our October update, the International Capital Market Association (ICMA) published a voluntary Code of Conduct that aims to establish and promote a globally consistent, interoperable, and proportionate voluntary code for providers offering ESG ratings and data products and services in Hong Kong. Five firms have now adopted the Code: Bloomberg, CDP, MioTech, Moody’s, and MSCI ESG Research LLC. The Code is modeled on international best practices and sponsored by the Hong Kong Securities and Futures Commission. It is closely aligned to the recommendations by the International Organization of Securities Commissions’ Report on “Environmental, Social and Governance (ESG) Ratings and Data Products Providers.

  1. Association of Southeast Asian Nations (ASEAN) stock exchanges to develop harmonized ESG data infrastructure

On November 27, 2024, representatives from stock exchanges across ASEAN met in Malaysia to develop the ASEAN-level ESG data infrastructure, known as the ASEAN-Interconnected Sustainability Ecosystem (ASEAN-ISE). The aim of ASEAN-ISE is to enable accurate, efficient and standardized ESG data collection, analysis, and reporting, to promote sustainable investment in the region. At the conference, ASEAN-ISE members agreed to issue a request for information (RFI) to identify solutions that will support the initiative in achieving its target outcomes over the next three years. In a joint statement, Indonesia Stock Exchange (IDX), the Philippine Stock Exchange (PSE), the Stock Exchange of Thailand (SET), and Singapore Exchange (SGX) said “[t]he RFI outlines the framework for a unified data infrastructure, emphasizing the development of an interconnected ecosystem to facilitate seamless ESG data exchange, ensuring a sustainable operating model that can promote market accessibility through an ESG lens.”

  1. Hong Kong Monetary Authority (HKMA) launches Enhanced Competency Framework on Green and Sustainable Finance (ECF-GSF) (Professional Level)

On November 21, 2024, the HKMA launched its Professional Level ECF-GSF, aimed at helping mid- to senior-level banking practitioners “acquire specialised domain knowledge related to GSF and develop professional competencies in the GSF-related area.” The ECF-GSF sets out the competency standards for banking practitioners performing GSF-related functions in the banking industry in Hong Kong. The HKMA has been working with the banking industry and relevant professional bodies to implement an industry-wide framework across all levels of the banking industry. It hopes that this will enable more effective training for new entrants and professional development for existing practitioners, helping to maintain Hong Kong’s status as a leading international financial center. The ECF is not a mandatory licensing regime, but the HKMA strongly encourages banks to adopt it as a benchmark to enhance the level of core competence and on-going professional development amongst personnel.

  1. Singapore joins EU and China in expanded green financing taxonomy

On November 14, 2024, Singapore joined the EU and China in an expanded taxonomy on green financing at the COP29 climate summit. With the publication of the new taxonomy, known as the Multi-Jurisdiction Common Ground Taxonomy (M-CGT), the bilateral EU-China CGT was expanded to include the Singapore-Asia Taxonomy (SAT). This will enhance the inter-operability of taxonomies across China, the EU, and Singapore. The M-CGT contains 110 economic activities across eight sectors that could be eligible for green financing. It serves as a technical reference document for financial institutions, corporations, investors and external reviewers, allowing them to assess what is considered green across the three jurisdictions. While noting that the M-CGT is not legally binding, the Monetary Authority of Singapore (MAS) said in a press release that “green bonds and funds that align with the M-CGT criteria can be considered by cross-border investors whose markets reference the taxonomies which are mapped to M-CGT, subject to applicable laws and regulations of each jurisdiction.”


The following Gibson Dunn lawyers prepared this update: Lauren M. Assaf-Holmes, Alexa Bussmann, Mitasha Chandok, Martin Coombes, Becky Chung, Ferdinand Fromholzer, Elizabeth Ising, Sarah Leiper-Jennings, Vanessa Ludwig, Johannes Reul, Helena Silewicz*, and Katie Tomsett.

*Helena Silewicz, a trainee solicitor in London, is not admitted to practice law.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Environmental, Social and Governance practice group:

ESG Practice Group Leaders and Members:
Susy Bullock – London (+44 20 7071 4283, [email protected])
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, [email protected])
Perlette M. Jura – Los Angeles (+1 213.229.7121, [email protected])
Ronald Kirk – Dallas (+1 214.698.3295, [email protected])
Michael K. Murphy – Washington, D.C. (+1 202.955.8238, [email protected])
Robert Spano – London/Paris (+33 1 56 43 13 00, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

This update provides a chart of pay transparency laws with recent and upcoming effective dates that employers should review and monitor.

2024 has been the year of new state pay transparency laws, and there appears to be no end in sight.  Most recently, on November 18, 2024, New Jersey Governor Philip D. Murphy signed a bill into law that will require New Jersey employers to disclose certain compensation and benefit information in internal and external job postings and advertisements.  It is slated to take effect on June 1, 2025.  These laws add to the growing panoply of states and localities that have previously enacted pay transparency laws, including California, Colorado, Connecticut, Hawaii, Nevada, New York City and State, Rhode Island, and Washington State.[1]

While state pay transparency laws generally require disclosure of compensation information in an effort to address potential gender and race pay gaps, each law is different, making nationwide compliance a complex task.  For example, some states require the disclosure of a broad spectrum of compensation information—including in some instance healthcare benefits and stock options—while others only require the disclosure of a general pay range.  This patchwork of laws can be particularly challenging where a position can be performed remotely, as remote work generally be performed anywhere, and many states’ laws are not entirely clear as to whether their scope includes positions generated in another state but which could, in theory at least, be performed anywhere.

Below is a chart of pay transparency laws with recent and upcoming effective dates that employers should review and monitor.

State Effective Date Relevant Statute Covered Employers What Must Be Disclosed Whether Disclosures Are Required for Internal Postings Remote Work Implications
Illinois January 1, 2025 820 ILCS 112/10 Employers with 15+ employees.  820 ILCS 112/10(b-25). Pay scale and benefits (see 820 ILCS 112/10), meaning the “wage or salary, or the wage or salary range, and a general description of the benefits and other compensation, including, but not limited to, bonuses, stock options, or other incentives” (see 820 ILCS 112/5). Appears to apply to internal opportunities because employers must disclose to applicants “the pay scale and benefits to be offered for the position prior to any offer or discussion of compensation and at the applicant’s request, if a public or internal posting for the job, promotion, transfer, or other employment opportunity has not been made available to the applicant.”  820 ILCS 112/10(b-25) (emphasis added). Applies to positions that “(i) will be physically performed, at least in part, in Illinois or (ii) will be physically performed outside of Illinois, but the employee reports to a supervisor, office, or other work site in Illinois.”  820 ILCS 112/10(b-25).
Maryland October 1, 2024 Md. Code Ann., Lab. & Empl. § 3-301 et seq. Any employer engaged in business in the state of Maryland.    Md. Code Ann. § 3-301(b)(1). Wage range and a general description of benefits and any other compensation offered for the position.  Md. Code Ann. § 3-304.2(a)(2)(i). Disclosures must be made in both public and internal postings.  Md. Code Ann. § 3-304.2(a)(2)(i). Applies only to positions that will be physically performed at least in part in Maryland.  Md. Code Ann. § 3-304.2(a)(1).
Massachusetts July 31, 2025 M.G.L.A. 149
§ 105F
Employers with 25+ employees.  M.G.L.A. § 105F(a). Pay range (i.e., annual salary range or hourly wage range).  M.G.L.A. §§ 105F(a)-(b). Appears to apply to internal opportunities because pay range must be disclosed for “a particular and specific employment position in the posting of the position” (see M.G.L.A. § 105F(b), “a particular and specific employment position to an employee who is offered a promotion, or transfer, to a new position with different job responsibilities” (see M.G.L.A. § 105F(c)), and “a particular and specific employment position to an employee holding such position, or to an applicant for such position, upon request” (see M.G.L.A. § 105F(d)). Statute does not expressly address.
Minnesota January 1, 2025 Minn. Stat. § 181.173 Employers with 30+ employees.  Minn. Stat. § 181.173 (1)(b). Starting salary range or fixed pay rate and a general description of all benefits and other compensation, including but not limited to any health or retirement benefits.  Minn. Stat. § 181.173(2). The law does not specifically address internal postings, but it applies to “any solicitation intended to recruit job applicants for a specific available position.”  Minn. Stat. § 181.173(1)(c). Statute does not expressly address.
New Jersey June 1, 2025 P.L.2024, c.91 Employers with 10+ employees over 20 calendar weeks that do business, employ persons, or take applications for employment within the state.  P.L.2024, c.91 § 1(e). Hourly wage or salary (or a range), and a general description of benefits and other compensation programs for which the employee would be eligible.  P.L.2024, c.91 § 1(b).

Employers must also announce or make known to all current employees in the affected department(s) opportunities for promotion that are advertised internally or externally.  P.L.2024, c.91 § 1(a).

Disclosures are required in each posting for new jobs and transfer opportunities that are advertised by the employer either externally or internally.  P.L.2024, c.91 § 1(b).

Temporary help service firms and consulting firms are also required to provide pay and benefit information to applicants for temporary employment at the time of interview or hire.  P.L.2024, c.91 § 1(d).

Statute does not expressly address.
Vermont July 1, 2025 21 V.S.A. § 495o Employers with 5+ employees.  21 V.S.A § 495o(c)(3). Compensation (i.e., salary or hourly wage) or range of compensation.  21 V.S.A §§  495o(a)(1), (c)(7)(A).

If commission-based, must disclose that fact but not required to disclose the compensation or range of compensation.  21 V.S.A § 495o(a)(2)(A).  If tip-based, must disclose that fact and the base wage (i.e., hourly rate not including tips) or range of base wages.  21 V.S.A §§ 495o(a)(2)(B), (c)(2).

The law applies to positions that are (1) open to internal and/or external candidates; and (2) positions into which current employees can transfer or be promoted.  21 V.S.A § 495o(c)(8). Applies to “remote position[s] that will predominantly perform work for an office or work location that is physically located in Vermont.”  21 V.S.A § 495o(c)(8)(A).
Washington, D.C. June 30, 2024 D.C. Code Ann. § 32-1451 et seq. Employers with 1+ employee.  D.C. Code Ann. § 32-1451(2). Salary or hourly pay must be disclosed in job listings and position descriptions, and the existence of healthcare benefits must be disclosed to prospective employees before first interview.  D.C. Code Ann. § 32-1453.01(a)(1)-(2). Pay range must be made in all job listings and position descriptions.  D.C. Code Ann. § 32-1453.01(a)(1). Statute does not expressly address.

Text Here

[1] See, e.g., California Enacts Pay Transparency and Disclosure Requirements Effective January 1, 2023, Gibson Dunn (Oct. 11, 2022), https://www.gibsondunn.com/california-enacts-pay-transparency-and-disclosure-requirements-effective-january-1-2023/; New York State Enacts Pay Transparency Law, Gibson Dunn (Jan. 17, 2023), https://www.gibsondunn.com/new-york-state-enacts-pay-transparency-law/; Steps for Colorado Employers to Consider in Light of New Laws Taking Effect in 2024, Gibson Dunn (Dec. 29, 2023), https://www.gibsondunn.com/steps-for-colorado-employers-to-consider-in-light-of-new-laws-taking-effect-in-2024/; City Council Amends New York City Pay Transparency Law, Gibson Dunn (May 2, 2022), https://www.gibsondunn.com/city-council-amends-new-york-city-pay-transparency-law/.


The following Gibson Dunn lawyers assisted in preparing this update: Naima Farrell, Anna Casey, and Jenna Voronov.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding pay transparency laws. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Labor and Employment practice group:

Naima L. Farrell – Partner, Washington, D.C.
(+1 202.887.3559, [email protected])

Jason C. Schwartz – Co-Chair, Washington, D.C.
(+1 202.955.8242, [email protected])

Katherine V.A. Smith – Co-Chair, Los Angeles
(+1 213.229.7107, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

A Survey of Disclosures from the S&P 100 During the Four Years Following Adoption of the Securities and Exchange Commission Rule.

Human capital resource disclosures by public companies have continued to be a focus since the U.S. Securities and Exchange Commission (the “Commission”) adopted the new rules in 2020, not only for companies making the disclosures, but employees, investors, and other stakeholders reading them.  This alert updates the alert we issued in November 2023, “Form 10-K Human Capital Disclosures Continue to Evolve,” available here, and reviews disclosure trends among S&P 100 companies categorized into 28 topic areas.  Each of these companies has now included human capital disclosure in their past four annual reports on Form 10-K.  This alert also provides practical considerations for companies as we head into 2025.

Overall, our findings indicate that companies are generally making only minor changes to their disclosures year over year, and these minor changes generally included shortening of company disclosures, maintaining or decreasing the number of topics covered, and including slightly less quantitative information in some areas.[1]  Specifically, we identified the following trends regarding the S&P 100 companies’ human capital disclosures compared to the previous year:

  • Length of disclosure.  Fifty-seven percent of surveyed companies decreased the length of their disclosures, 34% increased the length of their disclosures, and the length of the remaining 9% remained the same.
  • Number of topics covered. Forty-one percent of surveyed companies decreased the number of topics covered, 13% increased the number of topics covered, and the remaining 46% covered the same number of topics.
  • Breadth of topics covered.  Across all companies, the prevalence of 10 topics increased, nine topics decreased, and nine topics remained the same.
    • The most significant year-over-year increases in frequency involved Culture Initiatives (30% to 35%) and Pay Equity (48% to 50%) disclosures.
    • The most significant year-over-year decrease involved COVID-19 disclosures, which declined in frequency from 34% to 1%.  Other year-over-year decreases related to disclosures addressing Diversity Targets and Goals (21% to 14%), Diversity in Promotion (29% to 26%), Quantitative Diversity Statistics regarding Gender (63% to 60%), and Community Investment (28% to 25%).
  • Most common topics covered.  This year, the topics most commonly discussed generally remained consistent with the previous two years.  For example, Talent Development, Diversity and Inclusion, Talent Attraction and Retention, Employee Compensation and Benefits, and Monitoring Culture remained the five most frequently discussed topics.  The topics least discussed this most recent year, however, changed slightly from that of the previous year as COVID-19 disclosures, and Diversity Targets and Goals dropped into the five least frequently covered topics.
  • Industry trends. Within the technology and finance industries, the trends that we saw in the previous year regarding the frequency of topics disclosed generally remained the same.

I. Background on the Requirements

As we previously discussed in our client alert titled “Discussing Human Capital: A Survey of the S&P 500’s Compliance with the New SEC Disclosure Requirement One Year After Adoption,” available here, on August 26, 2020, the Commission voted three-to-two to approve amendments to Items 101, 103, and 105 of Regulation S-K, including the principles-based requirement to discuss a registrant’s human capital resources to the extent material to an understanding of the registrant’s business taken as a whole.[2]  Specifically, public companies’ human capital disclosure must include “the number of persons employed by the registrant, and any human capital measures or objectives that the registrant focuses on in managing the business (such as, depending on the nature of the registrant’s business and workforce, measures or objectives that address the development, attraction, and retention of personnel).”

Notably, since 2021 the Commission’s agenda list has included new human capital disclosure rules that were expected to be more prescriptive than the current rules,[3] in part, because one of the main criticisms of the existing human capital rules is lack of comparability across companies.  The future of these rules is even less clear now as Chair Gensler who pushed for these rules (along with other rules, such as climate change) announced that he will be leaving the SEC in January 2025 in light of the new incoming administration.  In the meantime, as our survey demonstrates, while company human capital disclosures vary—which is expected under the principles-based regime—comparability across the disclosures exists.  The next four sections show the relevant data from our survey.[4]

II. Disclosure Topics

Our survey classifies human capital disclosures into 28 topics, each of which is listed in the following chart, along with the number of companies that discussed the topic in each of 2021, 2022, 2023, and 2024.  Each topic is described more fully in the sections following the chart.

Human Capital Disclosures

A. Workforce Composition

Among S&P 100 companies, 58% included disclosures relating to workforce composition in one or more of the following categories:

  • Full-time/part-time employee split.  While most companies provided the total number of full-time employees, only 14% of the companies surveyed included a quantitative breakdown of the number of full-time versus part-time employees or salaried versus hourly employees, consistent with the previous two years.  Similarly, 66% of companies provided statistics on the number of seasonal employees and/or independent contractors or a breakdown of employees by business segment, job function, or geographical location, the same as the previous year, and up from and 60% in 2021.
  • Unionized employee relations.  Of the companies surveyed, 38% stated that some portion of their workforce was part of a union, works council, or similar collective bargaining agreement.[5]  These disclosures generally included a statement providing the company’s opinion on the quality of labor relations, and in many cases, disclosed the number of unionized employees.
  • Quantitative workforce turnover rates.  Although a majority of companies discussed employee turnover and the related topics of talent attraction and retention in a qualitative way (as discussed in Section II.B. below), only 19% of companies surveyed provided specific employee turnover rates (whether voluntary or involuntary), consistent with the previous two years.
Workforce Compensation

B. Diversity

Among S&P 100 companies, 97% included disclosures relating to diversity in one or more of the following categories:

  • Diversity and inclusion.  This was the most common diversity-related disclosure topic, with 97% of companies including a qualitative discussion regarding the company’s commitment to diversity, equity, and inclusion (“DEI”), consistent with the previous two years and up slightly from 91% in 2021. The depth of these disclosures varied, ranging from generic statements expressing the company’s support of diversity in the workforce to detailed examples of actions taken to recruit and support underrepresented groups and increase the diversity of the company’s workforce.
  • Priorities within diversity.  Companies disclosed different areas of focus for diversity efforts and programming within the organization.  The most common disclosure was diversity in the company’s hiring practices (60% of companies in 2024, up dramatically from 47% in 2021), followed by diversity in the retention or development of the company’s current workforce (58% of companies in 2024, up slightly from 50% in 2021), diversity in the company’s promotion practices (26% of companies in 2024, down from a high of 31% in 2022), and finally diversity in the company’s suppliers (15% of companies in 2024, up slightly from 10% in 2021).  A decreasing minority of companies also discussed, in qualitative or quantitative terms, the companies’ commitments to aspirational diversity goals or targets (14% of companies in 2024, down from a high of 24% of companies in 2022), with such decrease likely due to the heightened legal risk associated with DEI programs following the June 2023 United States Supreme Court decision in Students for Fair Admissions v. Harvard.
  • Quantitative diversity statistics.  Many companies also included a quantitative breakdown of the gender or racial representation of the company’s workforce: 60% included statistics on gender and 56% included statistics on race or ethnicity (down slightly compared to 2023, but up significantly from 47% and 42%, respectively, in 2021).  Companies generally provided gender statistics on both a global and U.S. basis, whereas nearly all companies provided race or ethnicity statistics for their U.S. workforce only. Most companies provided these statistics in relation to their workforce generally, regardless of position; however, an increased subset (40% in 2024, compared to 25% in 2021) included separate statistics for different classes of employees (e.g., managerial, vice president and above, etc.).  Similarly, 12% of companies also provided separate statistics for their boards of directors (compared to 10% in each of 2023 and 2022 and 4% in 2021).  Some companies also included numerical goals for gender or racial representation, either in terms of overall representation, promotions, or hiring—11% of companies included these diversity goals or targets (compared to 15% in 2023, 18% in 2022, and 14% in 2021).
Diversity

C. Recruiting, Training, Succession

Among S&P 100 companies, 99% included disclosures relating to talent and succession planning in one or more of the following categories:

  • Talent attraction and retention.  These disclosures were generally qualitative and focused on efforts to recruit and retain qualified individuals.  While general statements regarding recruiting and retaining talent were very common, with 96% of companies including this type of disclosure (relatively flat in the prior two years, but up significantly from 66% in 2021), quantitative measures of retention, like workforce turnover rate, were uncommon, with only 19% of companies disclosing such statistics (as noted above).
  • Talent development.  Disclosures related to talent development were the most common category, with 98% of companies including a qualitative discussion regarding employee training, learning, and development opportunities, up from 83% in 2021.  This disclosure tended to focus on the workforce as a whole rather than specifically on senior management.  Companies generally discussed training programs such as in-person and online courses, leadership development programs, mentoring opportunities, tuition assistance, and conferences.  Some companies discussed quantitative figures related to talent development, such as the number of hours employees spent on learning and development or the company’s investment in development resources, with 19% of companies including this type of disclosure.
  • Succession planning.  Only 33% of companies surveyed addressed their succession planning efforts, which may be a function of succession being a focus area primarily for executives rather than the human capital resources of a company more broadly.  However, this is up from 27% of companies who discussed succession planning in 2021.
Recruiting Training and Succession

D. Employee Compensation[6]

Among S&P 100 companies, 92% included disclosures relating to employee compensation, up from 77% in 2021.  All of those companies included a qualitative description of the compensation and/or benefits program offered to employees, with a small minority providing quantitative measures such as minimum or average wages or investment in benefits (17% of companies surveyed in 2024, up from 12% in 2021).  Of the companies surveyed, 50% addressed pay equity practices or assessments (up from 37% in 2021), and substantially fewer companies included quantitative measures of the pay gap between racially or ethnically diverse and nondiverse employees or male and female employees (17% of companies surveyed in 2024, up from 12% in 2021).

Employee Compensation

E. Health and Safety

Among S&P 100 companies, 77% included disclosures relating to health and safety in one or both of the following categories:

  • Workplace safety.  Of the companies surveyed, 55% included qualitative disclosures relating to workplace health and safety, down from 63% in 2022, typically consisting of statements about the company’s commitment to safety in the workplace generally and compliance with applicable regulatory and legal requirements.  However, 9% of companies surveyed provided quantitative disclosures in this category, generally focusing on historical and/or target incident or safety rates or investments in safety programs.  These quantitative disclosures tended to be more prevalent among industrial, energy, and manufacturing companies.
  • Employee mental health.  In connection with disclosures about benefits provided to employees, including benefits intended to support employees’ general wellness or wellbeing, 54% of companies disclosed initiatives taken to support employees’ mental or emotional health and wellbeing, up from 37% in 2021.
Health and Safety

F. Culture and Engagement

In addition to the many instances where companies included general descriptions of their commitment to company culture and values, 83% of S&P 100 companies discussed specific initiatives they were taking related to culture and engagement in one or more of the following categories:

  • Culture and engagement initiatives.  Specific disclosures relating to practices and initiatives undertaken to build and maintain their culture and values have increased steadily each year, with 35% of the companies surveyed providing such disclosure, up from 18% in 2021.  These companies most commonly discussed efforts to communicate with employees (e.g., through town halls, CEO outreach, trainings, or conferences and presentations) and to recognize employee contributions (e.g., awards programs and individualized feedback).  Many companies also discussed culture in the context of diversity-related initiatives designed to help foster an inclusive culture.
  • Monitoring culture.  Of the companies surveyed 69% provided disclosures about the ways that companies monitor culture and employee engagement, up from 54% in 2021.  Companies generally disclosed the frequency of employee surveys used to track employee engagement and satisfaction, with some reporting on the results of these surveys, sometimes measured against prior year results or industry benchmarks, and ways in which company management or the board utilized survey results.
  • Flexible Work Opportunities.  About one-third of S&P 100 companies describe flexible working arrangements, including remote or hybrid work or scheduling adjustments to accommodate different ways of working, with 34% of companies provided such disclosure in 2024, compared to 16% in 2021.  Although many of these companies discussed this topic in previous years, past mentions of measures related to flexible work environments were generally in connection with COVID-related safety concerns, whereas recent discussions are increasingly related to talent acquisition and retention.
  • Community investment.  Some companies disclosed information about community investment, partnerships, donations, or volunteer programs sponsored by the company, with 25% of companies surveyed providing such disclosure in 2024, compared to 28% in 2023 and 18% in 2021.  Many companies discussed their community investment efforts as offshoots of or in conjunction with their diversity, equity, and inclusion efforts.
Culure and Engagement

G. COVID-19

The number of S&P 100 companies that included information regarding COVID-19 and its impact on company policies and procedures or on employees dropped to only one companies making such disclosure, compared to 34% in 2023 and 70% in 2022.  This sharp decline in COVID-19 disclosures is consistent with a more general trend of companies discussing COVID-19 less frequently as a result of its decreasing significance and illustrates the expected evolution of disclosure resulting from a principles-based framework.

H. Human Capital Management Governance and Organizational Practices

Just over half of S&P 100 companies (54% of those surveyed, compared to 40% in 2021) addressed their governance and organizational practices (such as oversight by the board of directors or a committee and the organization of the human resources function).

III.  Industry Trends

One of the main rationales underlying the adoption of principles-based—rather than prescriptive—requirements for human capital disclosures is that the relative significance of various human capital measures and objectives varies by industry.  This is reflected in the following industry trends that we observed:[7]

  • Technology Industries (E-Commerce, Internet Media & Services, Hardware, Software & IT Services, and Semiconductors).  For the 22 companies in the Technology Industries, at least 63% discussed each of talent development and training opportunities, talent attraction, recruitment and retention, employee compensation, employee mental health, and diversity.  Compared to the S&P 100 as a whole, relatively uncommon disclosures among this group included part-time and full-time employee statistics (5%), succession planning (9%), supplier diversity (5%), diversity in retention and development (41%), quantitative diversity statistics regarding race/ethnicity and gender (41% and 45%, respectively), and unionized employee relations (18%).  However, these industries continued to see increased rates of disclosure compared to the S&P 100 for quantitative turnover rates (41%), flexible work opportunities (45%), culture initiatives (45%), and qualitative pay equity (59%).
  • Finance Industries (Asset Management & Custody Activities, Consumer Finance, Commercial Banks, and Investment Banking & Brokerage).  For the 13 companies in the Finance Industries, a large majority continued to include quantitative diversity statistics regarding race (85%) and gender (92%) (matching that of the last two years) and qualitative disclosures regarding employee compensation (92%), and, compared to other industries, a relatively higher number discussed diversity in hiring (85%), employee mental health (77%), flexible work opportunities (69%), pay equity (69%), and quantified their pay gap (46%).  Relatively uncommon disclosures among this group included part-time and full-time employee statistics, unionized employee relations, quantitative workforce turnover rates, diversity targets and goals, quantitative new hire diversity, supplier diversity, and workplace safety (in each case less than 16%).
  • Pharmaceutical Industries (Biotechnology & Pharmaceuticals).  For the eight companies in the Pharmaceutical Industries, at least 87% discussed each of diversity, workplace safety, monitoring culture, talent attraction and retention, talent development, and employee compensation.  Compared to the S&P 100 as a whole, relatively uncommon disclosures among this group included succession planning (13%), quantitative pay gap (0%), and diversity targets and goals (0%).  However, these industries continued to see increased rates of disclosure compared to the S&P 100 for supplier diversity (38%), workplace safety (88%), culture initiatives (50%), and flexible work opportunities (75%).

IV. Disclosure Format

The format of human capital disclosures in S&P 100 companies’ annual reports on Form 10‑K continued to vary greatly.

Word Count.  The length of the disclosures ranged from 106 to 1,809 words, with the following statistical trends in the past four years:

  2024 2023 2022 2021
Minimum word count 106 106 109 105
Maximum word count 1,809 2,094 1,995 1,931
Median 913 1,035 959 818
Mean 946 1,002 976 825

Metrics.  The disclosure requirement specifically asks for a description of “any human capital measures or objectives that the registrant focuses on in managing the business” (emphasis added).  Our survey revealed that companies are increasingly providing quantitative metrics, with 84% of companies providing disclosure in at least one of the quantitative categories we discuss above (compared to 87% in 2023, 80% in 2022, and 67% in 2021) and only 8% electing not to include any type of quantitative metrics beyond headcount numbers (compared to 7% in 2023, 10% in 2022 and 14% in 2021).

Graphics.  Although the minority practice, 26% of companies surveyed also included tables, charts, graphics or similar formatting used to draw attention to particular elements, compared to 26% in 2023, 24% in 2022 21% in 2021, which were generally used to present statistical data, such as diversity statistics or breakdowns of the number of employees by geographic location.

Categories.  Most companies organized their disclosures by categories similar to those discussed above and included headings to define the types of disclosures presented.

V. Upcoming Rulemaking and Investor Advisory Committee Recommendations

At its meeting on September 21, 2023, the Commission’s Investor Advisory Committee (“IAC”) approved subcommittee recommendations (the “IAC Recommendations”) to expand required human capital management disclosures.[8]  The IAC Recommendations contain prescriptive disclosure requirements—many of which have been previously considered as part of the 2020 rulemaking—for various quantitative metrics in the business description of Form 10-K under Item 101(c) of Regulation S-K (including headcount, turnover, compensation, and demographic data) as well as narrative disclosure in Management Discussion and Analysis.  For details regarding the IAC Recommendations, please refer to “Form 10-K Human Capital Disclosures Continue to Evolve,” available here.

According to the most recent Regulatory Flexibility agenda, a human capital management rule proposal that was originally slated for October 2021 was expected to be issued in October 2024.[9]  However, no rule was ever proposed, and many expect regulatory priorities to change with the upcoming shift in the administration, including SEC Chair Gary Gensler’s upcoming departure on January 20, 2025.  We therefore do not expect that the Commission will be adopting IAC’s recommendations in the near term as Republican commissions have in the past generally favored principles-based disclosure over prescriptive disclosure requirements.

VI. Comment Letter Correspondence

Comment letter correspondence from the staff of the Division of Corporation Finance (the “Staff”), which often helps put a finer point on principles-based disclosure requirements like this one, has shed relatively little light on how the Staff believes the new requirements should be interpreted.  Consistent with what we found at this time in the prior three years, the comment letters, all of which involved reviews of registration statements, were generally issued to companies whose disclosures about employees were limited to the bare-bones items companies have discussed historically, such as the number of persons employed and the quality of employee relations.  From these companies, the Staff simply sought a more detailed discussion of the company’s human capital resources, including any human capital measures or objectives upon which the company focuses in managing its business.  There were also a few comment letters where the Staff asked companies to clarify statements in their human capital disclosures or expand their human capital disclosures based on related risks identified in their risk factors.[10]  Based on our review of the responses to those comment letters, we have not seen a company take the position that a discussion of human capital resources was immaterial and therefore unnecessary.

VIII.  Conclusion

Based on our survey, companies continue to be thoughtful about their human capital disclosures—expanding their disclosures in some areas (e.g., culture initiatives and pay equity) and reducing them in others (e.g., COVID-19, diversity targets and goals, diversity in promotion, and community investment)—in response to ever-changing circumstances.  That is precisely what principles-based disclosure rules are designed to elicit.

To that end, as companies prepare for the upcoming Form 10-K reporting season, they should consider the following:

  • Confirm (or reconfirm) that the company’s disclosure controls and procedures support the statements made in human capital disclosures knowing that controls in the HR department may not be as rigorous as accounting controls. These disclosures create legal liability risks and should be treated accordingly.
  • Companies may want to compare their own disclosures against what their industry peers did these past four years, including specifically any notable changes to disclosures made in the past year.
  • Remind stakeholders internally that these disclosures likely will continue to evolve. This is especially true with the change in administration that could result in companies focusing on fewer or different issues.  The types of measures and objectives that a company focuses on in managing its business and that are material to each company may also change in response to current events, as was shown by essentially the complete removal of COVID-19 related disclosures from 10-K filings the past two years and the decrease in disclosures relating to diversity targets and goals over the same period.
  • If you continue to disclose targets, expect the SEC staff to ask you to disclose the progress that management has made.  You may wish to reconsider the utility in disclosing specific targets.
  • Addressing in the upcoming disclosure, if not already disclosed, the progress that management has made with respect to any significant objectives it has set regarding its human capital resources as investors are likely to focus on year-over-year changes and the company’s performance versus stated goals.
  • Addressing significant areas of focus highlighted in engagement meetings with investors and other stakeholders.  In a 2024 survey, human capital management was one of the top five issues (aside from financial performance) most important to investors when evaluating companies.[11]
  • Revalidating the methodology for calculating quantitative metrics and assessing consistency with the prior year.  Former Chairman Clayton commented that he would expect companies to “maintain metric definitions constant from period to period or to disclose prominently any changes to the metrics.”

[1]  Data provided is as of November 10, 2024 and is based on the companies currently included within the S&P 500, so some statistics are slightly different than they were in the prior surveys.  The categorization data necessarily involves subjective assessment and should be considered approximate.

[2] See 17 C.F.R. § 229.101(c)(2)(ii).

[3] Agency Rule List – Spring 2024 Securities and Exchange Commission, Office of Information and Regulatory Affairs (2024), available here.

[4] Note that companies often include additional human capital management-related disclosures in their ESG/sustainability/social responsibility reports, on their websites, and in their proxy statements, but these disclosures are outside the scope of the survey, which is focused on disclosures included in Part I, Item 1 of annual reports on Form 10-K.

[5] While never expressly required by Regulation S-K, as a result of disclosure review comments issued by the Division of Corporation Finance over the years and a decades-old and since-deleted requirement in Form 1-A, it has been a relatively common practice to discuss collective bargaining and employee relations in the Form 10-K or in an IPO Form S-1, particularly since the threat of a workforce strike could be material.

[6] Our survey reviewed the employee compensation disclosures contained in Part I, Item 1 of each company’s Form 10-K and did not separately review any employee compensation information included in companies’ financial statements or the notes thereto.

[7] For purposes of our survey, we grouped companies in similar industries based on both their four-digit Standard Industrial Classification code and their designated industry within the Sustainable Industry Classification System.  The industry groups discussed in this section cover 43% of the companies included in our survey.

[8] Available at https://www.sec.gov/files/spotlight/iac/20230921-recommendation-regarding-hcm.pdf.

[9] Agency Rule List – Spring 2024 Securities and Exchange Commission, Office of Information and Regulatory Affairs (2024), available here.

[10] See, e.g., comments issued to Concentra Group Holdings Parent, Inc. (available at https://www.sec.gov/Archives/edgar/data/2014596/000000000024003738/filename1.pdf) and PACS Group, Inc. (available at https://www.sec.gov/Archives/edgar/data/2001184/000000000024000134/filename1.pdf).

[11] See PwC’s Global Investor Survey 2024, available at https://www.pwc.com/gx/en/issues/c-suite-insights/global-investor-survey.html.


The following Gibson Dunn attorneys assisted in preparing this update: Brian Lane, Julia Lapitskaya, Ronald Mueller, Michael Titera, and Meghan Sherley.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation and Corporate Governance or Labor and Employment practice groups, or any of the following practice leaders and members:

Securities Regulation and Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Michael Scanlon – Washington, D.C.(+1 202.887.3668, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])

Labor and Employment:
Jason C. Schwartz – Co-Chair, Washington, D.C. (+1 202.955.8242, [email protected])
Katherine V.A. Smith – Co-Chair, Los Angeles (+1 213.229.7107, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

The Department of Justice has filed emergency motions for a stay pending appeal of a recent district court order that preliminarily enjoined enforcement of the Corporate Transparency Act (CTA).[1]  The government has asked for a ruling by December 27, 2024.  If the district court or Fifth Circuit Court of Appeals issues a stay pending appeal, the CTA and its January 1, 2025 reporting deadline could become enforceable once again.

An update on case developments since our December 9, 2024 Client Alert can be found immediately below. For additional background information, please refer to the remainder of this Client Alert or our Client Alerts issued on December 5 and December 9, 2024.

On December 11, the Department of Justice, on behalf of the Financial Crimes Enforcement Network (FinCEN), filed a motion in the U.S. District Court for the Eastern District of Texas requesting that the court stay its preliminary injunction pending the government’s appeal to the Fifth Circuit Court of Appeals.[2]  The district court ordered the plaintiffs to respond to that stay motion by December 16.

In the meantime, on December 13, the government also filed a motion in the Fifth Circuit asking that court to stay the district court’s order pending appeal or, in the alternative, to narrow the scope of the court’s injunction to cover only the members of plaintiff National Federation of Independent Business (NFIB) rather than every reporting entity in the country.[3]  The government argued that it was likely to succeed on the merits of its appeal, asserting that the CTA is a valid exercise of Congress’s commerce power because it regulates corporations, which engage in commercial activity.[4]  At a minimum, the government argued, the district court erred in concluding that a facial challenge to the CTA would be successful because plaintiffs have not shown that the statute lacks legitimate applications.[5]  The government also argued that the injunction irreparably harms its interests in fighting financial crime, and that the court’s nationwide remedy is overly broad because it extends beyond the plaintiffs.[6]

The government requested a ruling from the Fifth Circuit “no later than December 27, 2024, to ensure that regulated entities can be made aware of their obligation to comply before January 1, 2025.”[7]  The Fifth Circuit set a briefing schedule calling for a response from the plaintiffs by December 17 and a reply from the government by December 19.

What the Stay Motion Means for Entities Subject to the CTA

As we previously described,[8] given the possibility of the district court’s order being stayed pending appeal, reporting entities’ legal obligations are subject to change on short notice.  Either the district court or the Fifth Circuit could grant the government’s stay request before the end of the year.  If the Fifth Circuit denies the government’s stay request, the government could request that relief from the Supreme Court.  If the district court’s order is stayed pending appeal, the CTA’s beneficial ownership information (BOI) Reporting Rule will become enforceable again.  If the district court’s order is narrowed to cover only the plaintiffs and members of the NFIB, the plaintiffs and NFIB’s approximately 300,000 members will receive the benefits of the preliminary injunction, but the law would become effective with respect to all other reporting entities.

The government’s stay applications in the district court and Fifth Circuit signal that if it succeeds in winning a stay of the district court’s order by December 27, there is a possibility that the government might try to enforce the January 1, 2025 reporting deadline for companies created or registered to do business in the United States before January 1, 2024.  It also remains possible that FinCEN will extend that deadline.

Entities that believe they may be subject to the Reporting Rule should closely monitor this matter, and consult with their CTA advisors as necessary, to understand when, if at all, they need to comply with the Reporting Rule’s requirements and to allow for sufficient lead time to prepare BOI reports in advance of any filing deadline that may be re-established (with or without adjustment) in the future.

Additional Background

The CTA, enacted in 2021, requires corporations, limited liability companies, and certain other entities created (or, as to non-U.S. entities, registered to do business) in any U.S. state or tribal jurisdiction to file a “BOI” report with FinCEN identifying, among other information, the natural persons who are beneficial owners of the entity.[9] A regulation, the Reporting Rule, helps implement the CTA by specifying compliance deadlines—including a January 1, 2025 deadline for companies created or registered to do business in the United States before January 1, 2024—and detailing what information must be reported to FinCEN.[10]

The December 3, 2024 Ruling

On December 3, 2024, in ruling on a lawsuit challenging the constitutionality of the CTA and Reporting Rule on various grounds, Judge Amos L. Mazzant of the U.S. District Court for the Eastern District of Texas granted plaintiffs’ motion for a preliminary injunction.[11] Unlike another court that had held the CTA unconstitutional,[12] Judge Mazzant preliminarily enjoined enforcement of the CTA and Reporting Rule nationwide.[13] Moreover, the court invoked its power under the Administrative Procedure Act’s stay provision, 5 U.S.C. § 705, to “postpone the effective date of” the Reporting Rule.[14]

Government’s Initial Response[15]

On December 5, the Department of Justice, on behalf of the Department of the Treasury, filed a notice of appeal from the court’s opinion and order to the U.S. Court of Appeals for the Fifth Circuit.[16]

FinCEN also posted a statement to its website.[17]  In sum, FinCEN noted that, because of the court’s order, “reporting companies are not currently required to file their beneficial ownership information with FinCEN and will not be subject to liability if they fail to do so while the preliminary injunction remains in effect. Nevertheless, reporting companies may continue to voluntarily submit beneficial ownership information reports.”  FinCEN also noted the appeal filed by the Department of Justice. 

[1]  A prior alert by Gibson Dunn explaining the district court’s ruling is available at https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwide.

[2] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 35 (E.D. Tex. Dec. 11, 2024)

[3] Texas Top Cop Shop, Inc. v. Garland, No. 24-40792, Dkt. 21 (5th Cir. Dec. 13, 2024).

[4] Id. at 9–11.

[5] Id. at 11–12.

[6] Id. at 14–21.

[7] Id. at 2.

[8] Supra https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwidehttps://www.gibsondunn.com/us-government-appeals-and-fincen-issues-guidance-about-nationwide-preliminary-injunction-of-corporate-transparency-act-enforcement.

[9] See William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, Div. F., § 6403 (adding 31 U.S.C. § 5336).  Prior alerts by Gibson Dunn explaining the Corporate Transparency Act are available at: https://www.gibsondunn.com/top-12-developments-in-anti-money-laundering-enforcement-in-2023https://www.gibsondunn.com/the-impact-of-fincens-beneficial-ownership-regulation-on-investment-fundshttps://www.gibsondunn.com/the-corporate-transparency-act-reminders-and-key-updates-including-fincen-october-3-faqs.

[10] 31 C.F.R. § 1010.380.

[11] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[12] Nat’l Small Business United v. Yellen, 721 F. Supp. 3d 1260 (N.D. Ala. 2024); see https://www.gibsondunn.com/corporate-transparency-act-declared-unconstitutional-what-it-means-for-you.

[13] Id. at 77.

[14] Id. at 78.

[15] See Gibson Dunn’s December 9 Client Alert describing the government’s initial response to the district court ruling, available at https://www.gibsondunn.com/us-government-appeals-and-fincen-issues-guidance-about-nationwide-preliminary-injunction-of-corporate-transparency-act-enforcement.

[16]  Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkts. 32, 34 (E.D. Tex. Dec. 6, 2024).

[17]  https://fincen.gov/boi.


The following Gibson Dunn lawyers assisted in preparing this update: Kevin Bettsteller, Stephanie Brooker, Matt Gregory, Justin Newman, Dave Ware, Sam Raymond, Chris Jones, and Connor Mui.

Gibson Dunn has deep experience with issues relating to the Bank Secrecy Act, the Corporate Transparency Act, other AML and sanctions laws and regulations, and challenges to Congressional statutes and administrative regulations.

For assistance navigating white collar or regulatory enforcement issues, please contact the authors, the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s Anti-Money Laundering, Administrative Law & Regulatory, Investment Funds, Real Estate, or White Collar Defense & Investigations practice groups.

Please also feel free to contact any of the following practice group leaders and members and key CTA contacts:

Anti-Money Laundering:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
M. Kendall Day – Washington, D.C. (+1 202.955.8220, [email protected])
David Ware – Washington, D.C. (+1 202-887-3652, [email protected])
Ella Capone – Washington, D.C. (+1 202.887.3511, [email protected])
Sam Raymond – New York (+1 212.351.2499, [email protected])
Chris Jones – Los Angeles (+1 213.229.7786, [email protected])

Administrative Law and Regulatory:
Stuart F. Delery – Washington, D.C. (+1 202.955.8515, [email protected])
Eugene Scalia – Washington, D.C. (+1 202.955.8673, [email protected])
Helgi C. Walker – Washington, D.C. (+1 202.887.3599, [email protected])
Matt Gregory – Washington, D.C. (+1 202.887.3635, [email protected])

Investment Funds:
Kevin Bettsteller – Los Angeles (+1 310.552.8566, [email protected])
Shannon Errico – New York (+1 212.351.2448, [email protected])
Greg Merz – Washington, D.C. (+1 202.887.3637, [email protected])

Real Estate:
Eric M. Feuerstein – New York (+1 212.351.2323, [email protected])
Jesse Sharf – Los Angeles (+1 310.552.8512, [email protected])
Lesley V. Davis – Orange County (+1 949.451.3848, [email protected])
Anna Korbakis – Orange County (+1 949.451.3808, [email protected])

White Collar Defense and Investigations:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
Winston Y. Chan – San Francisco (+1 415.393.8362, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
F. Joseph Warin – Washington, D.C. (+1 202.887.3609, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

From the Derivatives Practice Group: The CFTC will hold an open meeting on December 18 to discuss two Final Rules: the Final Rule on Real-Time Public Reporting Requirements and Swap Data Recordkeeping and Reporting Requirements, and the Final Rule on Regulations to Address Margin Adequacy and to Account for the Treatment of Separate Accounts by Futures Commission Merchants.

New Developments

  • CFTC Staff Issues Advisory Regarding Form 304 Submission Format Beginning January 15, 2025. On December 12, the CFTC Division of Market Oversight issued an advisory notifying all merchants and dealers of cotton holding or controlling positions for future delivery in cotton (traders) that beginning next year they must submit the regulatory filing identified as “Form 304” through the CFTC’s online filings portal. The advisory notes that all traders who are subject to CFTC Regulation 17 CFR 19.00(a) beginning January 15, 2025, Form 304 must be submitted through the CFTC’s online filings portal, which has been updated for traders’ use. Form 304 should continue to be submitted via email through January 14, 2025. [NEW]
  • CFTC to Hold a Commission Open Meeting December 18. On December 11, the CFTC announced the Commission will hold an open meeting Wednesday, December 18 at 9:30 a.m. – 12:00 p.m. (ET) at the CFTC’s Washington, D.C. headquarters. The Commission will consider the following: the Final Rule on Real-Time Public Reporting Requirements and Swap Data Recordkeeping and Reporting Requirements and the Final Rule on Regulations to Address Margin Adequacy and to Account for the Treatment of Separate Accounts by Futures Commission Merchants. [NEW]
  • CFTC Staff Issues Advisory Related to the Use of Artificial Intelligence by CFTC-Registered Entities and Registrants. On December 5, the CFTC’s Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants issued a staff advisory on the use of artificial intelligence in CFTC-regulated markets by registered entities and registrants. The advisory is intended to remind CFTC-regulated entities of their obligations under the Commodity Exchange Act and the CFTC’s regulations as these entities begin to implement AI. CFTC staff noted that it is closely tracking the development of AI technology and AI’s potential benefits and risks and that it values its ongoing dialogue with CFTC-regulated entities and intends to monitor these entities’ use of AI as part of the agency’s routine oversight activities. According to the CFTC, the advisory is informed, in part, by public comments received in response to the staff’s January 25, 2024 Request for Comment on AI.
  • CFTC Releases FY 2024 Enforcement Results. On December 4, the CFTC announced record monetary relief of over $17.1 billion for fiscal year 2024. With the resolution of digital asset cases that resulted in the agency’s largest recovery ever, this record amount included $2.6 billion in civil monetary penalties and $14.5 billion in disgorgement and restitution. In FY 2024, the agency brought 58 new actions including, in the CFTC’s words, precedent-setting digital asset commodities cases, its first actions addressing fraud in voluntary carbon credit markets, complex manipulation cases in various markets, and significant compliance cases – including its largest compliance case ever. The CFTC also said that it continued to vigorously litigate pending actions, resulting in significant litigation victories and recoveries.
  • Commissioner Johnson Announces CFTC Market Risk Advisory Committee Meeting on December 10. On November 26, CFTC Commissioner Kristin N. Johnson, sponsor of the Market Risk Advisory Committee (“MRAC”) announced that the MRAC will hold a public meeting on Tuesday, Dec. 10, from 9:30 a.m. to 12:30 p.m. (EDT) at the CFTC’s Washington, D.C., headquarters. At the meeting, the MRAC will discuss current topics and developments in the areas of central counterparty risk and governance, market structure, climate-related risk, and innovative and emerging technologies affecting the derivatives and related financial markets.

New Developments Outside the U.S.

  • ESMA Consults on Proposals to Digitalize Sustainability and Financial Disclosures. On December 13, ESMA published a Consultation Paper seeking stakeholders’ views on how the European Single Electronic Format can be applied to sustainability reporting. The proposals also aim to ease the burden associated with financial reporting. Interested stakeholders are invited to submit their feedback by March 31, 2025. [NEW]
  • ESMA Consults on Open-Ended Loan Originating Alternative Investment Funds. On December 12, ESMA published a consultation paper on draft regulatory technical standards on open-ended loan originating Alternative Investment Funds (“AIFs”) under the revised Alternative Investment Fund Managers Directive (“AIFMD”). AIFMD review has introduced some harmonized rules on loan originating funds. The goal of these rules is to provide a common implementing framework by determining the elements and factors that Alternative Investment Fund Managers need to consider when making the demonstration to their Competent Authorities that the loan originated AIFs they manage can be open-ended. [NEW]
  • ESMA Consults on Technical Advice on Listing Act Implications. On December 12, ESMA launched a consultation to gather feedback following changes to the Market Abuse Regulation (“MAR”) and Market in Financial Instruments Directive II (“MiFID II”) introduced by the Listing Act. Regarding MAR, ESMA is inviting feedback on: a non-exhaustive list of the protracted process and the relevant moment of disclosure of the relevant inside information (together with some principles to identify the moment of disclosure for protracted not listed processes); a non-exhaustive list of examples where there is a contrast between the inside information to be delayed and the latest public announcement by the issuer; and a methodology and preliminary results for identifying trading venues with a significant cross-border dimension, for the purposes of establishing a Cross Market Order Book Mechanism. Regarding MiFID II, ESMA’s proposals cover: a systematic review of the relevant provisions in Commission Delegated Regulation 2017/565 to ensure that a Multilateral Trading Facility (“MTF”) (or a segment of it) to be registered as small and medium-sized enterprises growth market complies with the relevant requirements in the revised MiFID II; and some conditions to meet the registration requirements for a segment of an MTF, as specified in the revised MiFID II. [NEW]
  • ESAs Provide Guidelines to Facilitate Consistency in the Regulatory Classification of Crypto-Assets by Industry and Supervisors. On December 10, the European Supervisory Authorities (the “ESAs”) published joint Guidelines intended to facilitate consistency in the regulatory classification of crypto-assets under Markets in Crypto Asset Regulation. The Guidelines include a standardized test to promote a common approach to classification as well as templates market participants should use when communicating to supervisors the regulatory classification of a crypto-asset. [NEW]
  • IOSCO Publishes Final Report on Regulatory Implications and Good Practices on the Evolution of Market Structures. On November 29, IOSCO published its Final Report on the Evolution in the Operation, Governance, and Business Models of Exchanges. According to IOSCO, the Final Report addresses significant changes in exchange business models and market structures, highlighting the impact of increased competition, technological advancements, and cross-border activity on exchanges. Additionally, it outlines a set of six good practices for regulators to consider in the supervision of exchanges that cover three key areas: (1) Organization of Exchanges and Exchange Groups (2) Supervision of Exchanges and Trading Venues within Exchange Groups and (3) Supervision of Multinational Exchange Groups.
  • BoE Publishes Report on Its System-Wide Exploratory Scenario Exercise and Stress Test Results for UK CCPs. On November 29, the Bank of England (“BoE”) published a final report on its system-wide exploratory scenario (“SWES”) and the results of its 2024 supervisory stress test of UK central counterparties (“CCPs”). As part of the SWES exercise, 50 participating firms, including banks, insurers, pension schemes, hedge funds, asset managers and CCPs, had to assess how they would be impacted by a hypothetical stress scenario, including severe but plausible shocks to a wide range of market prices and indicators over 10 business days, including moves similar to those seen during the UK gilt market crisis in 2022 and the 2020 dash for cash. BoE noted key observations, including (1) the simulated market shocks generated significant liquidity needs for non-bank financial intermediaries, (2) financial participants’ collective actions amplify the initial shock, (3) the gilt repo market was central in helping to absorb the shock, but its capacity in times of stress remains limited, (4) the exercise confirms the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and (5) there were material differences between firms’ and CCPs’ expectations on projections of initial margin increases, with banks and non-bank financial intermediaries generally overestimating changes in CCP initial margin. The BoE indicated that its supervisory stress test of UK CCPs also confirmed the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and indicated (1) CCPs were found to experience greater mutualized losses in this exercise compared to previous ones, (2) the ability of clients of defaulting members to port positions has a material impact on the credit stress test results and (3) the exercise also considered the cost of liquidating concentrated positions held by defaulters, with results showing that including concentration costs (assuming no porting) can have a material impact on the depletion of resources.
  • ESMA Announces Further Guidance on Exclusion Criteria for the Selection of Consolidated Tape Providers. On November 25, ESMA clarified details for some of the documents that future applicants will be expected to provide when participating in the selection process for Consolidated Tapes Providers (“CTPs”). During the first stage of the selection procedure, the exclusion criteria will be used to assess if applicants can be invited to submit their applications in the second stage of the procedure. ESMA will require specific documentation from applicants, including a declaration of honor and valid evidence on exclusion criteria. ESMA’s publication includes an indicative overview of the relevant certificates issued in each EU Member State for such evidence.
  • ESMA Responds to the European Commission Consultation on Non-Bank Financial Intermediation. On November 22, ESMA sent its response to the European Commission consultation on assessing the adequacy of macroprudential policies for Non-Bank Financial Intermediation (“NBFI”). In its response, ESMA makes key proposals in several areas, including liquidity management, money market fund regulation, supervision and data, and coordination between competent authorities.

New Industry-Led Developments

  • FRTB Implementation Challenges: Capitalization of Funds. On December 13, ISDA published a second whitepaper on the capitalization of equity investment in funds (“EIIFs”) under the Fundamental Review of the Trading Book (“FRTB”) framework. This paper builds upon an earlier ISDA publication in 2022 that highlighted the overly conservative capital requirements and operational complexities resulting from the proposed Basel III framework associated with EIIFs. Since then, several jurisdictions have implemented the FRTB (Canada and Japan), while others have finalized their FRTB rules (the EU and the UK) or are consulting on the final rules (the US). This topic continues to be a globally important issue for the industry, with many unresolved concerns related to the treatment of EIIFs. [NEW]
  • Joint Associations Send Letter on UK CCP Equivalence and Recognition. On December 12, ISDA and eleven other trade associations representing a broad group of market participants sent a letter to Commissioner Albuquerque requiring that the European Commission extends the equivalence decision for UK Central Counterparties (“CCPs”) in a non-time-limited manner and well in advance of March 31, 2025. The current time-limited equivalence decision is set to expire on June 30, 2025. [NEW]
  • ISDA Publishes Paper on Compliance Requirements under MIFIR. On December 9, ISDA published a paper that maps out an approach to post-trade transparency under the revised Markets in Financial Instruments Regulation (“MIFIR”) for reporting single-name credit default swaps referenced to global systemically important banks, supporting meaningful transparency and implementation practicability. [NEW]
  • ISDA Responds to European Commission’s Consultation on Macroprudential Policies for NBFIs. On November 21, ISDA responded to the European Commission’s consultation on assessing the adequacy of macroprudential policies for NFBI. In the response, ISDA covers a range of key topics, including the need to consider the diversity of the NBFI sector, possible solutions to challenges in meeting collateral requirements, the importance of bank intermediation capacity, the need for deep and liquid core funding markets, enhanced data sharing among regulators and the vital role played by non-cleared derivatives markets, especially in times of stress.
  • ISDA Sends Letter to FASB on Hedge Accounting Improvements. On November 25, ISDA submitted a comment letter to the Financial Accounting Standards Board (“FASB”) in response to its exposure draft (ED) on File Reference No. 2024-ED200, Derivatives and Hedging (Topic 815) – Hedge Accounting Improvements. In the comment letter, ISDA explains it supports the FASB’s proposals in the ED and believes the ED achieves the FASB’s objective of improving the application and relevance of the derivatives and hedging guidance.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus  – New York (212.351.3869,  [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

This update discusses key trends and insights from our analysis of the cybersecurity disclosures made by 97 S&P 100 companies in their most recent Form 10-K filings in response to Regulation S-K Item 106.

I. Introduction

This alert highlights key trends and insights from our analysis of the cybersecurity disclosures made by 97 S&P 100 companies in their 2024 Form 10-K filings, as required by new Item 106 of Regulation S-K (“Item 106”), as of November 30, 2024.[1]

As discussed in a previous client alert, the Securities and Exchange Commission (“SEC” or “Commission”) adopted on July 26, 2023, a final rule requiring public companies to provide current disclosure of material cybersecurity incidents and annual disclosure regarding cybersecurity risk management, strategy, and governance.  Under Item 106, which is required to be addressed in new Item 1C of Form 10-K, public companies must include disclosures in their annual reports regarding their (1) cybersecurity risk management and strategy, including with respect to their processes for identifying, assessing, and managing cybersecurity threats and whether risks from cybersecurity threats have materially affected them, and (2) cybersecurity governance, including with respect to oversight by their boards and management.[2]  All public companies were required to comply with these disclosure requirements for the first time beginning with their annual reports on Form 10-K or 20-F for the fiscal year ending on or after December 15, 2023.

II. Executive Overview

While certain disclosure trends have emerged under Item 106, we note that there is significant variation among companies’ cybersecurity disclosures, reflecting the reality that effective cybersecurity programs must be tailored to each company’s specific circumstances, such as its size and complexity of operations, the nature and scope of its activities, industry, regulatory requirements, the sensitivity of data maintained, and risk profile.  Companies must strike a careful balance in their disclosures, providing sufficient decision-useful information for investors, while taking care not to reveal sensitive information that could be exploited by threat actors.[3]  We expect company disclosures to continue to evolve as their practices change in response to the ever-evolving cybersecurity threat landscape and as common disclosure practices emerge among public companies.

Below is an executive overview of the key disclosure trends we observed (discussed in detail in Section III below):

  • Materiality. The phrasing used by companies for this disclosure requirement varies widely.  Specifically, in response to the requirement to describe whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the company, the largest group of companies (40%) include disclosure in Item 1C largely tracking Item 106(b)(2) language (at times, subject to various qualifiers); 38% vary their disclosure from the Item 106(b)(2) requirement in how they address the forward-looking risks; and 22% of companies do not include disclosure specifically responsive to Item 106(b)(2) directly in Item 1C, although a substantial majority of these companies cross-reference to a discussion in Item 1A “Risk Factors.”
  • Board Oversight. Most companies delegate specific responsibility for cybersecurity risk oversight to a board committee and describe the process by which such committee is informed about such risks.  Ultimately, however, the majority of surveyed companies report that the full board is responsible for enterprise-wide risk oversight, which includes cybersecurity.
  • Cybersecurity Program. Companies commonly reference their program alignment with one or more external frameworks or standards, with the National Institute of Standards and Technology (NIST) Cybersecurity Framework being cited most often.  Companies also frequently discuss specific administrative and technical components of their cybersecurity programs, as well as their high-level approach to responding to cybersecurity incidents.
  • Assessors, Consultants, Auditors or Other Third Parties. As required by Item 106(b)(1)(ii), nearly all companies discuss retention of assessors, consultants, auditors or other third parties, as part of their processes for oversight, identification, and management of material risks from cybersecurity threats.
  • Risks Associated with Third-Party Service Providers and Vendors. In line with the requirements of Item 106(b)(1)(iii), all companies outline processes for overseeing risks associated with third-party service providers and vendors.
  • Drafting Considerations.
    • Most companies organize their disclosure into two sections, generally tracking the organization of Item 106, with one section dedicated to cybersecurity risk management and strategy and another section focused on cybersecurity governance. Companies typically include disclosures responsive to the requirement to address material impacts of cybersecurity risks, threats, and incidents in the section on risk management and strategy.
    • The average length of disclosure among surveyed companies is 980 words, with the shortest disclosure at 368 words and the longest disclosure at 2,023 words. The average disclosure runs about a page and a half.

While comment letters have not been issued in response to Item 106 disclosure in annual reports on Form 10-K filed by the S&P 100 companies we surveyed, as of November 30, 2024, five comment letters from the Staff had been issued to other companies regarding their Item 106 disclosures.  For details, see Section VI below.

III. Key Disclosure Trends

For comparison purposes, we have grouped the discussion below into three categories: (1) cybersecurity risk management and strategy; (2) cybersecurity governance; and (3) disclosures in response to the requirement to address material cybersecurity risks, threats, and incidents.

a. Cybersecurity Risk Management and Strategy

Item 106(b)(1) calls for a description of a company’s “processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats in sufficient detail for a reasonable investor to understand those processes.”  In response to this overarching disclosure requirement, some of the most commonly addressed topics are as follows:

  • Cybersecurity Frameworks or Standards. Though not specifically required by Item 106, a majority of surveyed companies (60%) reference one or more external frameworks or standards that inform, to varying degrees, their cybersecurity program management processes and practices.  The NIST Cybersecurity Framework is referenced most often, with 51 companies making mention of it.  Other frameworks or standards cited by surveyed companies include those set by the International Organization for Standardization (ISO) (including, for example, ISO 27001 and 27002), SOC 1 and 2, and the Payment Card Industry Data Security Standard (PCI DSS).  Notably, companies use varied terminology when discussing specified frameworks or standards.  For example, when citing NIST, companies explain that their cybersecurity program or risk management approach “leveraged,” was “informed by,” “aligns with,” or was “based on” the framework.[4]
  • Description of Cybersecurity Program Elements. Nearly all surveyed companies discuss specific components of the company’s cybersecurity program, which most prominently include references to identity and access management, logging and monitoring, penetration testing and vulnerability scanning, governance, risk assessment and threat intelligence, employee awareness and training, and security monitoring.  Companies also widely note where employees are provided with cybersecurity training (84%), with 27 of those companies disclosing that they provide this training on at least an annual basis.
  • Incident Response Preparedness. The substantial majority of companies note the implementation of an incident response plan or procedures (87%), and nearly all companies (96%) describe the use of audits, drills, and/or tabletop exercises to test incident preparedness and the company’s incident response processes.

In addition to the general requirement quoted above, Item 106(b)(1) includes a non-exclusive list of disclosure items, which most surveyed companies specifically address in their Item 1C disclosures as follows:

  • Whether and how any such processes have been integrated into the company’s overall risk management system or processes. In response to this disclosure item, a substantial majority of surveyed companies (90%) disclose that the oversight of cybersecurity risk has been integrated into the company’s overall risk management system or processes.
  • Whether the registrant engages assessors, consultants, auditors or other third parties in connection with any such processes.  Nearly all companies (98%) generally disclose the engagement of assessors, consultants, auditors or other third parties in the management of cybersecurity risks.  Most companies do not specifically name the third parties they engage.
  • Whether the registrant has processes to oversee and identify material risks from cybersecurity threats associated with its use of any third-party service provider.  In line with Item 106’s requirements, all companies generally discuss third-party risk management practices, including outlining processes for identifying and managing material cyber risks associated with third-party service providers.  Ninety percent report evaluating, monitoring or conducting due diligence on a vendor’s cybersecurity practices, and 42% report requiring vendors to adhere to certain cybersecurity management processes.  These third-party risk management processes can range from conducting due diligence of the third party’s information security environments, or reviewing their incident response capabilities, to monitoring their regulatory compliance to assess the company’s own risk of exposure.

b. Cybersecurity Governance

Item 106(c)(1) requires that companies describe the role of the board in the oversight of cybersecurity risks, including the role of board committees or subcommittees, and Item 106(c)(2)(i) requires that companies describe the management’s role in assessing and managing their material risks from cybersecurity threats, including addressing which management positions or committees are responsible for assessing and managing such risks.  In response to these disclosure requirements, some of the most commonly addressed topics are as follows:

  • The Role of the Board and Committees of the Board in Cybersecurity Governance. As part of the discussion of cybersecurity governance, a majority of surveyed companies (68%) report that the board is responsible for enterprise-wide risk oversight, which includes cybersecurity.  However, a majority of companies (66%) also disclose that a committee or subcommittee of the board has been delegated responsibility for primary oversight of cybersecurity risks, with a minority of companies (28%) reporting that the board and a designated committee share the primary oversight of cybersecurity risks, and a handful of companies (6%) reporting that the full board retains primary oversight of cybersecurity risks.  Of the companies that delegate primary oversight of cybersecurity risks to a committee or subcommittee, or for which the board and a designated committee or subcommittee share oversight, companies most often disclose that the audit committee (78%) has this responsibility, followed by a risk committee (19%) (for companies that have a risk committee).
  • The Role of Management in Cybersecurity Governance. In responding to this disclosure item, nearly all companies (99%) list one or more management positions responsible for addressing and managing cybersecurity risks, with a significant minority of companies (43%) reporting that a management committee is also responsible for managing such risks.  Of the companies that identify a management position responsible for assessing and managing material cybersecurity risks, 61% identify one officer who fulfils this role and 39% identify more than one officer responsible for fulfilling this role.  The substantial majority of companies (78%) identify a Chief Information Security Officer (CISO) among the management positions responsible for assessing and managing cybersecurity risks, while a minority of companies identify other positions, such as a Chief Information Officer (CIO) (14%), Chief Technology Officer (CTO) (4%), or another officer, such as a Chief Security Officer, Head of Technology, Chief Information and Digital Officer, and/or Chief Cybersecurity Officer.

Item 106(c)(2)(i) also requires a description of the relevant expertise of management in “such detail as necessary to fully describe the nature of the expertise.”  In response, a substantial majority of companies (88%) disclose the experience and/or qualifications of the individual(s) responsible for assessing and managing cybersecurity risk.  While companies vary widely with respect to the level of specificity they provide in describing relevant experience or qualifications of those in management, surveyed companies generally provide examples of an individual’s:

  • Roles and Positions Prior to Joining the Company.  Practice on this point varies widely, ranging from the inclusion of a general note stating that the individual has held various cybersecurity-related roles, to identifying the specific title held by such individual in the past roles, to noting the technical and industry-specific experience gained or skills employed in prior positions.
  • Years of Relevant Work Experience.  Where surveyed companies disclose this point, the years of experience range from 15 years to more than 30 years of relevant work experience.
  • Education and Certifications.  While less common than the other two categories mentioned above, some companies include reference to an individual’s educational background or certifications (e.g., where the individual received certification as an information systems security professional (CISSP)).

Item 106(c)(2)(ii) requires that companies address how management is informed of and monitors the “prevention, detection, mitigation, and remediation of cybersecurity incidents.”  In response to this disclosure item, companies generally disclose that management is informed of cybersecurity risks and incidents through internal reporting channels, such as receiving reports from the company’s cybersecurity professionals.

Item 106(c)(2)(iii) requires that companies discuss the process by which management reports cybersecurity risks to its board.  In response to this disclosure item, all companies disclose that the board or responsible committee receives reports from management, with a substantial majority of these companies (82%) disclosing that the board or responsible committee receives reports on a regular basis.[5]  A majority of the surveyed companies (61%) also report a process for escalating certain cybersecurity incidents, risks or threats to the board or responsible committee.

c. Material Cybersecurity Risks, Threats & Incidents

Item 106(b)(2) requires that companies “[d]escribe whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the registrant, including its business strategy, results of operations, or financial condition and if so, how.”  While disclosure on this point varied greatly, we observed the following trends among surveyed companies in response to this disclosure item:

  • Some Companies Did Not Affirmatively Address Item 106(b)(2) in Item 1C. Twenty-two percent of surveyed companies do not appear to have included disclosure responsive to Item 106(b)(2) in Item 1C.[6]  Of these companies, 90% provide a cross-reference to a discussion in Item 1A “Risk Factors.”[7]
  • Most Disclosures Track the Language of Item 106(b)(2). Forty percent of surveyed companies largely track the language of the disclosure item with respect to both the backward-looking aspect (“have materially affected”) and the forward-looking aspect (“are reasonably likely to materially affect”) of the rule by responding in the negative, concluding that they did not identify any risks from cybersecurity threats that have materially affected or are reasonably likely to materially affect the company, including its business strategy, result of operations or financial condition.  However, the precise formulation varied from company to company.[8]  Of these companies:
    • 54% include a knowledge qualifier making clear that they are “not aware” or “do not believe” that such risks have materially affected or are reasonably likely to materially affect the company;
    • 67% make clear that they are speaking as of the end of the fiscal year covered by the Form 10-K or as of the date of the Form 10-K;
    • in addition to tracking the rule, 44% include a disclaimer noting that there is no “guarantee” or “assurance” (or something similar) that cyber-related risks may not be material in the future;
    • 26% limit required disclosure to threats identified during the last year or last three fiscal years; and
    • one company limited the future horizon to “over the long term.”
  • Many Companies Vary Disclosure on Forward-Looking Impacts, or Address It Vaguely or Not At All. Thirty-eight percent of surveyed companies address the backwards-looking aspect of the rule by largely tracking the rule on that point. For the forward-looking aspect of the rule, some of them: (i) simply do not address it at all or make vague references to potential future impacts (35%); (ii) include a disclaimer noting that there is no “guarantee” or “assurance” (or something similar) that cyber-related risks may not be material in the future (51%); or (iii) make explicit what is an inherent assumption in the disclosure requirement, such as by stating that risks from cybersecurity threats, “if realized,” are reasonably likely to materially affect business strategy, results of operations, or financial condition (16%).  One company includes both a “no guarantee” disclaimer and “if realized” language (3%).  In addition, among these 38% of the surveyed companies:
    • 16% include a knowledge qualifier making clear that they are “not aware” or “do not believe” that such risks have materially affected the company;
    • 41% make clear that they are speaking as of the end of the fiscal year covered by the Form 10-K or as of the date of the Form 10-K; and
    • 27% limit required disclosure to threats identified during the last year, last three fiscal years or “recent years.”

IV. ISS Governance QualityScore[9]

While it is not possible to say definitively, it is possible that some of the reporting trends observed among the surveyed companies may be attributable to the questions included by Institutional Shareholder Services (“ISS”) in its Governance QualityScore (“QualityScore”) relating to information security since they are not otherwise directly responsive to Item 106 requirements.  For example:

  • possibly in response to ISS Question 409, which evaluates disclosure regarding whether the company has information security risk insurance, a minority of surveyed companies (26%) disclose maintaining some level of cybersecurity insurance;
  • possibly in response to ISS Question 405, which assesses disclosure as to how many directors have information security skills, a minority of companies (14%) report having directors with information security experience, despite the fact that the proposed requirement to disclose this information was not included in the final cybersecurity rule;[10] and
  • possibly in response to ISS Question 407, which assesses whether a company experienced an information security breach in the last three years, 3% of companies frame their statements about material effects from cybersecurity threats or incident using this specific time period.

V. Drafting Considerations

The majority of surveyed companies (66%) divide their disclosure into two sections tracking the organization of Item 106, with one section dedicated to cybersecurity risk management and strategy and another section focused on cybersecurity governance.  Of those companies, 33% include subsections within one or both of those two main sections, 23% of surveyed companies use no headings at all, and 11% of surveyed companies use headings that differ from the structure of Item 106 (either by including more than the two primary sections set forth in the rule or by including distinct headings altogether).

The average length of disclosure among surveyed companies is 980 words, with the shortest disclosure at 368 words and the longest disclosure at 2,023 words.  The average disclosure runs about a page and a half.

VI. Comment Letters

As of November 30, 2024, there have been five comment letters from the Staff regarding disclosure under Item 1C.  While these comment letters have not been issued in response to disclosure in annual reports on Form 10-K filed by the S&P 100 companies we surveyed, we are including a discussion of them here for completeness, as they are instructive as to what the Staff was focused on when reviewing the first set of Item 106 disclosures.  To summarize:

  • Two of these comment letters simply requested that companies refile their annual reports on Form 10-K to include an omitted Item 1C.[11]  In both instances, the companies filed an amendment on Form 10-K/A, adding the requested disclosure.[12]
  • One comment letter requested that a company amend future filings to clarify inconsistent statements about its engagement of third parties in connection with its processes for identifying, assessing and managing material risks from cybersecurity threats.[13]  The company responded by clarifying the nature of its engagement of third parties in identifying and managing cybersecurity risks, and also confirmed that it would clarify this point to avoid any inconsistency or ambiguity in future filings.[14]
  • In three comment letters, the Staff touched upon the following requirements of Item 106, requesting expanded disclosure in future filings:
    • Item 106(b)(1) (Processes for Assessing, Identifying, and Managing Material Risk from Cybersecurity Threats). The Staff requested that a company expand its disclosure to describe the areas of responsibility of its executive management team and board of directors, along with their respective processes in response to this disclosure item.[15]  The company responded by confirming it would include the requested detail in future filings.[16]
    • Item 106(b)(1)(i) (Integration of Cybersecurity Risk Processes into Overall Risk Management). In one comment letter, the Staff requested that a company revise future filings to disclose how processes for “assessing, identifying, and managing” material cybersecurity threats have been integrated into its overall risk management system or processes in response to this disclosure item.[17]  The company responded by emphasizing that these processes are “well integrated” into its overall risk management system, noting relevant disclosure included in its current filing, and agreeing to provide more detail in future filings in response to this disclosure item.[18]
    • Item 106(c)(2)(i) (Identification of Management Committees or Positions Responsible for Assessing and Managing Material Risks from Cybersecurity Threats). Two of the comment letters noted above also included comments related to the discussion of management’s responsibility over cybersecurity risks.  The first comment letter requested the company identify which management positions or teams are responsible for assessing and managing material risks from cybersecurity threats in future filings.[19]  The second such letter requested a discussion of the relevant expertise of the company’s senior leadership responsible for managing the company’s cybersecurity risk and the “design and implementation of policies, processes and procedures to identify and mitigate this risk.”[20]  In each case, the company responded by confirming it would include the requested detail in future filings.[21]

While the impact of the November 2024 election on future leadership of the SEC is uncertain, as are their strategic and enforcement priorities, we expect SEC scrutiny over cybersecurity incident disclosures to continue as companies adjust their disclosure practices to the new requirements.

VII. XBRL Requirements

As a reminder for the upcoming Form 10-K season, all Item 106 disclosures must be tagged in Inline XBRL (block text tagging for narrative disclosures and detail tagging for quantitative amounts) beginning one year after the initial compliance date of December 15, 2023, which, for most companies, means starting with their Form 10-K or Form 20-F filed in 2025.

Companies must use the “Cybersecurity Disclosure (CYD)” taxonomy tags within iXBRL to tag these disclosures.[22]  We note that significant judgment will be required to apply these tags.  Not only will companies be required to determine the provision of Item 106 to which each part of the narrative disclosure is responsive, but companies will need to determine which flags to mark as “true” or “false.”  Importantly, there is a flag for “Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]” and, it is our understanding that to properly apply the flag, each company must select “true” or “false.”  Companies that have addressed Item 106(b)(2) by including slightly vague or ambiguous disclosure in Item 1C or by cross-referencing their risk factors will need to carefully consider how they will handle these new tagging requirements.

[1] This alert memo highlights certain disclosure trends based on our review of the 97 surveyed companies.  (As of November 30, 2024, three S&P 100 companies had not yet filed annual reports on Form 10-K for fiscal years ending on or after December 15, 2023.)  Where appropriate, we have grouped together similar responses to disclosure items to enable a comparison among the companies’ disclosures.  For example, where a company provided time qualifiers such as “in the last year,” “in 2023,” or “during the last fiscal year,” we have considered these to be similar data points in our survey of company disclosures.  Percentages may not add up to 100% due to rounding.

[2] Foreign private issuers are required to make similar annual disclosures pursuant to Item 16K of Form 20-F.

[3] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023) (“Adopting Release”) at 60-63.

[4] Companies are wise to be cautious when describing their adherence to cybersecurity frameworks and standards, as underscored by the SEC’s recent enforcement action against SolarWinds Corporation where the SEC charged the company with making a materially misleading statement when it claimed “SolarWinds follows the NIST Cybersecurity Framework” despite internal assessments showing that most NIST controls were not met.  See SEC v. SolarWinds Corp., 1:23-CV-09518 (S.D.N.Y. July 18, 2024), at 11-14.

[5] In counting the companies who disclose where management reports to the board or responsible committee on a regular basis, we have included companies that state that they do this “regularly” (e.g., regularly, “at each regularly scheduled meeting,” etc.), as well as companies who refer to a specific time period (e.g., annually, quarterly, semi-annually, mid-year, etc.).  This does not include where companies use language such as “periodically,” “as appropriate,” “as necessary,” or “as needed.”

[6] Our review of company cybersecurity disclosure was limited to the language included in Item 1C. We have not reviewed other sections of Forms 10-K filed by surveyed companies to determine whether they contain disclosure that can be deemed responsive to Item 106(b)(2).

[7] We have not reviewed the cross-referenced risk factor, or the risk factors section more generally, to determine whether they contain disclosure that can be deemed responsive to Item 106(b)(2).

[8] The language surveyed companies use to disclose how they have been impacted by cybersecurity risks, threat, or incidents is imprecise. For example, some companies specifically discuss the effect of cybersecurity incidents, while others fully track the language of the rule and discuss “risks from cybersecurity threats”.

[9]  On October 28, 2024, ISS announced an update to its ISS QualityScore product to include 12 new factors.  Among these are the following Audit and Risk Oversight factors related to cybersecurity risk management:

  • Question 460. Does the company disclose the role of the management in overseeing information security risks?
  • Question 461. Does the company disclose the role of the board in overseeing information security risks?
  • Question 462. Does the company have a third-party information security risk management program?
  • Question 463. Does the company leverage a third-party assessment of information security risks?
  • Question 464. What is the Data Protection Officer reporting line?

These factors generally align with the disclosure requirements under the rule, and based on our survey results, companies are already addressing Questions 460-463 while preparing their Item 106 disclosures.

[10] Adopting Release, supra note 3, at 81-85.

[11] See SEC Comment Letter to Quarta-Rad, Inc. dated August 1, 2024; SEC Comment Letter to Scientific Industries, Inc. dated June 14, 2024.

[12] See Response Letter from Quarta-Rad, Inc. to the SEC dated August 15, 2024; Response Letter from Scientific Industries, Inc. to the SEC dated July 17, 2024.

[13] See SEC Comment Letter to Wilhelmina International, Inc. dated August 21, 2024 (“SEC Letter to Wilhelmina International”).

[14] See Response Letter from Wilhelmina International, Inc. to the SEC dated September 3, 2024 (“Wilhelmina International Response Letter”).

[15] See SEC Comment Letter to TNF Pharmaceuticals, Inc. dated September 23, 2024 (“SEC Letter to TNF Pharmaceuticals”).  In its comment letter, the Staff noted that the responsive disclosure needed to be in sufficient detail for a reasonable investor to understand.

[16] See Response Letter from TNF Pharmaceuticals, Inc. to the SEC dated September 30, 2024 (“TNF Pharmaceuticals Response Letter”).

[17] See SEC Comment Letter to Blackbaud, Inc. dated August 23, 2024.

[18] See Response Letter from Blackbaud, Inc. to the SEC dated September 3, 2024.

[19] SEC Letter to TNF Pharmaceuticals, supra note 15.

[20] SEC Letter to Wilhelmina International, supra note 13.

[21] Wilhelmina International Response Letter, supra note 14; TNF Pharmaceuticals Response Letter, supra note 16.

[22] See the Cybersecurity Disclosure Taxonomy Guide (September 16, 2024), available at https://www.sec.gov/data-research/standard-taxonomies/operating-companies.


The following Gibson Dunn lawyers assisted in preparing this update: Thomas Kim, Julia Lapitskaya, Michael Titera, Stephenie Gosnell Handler, Alexandria Johnson, Isaac Maycock, and Kayla Jahangiri.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation & Corporate Governance or Privacy, Cybersecurity & Data Innovation practice groups, the authors, or any of the following practice leaders and members:

Securities Regulation & Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Michael Scanlon – Washington, D.C.(+1 202.887.3668, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])

Privacy, Cybersecurity & Data Innovation:
Ahmed Baladi – Co-Chair, Paris (+33 1 56 43 13 00, [email protected])
S. Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, [email protected])
Joel Harrison – Co-Chair, London (+44 20 7071 4289, [email protected])
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, [email protected])
Rosemarie T. Ring – Co-Chair, San Francisco (+1 415.393.8247, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Sophie C. Rohnke – Dallas (+1 214.698.3344, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

This update details the key changes to the ECT in the modernised text and considers what the next chapter of the ECT might look like—including for ECT arbitration.

After 15 rounds of negotiations, on 3 December 2024, the Energy Charter Conference officially approved the “modernised” version of the Energy Charter Treaty (ECT), marking the end of a multi-year reform process.[1]  The modernised ECT is considered to be a “greener” treaty than the original text, expanding protections to technologies likely to play a significant role in the energy transition and explicitly affirming the right of Contracting States to regulate—including in the energy transition, climate change mitigation and adaptation contexts.  In the modernised ECT, Contracting States also reaffirm their commitments under the United Nations Framework Convention on Climate Change (UNFCCC) and the Paris Agreement 2015.

The achievement of modernisation is, however, set against the backdrop of a spate of Contracting Party withdrawals from the ECT in recent years—including by European Union (EU) Member States, as well as the EU and Euratom.  The UK has also recently notified its withdrawal.

This update (i) sets out a brief background to the ECT as well as recent developments, (ii) details the key changes to the ECT in the modernised text, and (iii) considers what the future of the ECT might hold.

Background And Recent Developments

The ECT, established in the early 1990s, provides a multilateral framework for energy cooperation.  The ECT contains certain protections for investments made by investors of one Contracting Party in another Contracting Party and includes recourse to international arbitration where a Contracting Party acts in breach of its investment protection obligations.

Since November 2017, the ECT Contracting States have been engaged in discussions to “modernise” the ECT text, including by further aligning it to the climate change goals in the 2015 Paris Agreement.  An agreement in principle was reached in June 2022,[2] which largely reflected proposed changes put forward by the EU to align the ECT with its European Green Deal policy agenda and the Paris Agreement commitments.[3]

However, the vote on the amendments—initially scheduled for November 2022—was delayed by the EU and its Member States, which disagreed as to whether to proceed with the modernisation process or withdraw from the ECT entirely.  The deadlock was broken when, earlier this year, the European Commission urged EU Member States not to block ECT reform,[4] which was then voted on by the EU Council on 30 May 2024.[5]

As noted above, there have been a spate of withdrawals from EU Member States in recent years.  Italy was the first to submit a notification of withdrawal on 31 December 2014 (effective 1 January 2016)—a decision which followed several arbitrations pursued against it relating to changes to renewable energy regulations.  Other EU Member States then followed suit—Denmark, France, Germany, Ireland, Luxembourg, the Netherlands, Poland, Portugal, Slovenia and Spain—have each since notified the Energy Charter Secretariat of their withdrawal.

The EU and Euratom formally exited the ECT in June 2024, citing its non-compatibility with the EU’s climate goals under the European Green Deal and the Paris Agreement.[6]  The UK deposited its withdrawal notification in February 2024 noting, “the failure of [modernisation] efforts to align it with net zero”.[7]

What Are The Main Changes In The Modernised ECT?

The principal amendments in the modernised ECT are set out in the “Amendments to the Energy Charter Treaty” document and the “Modifications and Changes to Annexes to the Energy Charter Treaty” document, both of the 3 December 2024.[8]  Below are our key takeaways of the modernised text:

Scope Of Protection

  • Extends the definition of “Economic Activity in the Energy Sector”—which is included in the definition of a protected “investment” under the ECT—to cover the capture, utilisation and storage of carbon dioxide (CCUS) in order to decarbonise energy systems.
  • Provides an updated list of the “Energy Materials and Products” (referenced in the definition of “Economic Activity in the Energy Sector”), which excludes products such as oils and other similar products, and fuel woods—but includes certain types of hydrogen and synthetic fuels. [9]
  • For investments made before 3 September 2025, the EU and its Member States (which are Contracting Parties), phase out investment protection of fossil fuel investments over time, but in any event by 31 December 2040 at the latest.[10]

Investor Protection

  • Modifies the definition of “fair and equitable treatment”—the provision most commonly relied on in investor-State arbitration cases pursued under the ECT—into a list format “to increase legal certainty”.
  • Introduces a new standalone State “right to regulate” provision “to reaffirm” this right “in the interest of legitimate public policy objectives” such as protection of the environment, including climate change mitigation and adaptation, protection of public health, safety or public morals.
  • Consistent with that theme, includes a definition of “indirect expropriation” with a list of factors to be considered. The ECT now provides that unless there are “rare circumstances”, non-discriminatory measures that are adopted to protect legitimate policy objectives—including climate change mitigation and adaptation—will not constitute indirect expropriation.
  • Introduces a sustainable development provision in which Contracting Parties reaffirm their respective rights and obligations under multilateral environmental and labour agreements, such as the UNFCCC, the Paris Agreement and fundamental ILO conventions. In this provision, Contracting Parties agree that they “shall encourage” investors to adopt and implement voluntarily guidelines such as the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises.
  • There is also a separate provision (“Climate Change and Clean Energy Transition”) in which the Contracting Parties reaffirm their commitments to “effectively implement” commitments and obligations under the UNFCCC and the Paris Agreement, as well as promote and facilitate trade and investment of relevance for climate change mitigation and adaptation—including, inter alia, “by removing obstacles to trade and investment concerning low carbon energy technologies and services such as renewable energy production capacity, and by adopting policy frameworks conducive to this objective”.

Dispute Resolution

  • Provides that the UNCITRAL Rules on Transparency in Treaty-based Investor-State Arbitration of 2014 will apply to arbitral proceedings in disputes between Investors and Contracting States.
  • Establishes mechanisms for the dismissal of “frivolous” claims; clarifying the limits for valuation of damages suffered by an investor and introducing a costs-follow-the-event presumption.
  • Introduces a requirement for disputing parties to disclose third party funding.
  • Introduces a provision stating that the investor-state arbitration provision in Article 26 does not apply in intra-EU disputes. This follows legal debate that has been ongoing since the judgments of the Court of Justice of the European Union in Achmea in 2018 and Komstroy in 2021.[11]   The 26 EU Member States signed an “ECT Inter Se declaration[12] and initialled an inter se agreement on 25 June 2024, “regarding the non-applicability of ECT arbitration provisions intra-EU” “giving effect to the Komstroy judgment”.[13]

When Will The Modernised Text Apply?

The amendments to the ECT will apply on a provisional basis from 3 September 2025.[14]  However, a Contracting Party may choose to opt out of such provisional application by serving a declaration to this effect before 3 March 2025.

The amendments to the ECT enter into force on the ninetieth day after at least three-fourths of the Contracting States have deposited instruments of ratification, acceptance or approval to the ECT Depositary.[15]  The amendments enter into force between the Contracting States that have ratified, accepted or approved them.[16]

The Start Of A New Chapter?

There has been much discussion over recent years about the potential demise of the ECT, with the spate of withdrawals from EU Member States (as well as the EU and Euratom).

At the same time, with the modernised text there may be renewed support behind the treaty.  Whilst many EU Member States have exited, some have chosen not to unilaterally withdraw (such as Greece and Sweden), and the European Commission has signalled previously that it may grant special authorisations for EU Member States to become parties to the modernised ECT.[17]

In any event, under the sunset provision of the ECT, despite a withdrawal, Contracting States remain bound by their obligations under the treaty for a further 20 years following such withdrawal.  Although EU Member States have reached agreement to disapply the sunset provision within the intra-EU context so that protections cannot be invoked by EU investors against EU Member States, there exists on-going political discussion as to whether inter se disapplication of the sunset provision should be extended outside of that context.  Indeed, the EU Council has called on the EU to work with third States (such as the UK, with has notified the Energy Secretariat of its withdrawal) to disapply the sunset clause.[18]  It remains to be seen how this will play out—and how a future ECT tribunal would interpret the validity and effect of such an agreement to terminate the sunset provision as a matter of public international law.

There also remain many other non-EU Member State Contracting Parties to the ECT (including Azerbaijan, Japan, Kazakhstan, Türkiye and Ukraine).  Investors of these Contracting Parties may want to continue to rely on the ECT’s investment protections when investing in the energy sector of other Contracting States that are party to the ECT.  Investors may also consider structuring or restructuring their corporate operations accordingly.

The treaty remains relevant in other contexts beyond investor-State arbitration too, with a recent State-to-State dispute on-going between Azerbaijan and Armenia relating to an alleged breach by Armenia of Azerbaijan’s sovereign rights over its energy resources under Article 27 as a notable example.

Conclusion

The approval of the modernised text concludes a multi-year reform process, one which has generated considerable public attention.  No doubt there will be further discussion as to whether this is now a treaty that strikes the right balance between protecting energy investments, energy security and the green transition.  Further, legal debate will likely remain for some time (including before ECT tribunals) with respect to the proposed disapplication of the 20-year sunset provision.  With non-EU Contracting Parties still party to the ECT too, it is clear that we have not yet seen the end of ECT arbitration.

If you would like to discuss the above further with Gibson Dunn lawyers, please do not hesitate to reach out to the following members of our team.

[1] Press Release, The Energy Charter Conference Adopts Decisions on the Modernisation of the Energy Charter Treaty, 3 December 2024, here.

[2] See Decision of the Energy Charter Conference, Public Communication explaining the main changes contained in the agreement in principle, 24 June 2022, here.

[3] See European Commission, Agreement in principle reached on Modernised Energy Charter Treaty, 24 June 2022, here.

[4] See Proposal for a COUNCIL DECISION on the position to be taken on behalf of the European Union in the Energy Charter Conference, 1 March 2024, https://data.consilium.europa.eu/doc/document/ST-7234-2024-INIT/en/pdf.

[5] See Press release, Energy Charter Treaty: Council gives final green light to EU’s withdrawal, 30 May 2024, https://www.consilium.europa.eu/en/press/press-releases/2024/05/30/energy-charter-treaty-council-gives-final-green-light-to-eu-s-withdrawal/.

[6] See Press Release, Energy Charter Treaty: EU notifies its withdrawal, 27 June 2024, https://www.consilium.europa.eu/en/press/press-releases/2024/06/27/energy-charter-treaty-eu-notifies-its-withdrawal/.

[7] Press release, UK Departs Energy Charter Treaty, 22 February 2024, https://www.gov.uk/government/news/uk-departs-energy-charter-treaty.

[8] See Decision of the Energy Charter Conference, 3 December 2024, here, and Decision of the Energy Charter Conference, Modifications and Changes to Annexes to the Energy Charter Treaty, 3 December 2024, here.

[9] See Decision of the Energy Charter Conference, Modifications and Changes to Annexes to the Energy Charter Treaty, here. (“Modifications and Changes to Annexes”).  Note that for investments made on or after 3 September 2025, the EU and its Member States (which are Contracting Parties) have agreed—for hydrogen—that only low carbon and renewable hydrogen will be captured within the definition of “Economic Activity in the Energy Sector”, and only low carbon synthetic fuels.  For the UK, it is low carbon hydrogen which meets its “Low Carbon Hydrogen Standard”.

[10] Modifications and Changes to Annexes, Section C(1), cross-referring to Annex EM I 27.01 to 27.15.

[11] See Gibson Dunn Client Alert, Intra-EU Arbitration Under the ECT Is Incompatible with EU Law According to the CJEU in Republic of Moldova v Komstroy, 7 September 2021,  https://www.gibsondunn.com/intra-eu-arbitration-under-the-ect-is-incompatible-with-eu-law-according-to-the-cjeu-in-republic-of-moldova-v-komstroy/.

[12] Declaration on the Legal Consequences of the Judgment of the Court of Justice in Komstroy and Common Understanding on the Non-Applicability of Article 26 of the Energy Charter Treaty as a Basis for Intra-EU Arbitration Proceedings, June 26, 2024, https://energy.ec.europa.eu/publications/declaration-legal-consequences-judgment-court-justice-komstroy-and-common-understanding-non_en.

[13] Press release, Energy Charter Treaty: Member States sign declaration and initial Inter Se agreement clarifying non-applicability of ECT arbitration provisions intra-EU, 26 June 2024, https://diplomatie.belgium.be/en/news/energy-charter-treaty-member-states-sign-declaration-and-initial-inter-se-agreement-clarifying-non-applicability-ect-arbitration-provisions-intra-eu.

[14] This also includes the modifications in Section C of Annex NI and the changes and modifications to other Annexes.

[15] As do the modifications in Section C of Annex NI and the changes and modifications to other Annexes.  The modifications in Sections A and B of Annex NI enter into force on 3 September 2025.

[16] See Press release, Energy Charter Treaty: Council gives final green light to EU’s withdrawal, 30 May 2024, https://www.consilium.europa.eu/en/press/press-releases/2024/05/30/energy-charter-treaty-council-gives-final-green-light-to-eu-s-withdrawal/.

[17] Non-paper from the European Commission Next steps as regards the EU, Euratom and Member States’ membership in the Energy Charter Treaty, https://www.euractiv.com/wp-content/uploads/sites/2/2023/02/Non-paper_ECT_nextsteps.pdf.

[18] Declaration on the Legal Consequences of the Judgment of the Court Of Justice In Komstroy and Common Understanding on the Non-Applicability of Article 26 of the Energy Charter Treaty as a Basis For Intra-Eu Arbitration Proceedings, here.


The following Gibson Dunn lawyers prepared this update: Penny Madden, Charline Yim, Ceyda Knoebel, and Stephanie Collins.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s International Arbitration practice group, or the following authors:

Penny Madden KC – London (+44 20 7071 4226, [email protected])
Charline Yim – New York (+1 212.351.2316, [email protected])
Ceyda Knoebel – London (+44 20 7071 4243, [email protected])
Stephanie Collins – London (+44 20 7071 4216, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

On December 12, 2024, the IRS and Treasury are expected to publish final regulations in the Federal Register on the investment tax credit under section 48 of the Internal Revenue Code of 1986, as amended.  

On December 12, 2024, the IRS and Treasury are expected to publish final regulations (the “Final Regulations”) in the Federal Register on the investment tax credit under section 48 (the “ITC”).[1]  Please see the unpublished version of the Final Regulations here.  The Final Regulations generally adopt the proposed regulations (the “Proposed Regulations”) published in November 2023 (see our earlier alert regarding the Proposed Regulations available here), but include certain modifications and clarifications.[2]

Requirements for Energy Property

Units of Energy Property

The Proposed Regulations made owning a “unit of energy property” a prerequisite to claiming the ITC.[3]  The Final Regulations retain this requirement and also generally retain the definition of a “unit of energy property” as all functionally independent components of energy property that are operated together and can operate apart from other energy properties.  The Final Regulations, however, include some useful adjustments, such as clarifying that the “unit of energy property” for solar property is all the solar panels connected to a common inverter.[4]  The preamble to the Final Regulations clarifies that a large, ground-mounted solar energy facility may comprise one or more “units of energy property.”[5]

Retrofitted Property

Despite significant criticism by commentators, the Final Regulations adopt the rule in the Proposed Regulations providing that modifications or improvements to existing energy property are not eligible for the ITC unless the “80/20 rule” is satisfied.[6]  Importantly, the 80/20 rule applies separately to each “unit of energy property.”

Fractional Interest / Multiple Owners Rule

The Proposed Regulations introduced a new rule providing that a taxpayer must own at least a fractional interest in an entire “unit of energy property” to claim the ITC in respect of any component of that energy property.

Although the IRS and Treasury received many comments criticizing the fractional interest rules in the Proposed Regulations, the Final Regulations retain those rules, with revisions to an example to make clear that a taxpayer that owns components sufficient to comprise “a unit of energy property” may claim the ITC even if another taxpayer owns certain other components of that energy property.[7]

Certain Software

The preamble to the Final Regulations explains that certain software “that optimizes and automates” section 48(a)(3) energy property may be ITC-eligible under the “integral part” eligibility framework of the Final Regulations.

Categories of Energy Property

Energy Storage Technology.  The Final Regulations modify the definitions for some of the ITC-eligible energy storage technologies:

  • Hydrogen storage technology. In response to numerous comments, the IRS and Treasury dropped the requirement of the Proposed Regulations that would have limited ITC-eligible hydrogen storage technology to technology that stores hydrogen for the production of energy.[8]  The preamble to the Final Regulations, however, states that equipment used to store hydrogen carriers (including ammonia and methanol) is not ITC-eligible.[9]
  • “Second life” batteries. The preamble to the Final Regulations makes clear that “second life” battery components are not considered new components for purposes of applying the 80/20 rule.[10]

Qualified Biogas Property.  The IRS and Treasury received numerous comments regarding the definition of qualified biogas property.  In response, the Final Regulations modify certain aspects of the definition, including by expressly providing that gas upgrading equipment and anaerobic digesters constitute qualified biogas property.

In addition, the Final Regulations confirm that integral parts of qualified biogas property include waste feedstock collection systems, landfill gas collection systems, and mixing and pumping equipment.[11]  Moreover, under the Final Regulations, methane content is measured when the biogas exits the qualified biogas property, whereas under the Proposed Regulations methane content would have been measured at an earlier point in the production process (i.e., when the gas exited the biogas production system).[12]  The Final Regulations implemented this change with respect to the measurement point of methane in response to comments on the Proposed Regulations.  The preamble to the Final Regulations indicates that this change places the measurement point after the gas has passed through the cleaning and conditioning and/or gas upgrading equipment and that, as a result of this change, this measurement point is more consistent with the “sale or productive use” requirement applicable to qualified biogas property under the Code.[13]  The Final Regulations also permit limited flaring of gas as long as the primary purpose of the qualified biogas property is the sale or productive use of biogas and all flaring complies with relevant Federal, State, regional, Tribal, and local laws and regulations.[14]

“Energy Project” for PWA, Domestic Content, and Energy Community Rules

As background (and refresh), under the Code, bonus ITC amounts are available for projects that satisfy “domestic content” and/or “energy community” requirements (see our prior alerts on “domestic content” here and here and our prior alert on “energy community” requirements here).

To be eligible for the full base ITC and full bonus credit amounts under the Code, taxpayers must satisfy the prevailing wage and apprenticeship requirements (“PWA Requirements”) (see our prior alerts here and here).  Satisfaction of the PWA Requirements and qualification for the “domestic content” and “energy community” bonus credit amounts is tested, per the Code, at the level of an “energy project.”

The Final Regulations maintain the bright-line rule approach of the Proposed Regulations for purposes of determining whether multiple “energy properties” constitute a single “energy project” for these purposes, with certain modifications.

The Proposed Regulations would have required that, in addition to the multiple energy properties being owned by a taxpayer (including certain related parties), at least two of seven enumerated factors must be present.  The Final Regulations raised the threshold to require the presence of at least four of those factors,[15] with the result that fewer energy properties will be aggregated into a single “energy project” for purposes of the PWA requirements, the “domestic content” requirements, and the “energy community” requirements.

The Final Regulations also liberalized the time for determining whether multiple energy properties satisfy the relevant criteria.  Specifically, under the Final Regulations, the taxpayer may choose to make the determination at any time during construction of the multiple energy properties or during the taxable year in which the final energy property comprising the energy project is placed in service.[16]

Commentary

  • The bright-line nature of the single “energy project” rules will continue to provide helpful certainty.
  • The increase in the number of single project factors that must be satisfied (from two to four), along with the added flexibility in the timing of the single project determination, will help reduce the risk that multiple energy properties might inadvertently be grouped as a single project (e.g., because they were built pursuant to the same construction contract or financed pursuant to the same financing agreement).
  • The new rule making certain software ITC-eligible is welcome, although the reason given for declining to extend the rule to PTC projects that elect the ITC (i.e., that those projects are subject to a “tangible property” requirement) is confusing and may suggest that the same software will not be eligible under the section 48E technology-neutral investment tax credit (discussed in our previous alert available here).

[1] Unless indicated otherwise, all “section” references are references to the Internal Revenue Code of 1986, as amended (the “Code”), and all “Treas. Reg. §” are to the Treasury regulations promulgated under the Code, each as in effect as of the date of this alert.

[2] The IRS and Treasury issued corrections to the Proposed Regulations on January 12, 2024, which are available here, and on February 22, 2024, which are available here.

[3] Because the ITC-eligibility of an “integral part” or qualified interconnection property is dependent on a taxpayer also owning energy property (that independently qualifies for the ITC and that operates in connection with that integral part or qualified interconnection property), a taxpayer that only owns, and incurred costs with respect to, an integral part or qualified interconnection property (and not energy property that operates in connection with that integral part or qualified interconnection property and that separately qualifies for the ITC) is not entitled to claim any ITC in respect of that integral part or that qualified interconnection property.

[4] Treas. Reg. § 1.48-9(f)(5)(i).

[5] The Final Regulations make clear that power conditioning and transfer equipment are not part of the “unit of energy property,” but that they are ITC-eligible as integral parts.

[6] Treas. Reg. §§ 1.48-14(a)(2) and 1.48-14(a)(3)(iii).  Under the “80/20 rule,” property generally may be treated as originally placed in service even if it contains some items of used property, but only if the fair market value of the used property is not more than 20 percent of the total value of the relevant property.  Because of this low thresholder for used property, a taxpayer generally needs to undertake substantial retrofitting of energy property to meet this rule.

[7] Treas. Reg. § 1.48-14(e)(4)(ii).

[8] T.D. 10015 (2024), Preamble.  The Final Regulations also clarify that hydrogen liquefaction equipment and gathering and distribution lines within a hydrogen energy storage property are property that is integral part of hydrogen energy storage property.

[9] T.D. 10015 (2024), Preamble.  The preamble to the Final Regulations also references a comment requesting that the Final Regulations confirm equipment used to process hydrogen into ammonia, methanol, and other carriers is hydrogen energy storage property, but neither the preamble nor the Final Regulations directly respond to the comment.

[10] T.D. 10015 (2024), Preamble.

[11] Treas. Reg. § 1.48-9(e)(11)(i).

[12] Compare Treas. Reg. § 1.48-9(e)(11)(ii) with Proposed Treas. Reg. § 1.48-9(e)(11)(ii).

[13] Section 48(c)(7)(A)(ii).

[14] Treas. Reg. § 1.48-9(e)(11)(iii).

[15] Compare Treas. Reg. § 1.48-13(d)(1) with Proposed Treas. Reg. § 1.48-13(d)(1).

[16] Treas. Reg. § 1.48-13(d)(2).  The Preamble states that multiple energy properties comprising a single project do not need to be the same type of energy property.  For example, an energy storage property and a generation property may be treated as a single energy project.


The following Gibson Dunn lawyers prepared this update: Michael Cannon, Matt Donnelly, Josiah Bethards, Emily Leduc Gagné*, Kamia Williams*, and Jason Zhang*.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Tax, Cleantech, or Power and Renewables practice groups, or the following authors:

Tax:
Michael Q. Cannon – Dallas (+1 214.698.3232, [email protected])
Matt Donnelly – Washington, D.C. (+1 202.887.3567, [email protected])
Josiah Bethards – Dallas (+1 214.698.3354, [email protected])

Cleantech:
John T. Gaffney – New York (+1 212.351.2626, [email protected])
Daniel S. Alterbaum – New York (+1 212.351.4084, [email protected])
Adam Whitehouse – Houston (+1 346.718.6696, [email protected])

Energy, Regulation and Litigation:
William R. Hollaway – Washington, D.C. (+1 202.955.8592, [email protected])
Tory Lauterbach – Washington, D.C. (+1 202.955.8519, [email protected])

Power and Renewables:
Peter J. Hanlon – New York (+1 212.351.2425, [email protected])
Nicholas H. Politan, Jr. – New York (+1 212.351.2616, [email protected])

*Emily Leduc Gagné, an associate in New York, is admitted to practice in Canada. Kamia Williams and Jason Zhang, associates in Los Angeles and New York respectively, are not yet admitted to practice.

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

On December 6, 2024, Judge Richard Bennett of the U.S. District Court for the District of Maryland issued a decision following a bench trial in Students for Fair Admissions v. U.S. Naval Academy, No. 1:23-cv-02699 (D. Md. 2023). Students for Fair Admissions (“SFFA”) filed suit against the Naval Academy on October 5, 2023, claiming that the Academy’s consideration of race in its admissions process violates equal protection guarantees. After a year of discovery, the dispute proceeded to a nine-day trial in September 2024, during which SFFA argued that the Academy’s consideration of race in its admissions process violated the Constitution because it was not narrowly tailored to achieve a compelling government interest. The Academy countered that its consideration of race is necessary to achieve a diverse officer corps, which furthers a compelling government interest in national security.

In a 175-page decision issued on Friday, Judge Bennett found that the Academy’s admissions process withstands the strict scrutiny mandated by Students for Fair Admissions v. President & Fellows of Harvard College, 600 U.S. 181 (2023) (“Harvard”), and entered judgment in favor of the Academy.[1]

The court concluded that the Academy “established a compelling national security interest in a diverse officer corps.”[2] Specifically, the court agreed with the Academy that its race-conscious admissions policies “serve a compelling interest in national security by improving the Navy and Marine Corps’ unit cohesion and lethality, recruitment and retention, and domestic and international legitimacy.”[3] Recognizing long-standing precedent of judicial deference to congressional choice and to the Executive’s decisions relating to the military, the court deferred to the Academy’s “military judgments of a compelling national security interest.”[4]

Judge Bennett determined that the Academy’s admissions program is narrowly tailored to meet the compelling national security interest. The court held that the Academy had “proved measurable increases in the racial diversity of the Navy and Marine officer corps over the last twenty years,” and that the “numbers prove that the Naval Academy’s consideration of race in admissions has furthered the Government’s national security interests in a diverse Navy and Marine corps.”[5]

The court also held that, consistent with the Supreme Court’s decisions in both Harvard and Grutter v. Bollinger, 539 U.S. 306, 334 (2003), the Academy evaluates candidates using a “holistic approach,” and “does not employ quotas, admit candidates based solely on their race or ethnicity, or place minority candidates on separate admissions tracks.”[6] When race is considered, “it is one of many nondeterminative factors the Naval Academy evaluates.”[7] Similarly, the court determined that the Academy does not use race as a negative or stereotype, in part because Naval Academy admissions are not “zero sum” like civilian college admissions, but rather are “much more complex” and “subject to several statutory restraints” such that “each candidate’s admission to the Naval Academy is inherently intertwined with others’.”[8]

In Harvard, the Supreme Court noted that Harvard’s race-based admissions process lacked a logical end point, which is a requirement imposed by Grutter for race-conscious admissions practices at civilian universities. Here, the court noted that “[i]n its national security jurisprudence, the Supreme Court has suggested that measures restricting constitutional rights or utilizing racial classifications must be temporary, but it has stopped short of requiring an identified ‘logical end point’ for such measures.”[9] As such, Judge Bennett held that the Academy was not required to identify a specific end point to its use of race in its admissions process, and that the Academy had demonstrated that its race-conscious admissions process was properly time-bound because it had shown that “race-conscious admissions will terminate when the incoming classes of midshipmen enable [the Academy] to develop a Navy and Marine officer corps that better represents racial and ethnic diversity among enlisted servicemembers and the American population.”[10]

Finally, the court held that the Academy had shown that the use of race is necessary to achieve the compelling national security interests because the decrease in Black and Hispanic candidates absent race-conscious admissions would have resulted in a more than 50% decrease in the number of Black officers and a 17% decrease in the number of Hispanic officers entering the officer corps via the Naval Academy in 2023.[11] Further, the court determined that the Academy had properly considered race-neutral alternatives (including giving additional points and consideration to candidates with adversity or hardship experiences, disadvantaged socioeconomic backgrounds, and first-generation college status, among others), but that these alternatives did not further the Academy’s compelling national security interest “about as well” as race-conscious admissions policies.[12]

Holding that the Academy’s admissions program withstands the strict scrutiny mandated by Harvard, the court entered judgment in favor of the Academy. In a statement issued following the decision, Edward Blum, the leader of SFFA, said that the “organization is disappointed by the Court’s opinion. But just as we did in our successful lawsuits against Harvard and the University of North Carolina, SFFA will appeal this to the appellate court. If we are unsuccessful there, then we will appeal to the U.S. Supreme Court.” SFFA has already filed a notice of appeal to the Fourth Circuit Court of Appeals.

SFFA filed a similar suit against the U.S. Military Academy at West Point in September 2023. Students for Fair Admissions v. U.S. Military Academy at West Point, No. 7:23-cv-08262 (S.D.N.Y. 2023). After the court denied SFFA’s request for a preliminary injunction, SFFA filed an interlocutory appeal to the Second Circuit, and also sought an injunction pending appeal from the U.S. Supreme Court. The Supreme Court refused to consider the application, and the parties stipulated to withdraw the appeal in the Second Circuit. SFFA filed an amended complaint in the district court, and the parties are engaged in discovery.

_________________

[1] Findings of Fact and Conclusions of Law, Students for Fair Admissions v. U.S. Naval Academy, No. 1:23-cv-02699 (D. Md. Dec. 6, 2024) at 175.

[2] Id. at 133.

[3] Id.

[4] Id.

[5] Id. at 151-52.

[6] Id. at 156.

[7] Id. at 158.

[8] Id. at 160-61.

[9] Id. at 165.

[10] Id. at 166.

[11] Id. at 168-69.

[12] Id. at 171-72.


The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Matt Gregory, Zoë Klein, Cate McCaffrey, Jenna Voronov, Emma Eisendrath, Felicia Reyes, Allonna Nordhavn, Janice Jiang, Laura Wang, Maya Jeyendran, Kristen Durkan, Ashley Wilson, Lauren Meyer, Kameron Mitchell, Chelsea Clayton, Albert Le, Emma Wexler, Heather Skrabak, and Godard Solomon.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, [email protected])

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, [email protected])

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, [email protected])

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, [email protected])

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, [email protected])

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

On December 5, 2024, the Department of Justice filed a notice of appeal of a recent court ruling that preliminarily enjoined enforcement of the Corporate Transparency Act (CTA) on constitutional grounds. The U.S. Financial Crimes Enforcement Network (FinCEN) also posted a statement to its website regarding the court’s ruling and the appeal.

This update briefly describes the appeal, the FinCEN statement, and what they mean for CTA compliance moving forward. FinCEN’s statement notes the appeal, confirms that FinCEN will comply with the court’s ruling (meaning that companies are not subject to liability for failing to file beneficial ownership information (BOI) reports while the ruling is in effect), and states that companies can continue to submit BOI reports voluntarily.[1]

The CTA, enacted in 2021, requires corporations, limited liability companies, and certain other entities created (or, as to non-U.S. entities, registered to do business) in any U.S. state or tribal jurisdiction to file a BOI report with FinCEN identifying, among other information, the natural persons who are beneficial owners of the entity.[2] A regulation, the Reporting Rule, helps implement the CTA by specifying compliance deadlines—including a January 1, 2025 deadline for companies created or registered to do business in the United States before January 1, 2024—and detailing what information must be reported to FinCEN.[3]

The December 3, 2024 Ruling

On December 3, 2024, in ruling on a lawsuit challenging the constitutionality of the CTA and Reporting Rule on various grounds, Judge Amos L. Mazzant of the U.S. District Court for the Eastern District of Texas granted plaintiffs’ motion for a preliminary injunction.[4] Unlike another court that had held the CTA unconstitutional,[5] Judge Mazzant preliminarily enjoined enforcement of the CTA and Reporting Rule nationwide.[6] Moreover, the court invoked its power under the Administrative Procedure Act’s stay provision, 5 U.S.C. § 705, to “postpone the effective date of” the Reporting Rule.[7]

Government’s Response

On December 5, the Department of Justice, on behalf of the Department of the Treasury, filed a notice of appeal from the court’s opinion and order to the U.S. Court of Appeals for the Fifth Circuit.[8]

FinCEN also posted a statement to its website.[9]  In sum, FinCEN noted that, because of the court’s order, “reporting companies are not currently required to file their beneficial ownership information with FinCEN and will not be subject to liability if they fail to do so while the preliminary injunction remains in effect. Nevertheless, reporting companies may continue to voluntarily submit beneficial ownership information reports.”  FinCEN also noted the appeal filed by the Department of Justice.

What the Appeal and Statement Mean for Entities Subject to the CTA

As we previously described,[10] given the possibility of either the Fifth Circuit or the Supreme Court staying the district court’s order pending appeal, reporting entities’ legal obligations are subject to change on short notice.  If either the Fifth Circuit or Supreme Court stay the district court’s order pending appeal, the Reporting Rule will become enforceable again, though FinCEN may adjust the rule’s deadlines depending on how long the district court’s order remains in effect. It also remains to be seen whether the incoming administration will continue to defend the constitutionality of the CTA or not, although, as a general rule, the Department of Justice typically defends the constitutionality of federal statutes regardless of administration.

Entities that believe they may be subject to the Reporting Rule should closely monitor this matter, and consult with their CTA advisors as necessary, to understand when, if at all, they need to comply with the Reporting Rule’s requirements and to allow for sufficient lead time to prepare BOI reports in advance of any filing deadline that may be re-established (with or without adjustment) in the future.

[1]  A prior alert by Gibson Dunn explaining the court’s ruling is available at https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwide/.

[2] See William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, Div. F., § 6403 (adding 31 U.S.C. § 5336).  Prior alerts by Gibson Dunn explaining the Corporate Transparency Act are available at: https://www.gibsondunn.com/top-12-developments-in-anti-money-laundering-enforcement-in-2023https://www.gibsondunn.com/the-impact-of-fincens-beneficial-ownership-regulation-on-investment-fundshttps://www.gibsondunn.com/the-corporate-transparency-act-reminders-and-key-updates-including-fincen-october-3-faqs.

[3] 31 C.F.R. § 1010.380.

[4] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[5] Nat’l Small Business United v. Yellen, 721 F. Supp. 3d 1260 (N.D. Ala. 2024); see https://www.gibsondunn.com/corporate-transparency-act-declared-unconstitutional-what-it-means-for-you.

[6] Id. at 77.

[7] Id. at 78.

[8]  Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkts. 32, 34.

[9]  https://fincen.gov/boi.

[10] Supra https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwide/.


The following Gibson Dunn lawyers assisted in preparing this update: Kevin Bettsteller, Stephanie Brooker, Matt Gregory, Justin Newman, Dave Ware, Sam Raymond, Chris Jones, and Connor Mui.

Gibson Dunn has deep experience with issues relating to the Bank Secrecy Act, the Corporate Transparency Act, other AML and sanctions laws and regulations, and challenges to Congressional statutes and administrative regulations.

For assistance navigating white collar or regulatory enforcement issues, please contact the authors, the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s Anti-Money Laundering, Administrative Law & Regulatory, Investment Funds, Real Estate, or White Collar Defense & Investigations practice groups.

Please also feel free to contact any of the following practice group leaders and members and key CTA contacts:

Anti-Money Laundering:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
M. Kendall Day – Washington, D.C. (+1 202.955.8220, [email protected])
David Ware – Washington, D.C. (+1 202-887-3652, [email protected])
Ella Capone – Washington, D.C. (+1 202.887.3511, [email protected])
Sam Raymond – New York (+1 212.351.2499, [email protected])
Chris Jones – Los Angeles (+1 213.229.7786, [email protected])

Administrative Law and Regulatory:
Stuart F. Delery – Washington, D.C. (+1 202.955.8515, [email protected])
Eugene Scalia – Washington, D.C. (+1 202.955.8673, [email protected])
Helgi C. Walker – Washington, D.C. (+1 202.887.3599, [email protected])
Matt Gregory – Washington, D.C. (+1 202.887.3635, [email protected])

Investment Funds:
Kevin Bettsteller – Los Angeles (+1 310.552.8566, [email protected])
Shannon Errico – New York (+1 212.351.2448, [email protected])
Greg Merz – Washington, D.C. (+1 202.887.3637, [email protected])

Real Estate:
Eric M. Feuerstein – New York (+1 212.351.2323, [email protected])
Jesse Sharf – Los Angeles (+1 310.552.8512, [email protected])
Lesley V. Davis – Orange County (+1 949.451.3848, [email protected])
Anna Korbakis – Orange County (+1 949.451.3808, [email protected])

White Collar Defense and Investigations:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
Winston Y. Chan – San Francisco (+1 415.393.8362, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
F. Joseph Warin – Washington, D.C. (+1 202.887.3609, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

From the Derivatives Practice Group: The CFTC released fiscal year 2024 enforcement results this week, touting record monetary relief of over $17.1 billion.

New Developments

  • CFTC Staff Issues Advisory Related to the Use of Artificial Intelligence by CFTC-Registered Entities and Registrants. On December 5, the CFTC’s Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants issued a staff advisory on the use of artificial intelligence in CFTC-regulated markets by registered entities and registrants. The advisory is intended to remind CFTC-regulated entities of their obligations under the Commodity Exchange Act and the CFTC’s regulations as these entities begin to implement AI. CFTC staff noted that it is closely tracking the development of AI technology and AI’s potential benefits and risks and that it values its ongoing dialogue with CFTC-regulated entities and intends to monitor these entities’ use of AI as part of the agency’s routine oversight activities. According to the CFTC, the advisory is informed, in part, by public comments received in response to the staff’s January 25, 2024 Request for Comment on AI. [NEW]
  • CFTC Releases FY 2024 Enforcement Results. On December 4, the CFTC announced record monetary relief of over $17.1 billion for fiscal year 2024. With the resolution of digital asset cases that resulted in the agency’s largest recovery ever, this record amount included $2.6 billion in civil monetary penalties and $14.5 billion in disgorgement and restitution. In FY 2024, the agency brought 58 new actions including, in the CFTC’s words, precedent-setting digital asset commodities cases, its first actions addressing fraud in voluntary carbon credit markets, complex manipulation cases in various markets, and significant compliance cases – including its largest compliance case ever. The CFTC also said that it continued to vigorously litigate pending actions, resulting in significant litigation victories and recoveries. [NEW]
  • Commissioner Johnson Announces CFTC Market Risk Advisory Committee Meeting on December 10. On November 26, CFTC Commissioner Kristin N. Johnson, sponsor of the Market Risk Advisory Committee (“MRAC”) announced that the MRAC will hold a public meeting on Tuesday, Dec. 10, from 9:30 a.m. to 12:30 p.m. (EDT) at the CFTC’s Washington, D.C., headquarters. At the meeting, the MRAC will discuss current topics and developments in the areas of central counterparty risk and governance, market structure, climate-related risk, and innovative and emerging technologies affecting the derivatives and related financial markets. [NEW]
  • SEC Chair Gensler to Depart Agency on January 20. On November 21, the Securities and Exchange Commission (the “SEC”) announced that its 33rd Chair, Gary Gensler, will step down from the Commission effective at 12:00 pm on January 20, 2025.
  • CFTC’s Global Markets Advisory Committee Advances Recommendation on Tokenized Non-Cash Collateral. On November 21, the CFTC’s Global Markets Advisory Committee (the “GMAC”), sponsored by Commissioner Caroline D. Pham, advanced a recommendation to expand the use of non-cash collateral through the use of distributed ledger technology. The GMAC’s Digital Asset Markets Subcommittee also presented on the progress of its Utility Tokens workstream. The recommendation by the GMAC’s Digital Asset Markets Subcommittee was approved without objection, marking the 14th GMAC recommendation advanced to the CFTC in the last 12 months, the most of any advisory committee ever in the same timeframe. The CFTC said that the recommendation provides a legal and regulatory framework for how market participants can apply their existing policies, procedures, practices, and processes to support use of DLT for non-cash collateral in a manner consistent with margin requirements.

New Developments Outside the U.S.

  • IOSCO Publishes Final Report on Regulatory Implications and Good Practices on the Evolution of Market Structures. On November 29, IOSCO published its Final Report on the Evolution in the Operation, Governance, and Business Models of Exchanges. According to IOSCO, the Final Report addresses significant changes in exchange business models and market structures, highlighting the impact of increased competition, technological advancements, and cross-border activity on exchanges. Additionally, it outlines a set of six good practices for regulators to consider in the supervision of exchanges that cover three key areas: (1) Organization of Exchanges and Exchange Groups (2) Supervision of Exchanges and Trading Venues within Exchange Groups and (3) Supervision of Multinational Exchange Groups. [NEW]
  • BoE Publishes Report on Its System-Wide Exploratory Scenario Exercise and Stress Test Results for UK CCPs. On November 29, the Bank of England (“BoE”) published a final report on its system-wide exploratory scenario (“SWES”) and the results of its 2024 supervisory stress test of UK central counterparties (“CCPs”). As part of the SWES exercise, 50 participating firms, including banks, insurers, pension schemes, hedge funds, asset managers and CCPs, had to assess how they would be impacted by a hypothetical stress scenario, including severe but plausible shocks to a wide range of market prices and indicators over 10 business days, including moves similar to those seen during the UK gilt market crisis in 2022 and the 2020 dash for cash. BoE noted key observations, including (1) the simulated market shocks generated significant liquidity needs for non-bank financial intermediaries, (2) financial participants’ collective actions amplify the initial shock, (3) the gilt repo market was central in helping to absorb the shock, but its capacity in times of stress remains limited, (4) the exercise confirms the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and (5) there were material differences between firms’ and CCPs’ expectations on projections of initial margin increases, with banks and non-bank financial intermediaries generally overestimating changes in CCP initial margin. The BoE indicated that its supervisory stress test of UK CCPs also confirmed the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and indicated (1) CCPs were found to experience greater mutualized losses in this exercise compared to previous ones, (2) the ability of clients of defaulting members to port positions has a material impact on the credit stress test results and (3) the exercise also considered the cost of liquidating concentrated positions held by defaulters, with results showing that including concentration costs (assuming no porting) can have a material impact on the depletion of resources. [NEW]
  • IOSCO Publishes Report on Principles for Regulation of Commodity Derivatives. On November 25, IOSCO published Targeted Implementation Review on Principles for the Regulation and Supervision of Commodity Derivatives Markets. According to IOSCO, the report was initiated in response to heightened volatility in commodity markets to assess the implementation of principles 9 (OTC transparency), 12 (authority to obtain information), 14 (large positions), 15 (intervention powers in the market) and 16 (unexpected disruptions in the market). In the report, IOSCO recommends that its members should promote international consistency and cooperation in regulating commodity derivatives markets, ensure that exchanges and regulators can access and consolidate data in relation to large positions from on-exchange and OTC trades. They should also balance risk management and price discovery when applying market control measures and improve communication between authorities in times of crises, the report recommends. [NEW]
  • ESMA Announces Further Guidance on Exclusion Criteria for the Selection of Consolidated Tape Providers. On November 25, ESMA clarified details for some of the documents that future applicants will be expected to provide when participating in the selection process for Consolidated Tapes Providers (“CTPs”). During the first stage of the selection procedure, the exclusion criteria will be used to assess if applicants can be invited to submit their applications in the second stage of the procedure. ESMA will require specific documentation from applicants, including a declaration of honor and valid evidence on exclusion criteria. ESMA’s publication includes an indicative overview of the relevant certificates issued in each EU Member State for such evidence. [NEW]
  • ESMA Responds to the European Commission Consultation on Non-Bank Financial Intermediation. On November 22, ESMA sent its response to the European Commission consultation on assessing the adequacy of macroprudential policies for Non-Bank Financial Intermediation (“NBFI”). In its response, ESMA makes key proposals in several areas, including liquidity management, money market fund regulation, supervision and data, and coordination between competent authorities. [NEW]
  • IOSCO Publishes Consultation Report on Pre-Hedging. On November 21, IOSCO published a Consultation Report inviting feedback on its recommendations relating to pre-hedging practices. The Consultation Report offers a definition of pre-hedging and proposes a set of recommendations intended to guide regulators in determining acceptable pre-hedging practices and managing the associated conduct risks effectively.
  • The ESAs Publish Joint Guidelines on the System for the Exchange of Information Relevant to Fit and Proper Assessments. On November 20, the European Supervisory Authorities (the “ESAs”) announced the development of an ESAs F&P Information System with the purpose of enhancing information exchange between supervisory authorities within the European Union (“EU”) and across different parts of the financial sector. The Joint Guidelines aim to clarify its use and how data can be exchanged. The Joint Guidelines are intended to ensure consistent and effective supervisory practices within the European System of Financial Supervision (“ESFS”) and facilitate information exchange between supervisors. They apply to competent authorities within the ESFS and focus on two main areas: use of the F&P Information System and information exchange and cooperation between the competent authorities when conducting fitness and propriety assessments.
  • Active Account Requirement – ESMA is Seeking First Input Under EMIR 3. On November 20, the European Securities and Markets Authority (“ESMA”) published a Consultation Paper on the conditions of the Active Account Requirement (“AAR”) following the review of the European Market Infrastructure Regulation (“EMIR 3”). The amending Regulation introduces a new requirement for EU counterparties active in certain derivatives to hold an operational and representative active account at a CCP authorized to offer services and activities in the EU. ESMA is seeking stakeholder input on several key aspects of the AAR, including: the three operational conditions to ensure that the clearing account is effectively active and functional, including stress-testing; the representativeness obligation for the most active counterparties; and reporting requirements to assess their compliance with the AAR. ESMA indicated that it will consider the feedback received to this consultation by January 27, 2025 and aims to submit the final draft regulatory technical standards to the European Commission within six months following the entry into force of EMIR 3. ESMA will organize a public hearing on January 20, 2025.
  • ESMA Proposes to Move to T+1 by October 2027. On November 18, ESMA published its Final Report on the assessment of shortening the settlement cycle in the EU. The report highlights that increased efficiency and resilience of post-trade processes that should be prompted by a move to T+1 would facilitate achieving the objective of further promoting settlement efficiency in the EU, contributing to market integration and to the Savings and Investment Union objectives. ESMA recommended that the migration to T+1 occurs simultaneously across all relevant instruments and that it is achieved in Q4 2027. Specifically, ESMA recommended October 11, 2027 as the optimal date for the transition and suggested following a coordinated approach with other jurisdictions in Europe.

New Industry-Led Developments

  • ISDA Response to European Commission’s Consultation on Macroprudential Policies for NBFIs. On November 21, ISDA responded to the European Commission’s consultation on assessing the adequacy of macroprudential policies for NFBI. In the response, ISDA covers a range of key topics, including the need to consider the diversity of the NBFI sector, possible solutions to challenges in meeting collateral requirements, the importance of bank intermediation capacity, the need for deep and liquid core funding markets, enhanced data sharing among regulators and the vital role played by non-cleared derivatives markets, especially in times of stress. [NEW]
  • ISDA Letter to FASB on Hedge Accounting Improvements. On November 25, ISDA submitted a comment letter to the Financial Accounting Standards Board (“FASB”) in response to its exposure draft (ED) on File Reference No. 2024-ED200, Derivatives and Hedging (Topic 815) – Hedge Accounting Improvements. In the comment letter, ISDA explains it supports the FASB’s proposals in the ED and believes the ED achieves the FASB’s objective of improving the application and relevance of the derivatives and hedging guidance[NEW]

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus  – New York (212.351.3869,  [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

This update addresses some of the most common questions clients have about DOGE and discusses how DOGE might be structured, its proposed objectives and legal barriers to achieving those objectives, and its potential authorities and mechanisms for action.

President-elect Trump has tasked an entity he has dubbed the Department of Government Efficiency (DOGE) with making good on his campaign promises of cutting government spending and reducing regulatory burdens.  How DOGE, led by Elon Musk and Vivek Ramaswamy, will accomplish these mandates has raised many questions for our clients.  DOGE’s structure, composition, authorities, sources of funding, objectives, and internal processes remain unknown, as does how DOGE’s agenda will affect clients who must comply with potentially changing regulations.  This Alert addresses some of the most common questions clients have about DOGE, including how DOGE might be structured, its proposed objectives and legal obstacles to achieving those objectives, and its potential authorities and mechanisms for action.

I.  What is DOGE?

As of now, DOGE’s structure remains unclear.  President-elect Trump has stated that DOGE will operate “outside the government.”[1]  Based on its proposed function and precedent, it most likely will be a federal advisory committee (FAC) subject to the requirements of the Federal Advisory Committee Act (FACA).  President Reagan’s Private Sector Survey on Cost Control (known as the Grace Commission) and President Obama’s National Commission on Fiscal Responsibility and Reform (known as the Simpson-Bowles Commission) are DOGE’s nearest analogues, and both operated as FACs.  It is possible, however, that DOGE also may try to operate as an independent, non-governmental organization.  DOGE’s status will determine the restrictions and requirements that will apply to it and its members.

A.  What is a Federal Advisory Committee?

If DOGE is a FAC, it will be subject to the various recordkeeping, disclosure, and conflicts requirements of FACA.  The statute provides a formal process for establishing, operating, overseeing, and terminating bodies that advise the president or an executive branch agency.  Under the statute, a FAC is any “committee, board, commission, council, conference, panel, task force, or other similar group” that (1) includes at least one non-governmental member; (2) is “established or utilized to obtain advice or recommendations for the President or one or more agencies or officers of the Federal Government”; and (3) “established or utilized by the President; or . . . established or utilized by one or more agencies.”[2]

Whether DOGE is classified as a FAC will depend on its structure and operations.  The president or an agency typically will establish FACs by an order that describes the function of the FAC, its composition, and its administration.[3]  Even if a president or agency does not declare an entity to be a FAC, however, courts can rule that an entity is a FAC if it performs the functions of a FAC and enjoin its activities unless and until it complies with FACA.[4]

To courts, an “important factor” will be whether DOGE has “an organized structure, a fixed membership, and a specific purpose.”[5]  Additionally, to the extent DOGE “render[s] advice as a group, and not as a collection of individuals,” courts may be more inclined to classify DOGE as a FAC.[6]

Even if DOGE were otherwise a FAC, the Trump administration or DOGE itself may conclude, as some scholars have, that FACA is unconstitutional in whole or in part because the president has “inherent power to seek the views of outside advisers” under the Vesting and Recommendation Clauses of the Constitution.[7]  Then-Deputy Attorney General Antonin Scalia supported a version of this argument in 1974,[8] but courts have generally avoided addressing the argument to date.[9]  Whether a court would agree with that position is unclear.

B.  What would be the implications if DOGE is a FAC?

If DOGE is classified as a FAC, it presumably will have to comply with FACA’s transparency and conflict of interest requirements.  FACA requires presidential advisory committees (i.e., FACs that advise presidents) to file a charter outlining the committee’s objectives and duties with the General Services Administrator, open most committee meetings to the public, and make their records available under the Freedom of Information Act.[10]  Additionally, any directive establishing a FAC must include “appropriate provisions” to ensure the FAC’s advice “will not be inappropriately influenced by the appointing authority or by any special interest.”[11]  Thus far, no definitive authority exists regarding what FAC procedures comply with FACA’s inappropriate influence requirement.  Further, the viewpoints of FAC members must be “fairly balanced.”[12]

i.  How could FACA requirements be enforced?

Although some courts have held that FACA does not create a cause of action, plaintiffs may be able to challenge DOGE’s compliance with FACA and related laws in at least three other ways.[13]  First, at least one court has assumed that FACs are subject to the Mandamus Act.[14]  The Mandamus Act creates subject-matter jurisdiction over any action to “compel an officer or employee of the United States or any agency thereof to perform a duty owed to the plaintiff.”[15]  Second, although some courts have held that FACs are not agencies that can be sued under the Administrative Procedure Act (APA), they have allowed suits against the convening agency for a FAC’s failure to comply with FACA.[16]  Third, some courts have allowed suits to proceed directly against FACs under the Freedom of Information Act.[17]

ii.  What authorities would DOGE have if it is a FAC?

As the term implies, federal advisory committees are meant to provide advice to the president and federal agencies.  In FACA’s findings, Congress specifically stated that the “function of advisory committees should be advisory only, and all matters under their consideration should be determined, in accordance with law, by the official, agency, or officer involved.”[18]  That said, the statute also provides that “advisory committees shall be utilized solely for advisory functions” “[u]nless otherwise specifically provided by statute or Presidential directive.[19]

Thus, if DOGE is a FAC, we anticipate that it will advise the president and agencies, and it is possible that Trump will try to authorize DOGE to carry out some of its recommendations—although we have seen no precedent for this, and Trump would have to overcome several legal obstacles to do so.  For example, statutes often provide that only agency heads can modify regulations,[20] and any exercise of “significant authority” could raise constitutional questions about whether Musk and Ramaswamy are invalidly appointed officers of the United States.[21]  Beyond legal challenges, having private persons implement controversial recommendations likely would create much public controversy.  The Reagan administration considered empowering a successor to the Grace Commission with the authority to implement its recommendations but, based on a memorandum drafted by then-Associate Counsel to the President John Roberts, declined to do so amidst concerns that it would create public uproar and “serious conflict of interest problems” in having corporate executives implement recommendations with regard to agencies that regulated their businesses.[22]

Accordingly, it appears likely that DOGE will make recommendations and advise Trump, agency leaders, and agency staff on how to implement its recommendations.

iii.  What would be the implications for DOGE’s members if it is a FAC?

Musk, Ramaswamy, and other DOGE personnel may be subject to disclosure and conflict-of-interest rules if DOGE is a FAC.  Private sector individuals participate on FACs in one of two capacities: either as a special government employee (SGE) or a representative member.[23]  SGEs are typically (but not always) paid and exercise their own, independent judgment on behalf of the government.  Representative members generally are not paid and represent the perspective of an identifiable outside organization or industry—they are expected to offer a biased view.[24]  In this case, although Musk and Ramaswamy are not taking pay,[25] they are being presented as leaders of DOGE and offering their independent judgment about the functioning of the entire government, making them appear to be closer to SGEs than representative members of a FAC.  Some media sources have reported that Musk will be a special government employee, but there has not yet been a public announcement.[26]

If DOGE members serve as SGEs, they would have to file financial disclosures and would be subject to federal employee criminal conflict of interest rules if they use their “public office for their own private gain.”[27]  They would not be permitted to serve for longer than “one hundred and thirty days during any period of three hundred and sixty-five consecutive days.”[28]  Of note, they would be barred from participating “personally and substantially in an official capacity” in any matter in which they have a financial interest if the matter “will have a direct and predictable effect on that interest.”[29]  Such interests can include matters relevant to their companies as well as companies in which they own stock.  That said, the official responsible for appointing the DOGE members (likely Trump) can waive the federal employee conflict-of-interest laws if he “certifies in writing that the need for the individual’s services outweighs the potential for a conflict of interest created by the financial interest involved.”[30]

The Federal Acquisition Regulation also imposes organizational conflict-of-interest restrictions on SGEs.  Contracting officers are not permitted to knowingly award contracts to SGEs or their companies if the contract arises directly out of the individual’s activity as an SGE, their activity puts them in a position to influence the award of the contract, or the contracting officer determines that another conflict exists.[31]  The agency head may authorize an exception “only if there is a most compelling reason to do so, such as when the Government’s needs cannot reasonably be otherwise met.”[32]  Competitors also may try to challenge the award of contracts based on perceived organizational conflicts of interest.  Musk’s companies Tesla and SpaceX, along with several companies of other individuals reported to be associated with DOGE, are government contractors that could be affected by their executives’ DOGE service.

iv.  How could DOGE be funded if it is a FAC?

If DOGE is classified as a FAC, it may be funded either by public or private sources.  The General Services Administration provides public funds for FACs.  Based on the precedent of President Reagan’s Grace Commission, which received its funding from a private foundation established to support it, DOGE could also receive funding from private entities.[33]

C.  What would be the implications if DOGE operates as an independent or informal non-governmental organization or think tank?

DOGE also could operate as a think tank or nonprofit that has a bully pulpit and the president’s ear.  As noted above, DOGE could attempt to avoid being classified as a FAC by taking on an informal structure and rendering advice as individuals rather than as a group.  If DOGE successfully avoids being classified as a FAC and instead operates as an independent, non-governmental organization, it will not be subject to FACA’s disclosure, transparency, or conflict-of-interest requirements or to FOIA.  Musk has asserted that DOGE will pursue “maximum transparency” and that “[a]ll actions of [DOGE] will be posted online,”[34] but avoiding FACA’s requirements would give DOGE and its members materially more flexibility on matters of transparency and conflicts of interests.

As an NGO, DOGE would have no legal authority to implement its recommendations, but could still publish reports and advise President Trump directly.  To the extent that DOGE’s activity constituted lobbying, it would have to file disclosures under the Lobbying Disclosure Act, and it would be subject to additional lobbying limits if it is a tax-exempt entity.[35]  Although communications made in the course of participating in a FAC are excluded from the definition of a “lobbying contact,” there is no equivalent across-the-board exception for NGO activities.[36]

II.  How will DOGE be staffed?

In addition to Musk and Ramaswamy, Trump has announced that William McGinley—who was Trump’s White House Cabinet secretary in his first administration and initially had been Trump’s designee for White House Counsel in the second administration—will be “Counsel to the Department of Government Efficiency.”[37]  In November, DOGE called for staff applications via a post on X, stating “we need super high-IQ small-government revolutionaries willing to work 80+ hours per week on unglamorous cost-cutting.  If that’s you, DM this account with your CV.  Elon & Vivek will review the top 1% of applicants.”[38]   It appears that applying via direct message is the only public process for interested applicants to submit their resumes to DOGE.[39]

In addition to staff, a number of corporate executives are reported to be advising DOGE.  Those executives include:  Bill Ackman (founder and CEO, Pershing Square Capital Management), Marc Andreesen (co-founder, Andreesen Horowitz), Steve Davis (President, Boring Company), Antonio Gracias (founder and CEO, Valor Equity Partners), Travis Kalanick (former Uber CEO; current CEO, City Storage Systems), Sriram Krishnan (General partner, Andreesen Horowitz), Joe Lonsdale (co-founder, Palantir), and David Sacks (general partner, Craft Ventures).[40]

III.  What are DOGE’s goals and likely targets?

DOGE’s overarching goals are to reduce the deficit, reduce the federal workforce, and curtail the administrative state.  DOGE has identified a number of specific objectives, many of which are subject to a variety of legal and political challenges.

A.  Significantly reduce the deficit.

Musk and Ramaswamy have announced DOGE’s intent to dramatically reduce federal spending and related waste, fraud, and abuse.[41]  Musk has suggested a target of $2 trillion in cuts;[42] via X, DOGE has announced a goal of balancing the budget.[43]

i.  What spending will DOGE target? 

Musk, Ramaswamy, and the DOGE X account have identified a number of targets for spending reductions.  These include several specific appropriations or federal grants that they consider to be wasteful, such as appropriations for NGOs, DEI training programs, PBS, NPR, $300 million in funding to Planned Parenthood and related organizations, and $1.5 billion in grants to international organizations.[44]  Musk told lawmakers he supports “get[ting] rid of all [tax] credits” for electric vehicles—which he said “will only help Tesla,”[45]—and has previously advocated removing subsidies from all industries.[46]  Ramaswamy has also asserted that DOGE will closely review CHIPS Act contracts, especially those the Biden administration accelerated ahead of the transition.[47]  The DOGE X account has also identified Pentagon spending as a potential area for reduction, although President Trump has said he would not cut defense spending.[48]

More generally, Musk and Ramaswamy have suggested that Trump may decline to spend appropriations for which Congress’s authorizations have expired.  The Congressional Budget Office has identified $516 billion in appropriations for 2024 associated with 491 expired authorizations of appropriations across a range of agencies, including a number of appropriations administered by the Department of Veterans Affairs, State Department, Department of Education, National Institutes of Health, Federal Aviation Administration, NASA, and more.[49]  Note that Congress can appropriate funds without authorization or pursuant to an expired authorization; these appropriations carry their own authorizations and are available to agencies for “obligation and expenditure.”[50]  Withholding such funds likely would be subject to legal challenge.  It likely also would be politically unpopular to cut a number of these programs, such as veterans’ healthcare benefits and Pell Grants.

Other sources of potential cuts or reforms could be the Government Accountability Office High Risk List, which identifies programs particularly subject to waste, fraud, and abuse,[51] and a 2,000-page list of proposed cuts Senator Rand Paul (R-KY) has reportedly sent to Musk and Ramaswamy.[52]

Finally, DOGE will be open to suggestions from the public.  Ramaswamy has announced that “DOGE will soon begin crowdsourcing examples of government waste, fraud, … and abuse.”[53]  In addition, some Republican fundraising emails have announced that DOGE will be crowdsourcing its agenda with which government programs to cut and have included short surveys regarding the cuts.[54]

ii.  Government contractors under the microscope.

Musk and Ramaswamy have also indicated a desire to scrutinize federal contracts that they state have “gone unexamined for years,” and have alluded to conducting “[l]arge-scale audits . . . during a temporary suspension of payments.”[55]  Ramaswamy has said to expect “massive cuts among federal contractors . . . who are overbilling the government.”[56]  It is not clear how DOGE will decide which contracts to scrutinize, how it will go about reviewing those contracts, or how it will determine whether to recommend any for termination or modification.  It is also not clear whether DOGE will recommend that agencies attempt to modify or terminate existing contracts still in effect, or if it will focus more on making changes when contracts are up for renewal.  Nor is it clear how DOGE or the federal government would institute a “temporary suspension of payments,” including whether it would attempt to require contractors’ continued performance under those contracts during any such suspension.  It is possible that DOGE will try to pressure contractors to agree to changes to the terms of contracts it deems wasteful.

iii.  What challenges will DOGE face?

DOGE will face at least three obstacles in meeting its goal to significantly reduce the deficit.

First, during the campaign, Trump asserted he will not cut defense, Social Security, or Medicare,[57] but those and interest payments on the national debt constitute over 60 percent of federal spending.  All discretionary non-defense spending is less than $1 trillion, but the 2024 deficit is $1.8 trillion.[58]  While Musk and Ramaswamy have generally steered away from discussing entitlement reform, they have suggested that at least some defense cuts could be on the table, including changes to the defense procurement process and eliminating waste generally, as well as, particularly from Musk, even the future of manned fighter jets like the F-35.[59]

Second, federal spending is authorized and appropriated by Congress, not the president (or his advisors).  Congress may not be willing to authorize such drastic cuts to federal spending, especially if such cuts touch Social Security, Medicaid, and other programs that would be politically unpopular to curtail.

Third, statutes restrict the president’s power not to spend money that has been appropriated.  The Supreme Court overturned President Nixon’s impoundments of congressionally-appropriated funds on the basis that, at least where the appropriations provide that “[s]ums authorized . . . shall be allotted,” the appropriation itself does not implicitly provide the president discretion not to spend the full amount of those funds.[60]  Congress then went further and passed the Impoundment Control Act which requires the president to propose rescissions to Congress if the president does not wish to spend appropriated funds.  If Congress does not pass a rescission bill within 45 days, the funds must be made available for obligation.[61]

Precedent from the previous Trump administration may shed light on the challenges the new Trump administration may face under the Impoundment Control Act.  In January 2020, the Government Accountability Office concluded that the Office of Management and Budget (OMB) violated the Impoundment Control Act when it withheld obligated funds for Ukraine security assistance.[62]  OMB asserted the withholding was part of a “programmatic delay” pending policy developments and so did not require notice to Congress.[63]  Similar disputes may arise if the second Trump administration attempts impoundment or similar withholdings without congressional approval.  Notably, Trump has repeatedly asserted the ICA is unconstitutional and that the president is empowered to impound funds that have been appropriated by Congress.  As part of his campaign, the Trump suggested that he would challenge the constitutionality of the ICA and simultaneously work with Congress to overturn the law.[64]

B.  Streamline the federal workforce.

Musk and Ramaswamy have said they plan to eliminate a significant amount of the federal workforce and prescribe new rules for the civil service.[65]  Musk and Ramaswamy seek to elicit voluntary resignations by ending remote work for federal government employees, relocating agencies out of D.C., providing early retirement incentives, and offering severance packages.[66]  They also may seek to institute large-scale layoffs.[67]  Federal civil service protections could impede some strategies to streamline the federal workforce, but those protections generally do not apply to large-scale mass layoffs.[68]  Musk and Ramaswamy have also suggested that the president may modify civil service rules by executive order.[69]

Separately, Trump may be aiming to convert many civil service positions into political appointments, which would then give political leaders more control over appointment and retention decisions.  Trump has announced that he intends to nominate Russell Vought to head OMB.  Late in Trump’s first term, Vought designed a “Schedule F” classification to facilitate the conversion of civil service positions to political positions,[70] but President Biden cancelled that plan,[71] and the Office of Personnel Management promulgated formal rules through notice-and-comment rulemaking restricting such conversions of civil service positions into political positions.[72]  Vought’s nomination suggests the second Trump administration may attempt to resurrect Schedule F.

C.  Curtail the administrative state.

Musk and Ramaswamy have said they plan to eliminate approximately 75 percent of federal agencies, in part by consolidating duplicative and miscellaneous agencies into larger agencies.[73]  Musk and Ramaswamy also seek to halt enforcement of and eventually repeal regulations based on the logic of the Supreme Court opinions of West Virginia v. EPA,[74]—which approved the major questions doctrine that Congress does not implicitly authorize agencies to decide questions of vast economic and political significance—and Loper Bright Enterprises v. Raimondo[75]—which overturned Chevron deference to agency interpretations of ambiguous statutes.  Musk and Ramaswamy interpret these cases to suggest that “a plethora of current federal regulations exceed the authority Congress has granted under the law.”[76]

To achieve these goals, DOGE may have to overcome a number of legal obstacles.  For example, agencies generally must go through notice-and-comment rulemaking to amend or revoke rules.[77]  Musk and Ramaswamy have suggested that Trump may be able to revoke some rules unilaterally through executive order,[78] but it remains to be seen whether an agency acting on such orders would be acting arbitrarily and capriciously or otherwise in violation of the APA.  More information regarding how Trump can pause agency rules that have not yet been finalized can be found in this Gibson Dunn Client Alert.

In addition, Musk and Ramaswamy also have suggested that Trump could direct agencies not to enforce regulations that the administration disfavors or believes are unlawful in light of recent Supreme Court precedent.[79]

i.  Potential DOGE targets.

Musk and Ramaswamy have singled out many agencies as targets for consolidation and/or elimination.  The Consumer Financial Protection Bureau (CFPB) is one such target: on November 27, 2024, Musk posted on X, “Delete CFPB.  There are too many duplicative regulatory agencies.”[80]  The Department of Education is another target: in response to a question regarding the Department of Education, Ramaswamy stated that he expects “certain agencies to be deleted outright.”[81]  Musk is also expected to target agencies like the Federal Trade Commission, Securities and Exchange Commission, and Department of Justice for reductions.[82]

Additionally, agencies that appear on the GAO’s High Risk List, which identifies agencies and programs that have significant potential for waste, fraud, or abuse, may be targets for consolidation or elimination.[83]  The president’s authority to delegate and reorganize such agencies and programs, however, is constrained by statute.[84]  Accordingly, significant agency reorganizations likely will require legislative action.[85]

D.  Other objectives.

Lastly, DOGE plans to increase the use of AI and software within government more broadly and to reform the tax payment process by developing a free tax filing app.[86]

IV.  Who in Congress intends to work with DOGE?

DOGE will have to partner with Congress and federal agencies to effect many of its plans, although Trump likely will be able to implement some of its recommendations via executive action.  Even without direct implementation authority, however, DOGE’s recommendations are likely to get sympathetic hearings from Trump’s political appointees in the agencies.

Numerous Republican members of Congress, and some Democratic members, have expressed enthusiasm for some or all of DOGE’s objectives and are forming entities within both the House and the Senate to partner with DOGE.  The House Committee on Oversight and Reform has announced that it is forming a Delivering on Government Efficiency (“DOGE”) subcommittee, chaired by Rep. Marjorie Taylor Greene (R-GA).[87]  This subcommittee will, among other things, examine the “salaries and status of members of the federal civil service and intergovernmental personnel.”[88]

Rep. Aaron Bean (R-FL) has launched a new congressional caucus aimed at working with DOGE, which he will co-chair with Rep. Pete Sessions (R-FL).[89]  Democratic Congressman Rep. Jared Moskowitz (D-FL) has joined the caucus and it is reported other Democrats also may  join.[90]

The Senate DOGE caucus is led by Senator Joni Ernst (R-IA.), and it will lead the Senate’s partnership with DOGE.[91]  Other caucus members include Senators John Cornyn (R-TX), Ted Budd (R-NC), Mike Lee (R-UT), Rick Scott (R-FL), Roger Marshall (R-KS), and James Lankford (R-OK).  Sen. Ernst has already met with Ramaswamy to share suggestions for spending cuts, including consolidating government office space and reducing payments to the United Nations,[92] as well as reducing government telework.[93]  Senator Bernie Sanders (I-VT) has said he will not join the caucus but that he intends to work with DOGE to go after waste specifically within the Department of Defense.[94]

V.  How will DOGE engage with the public?

DOGE currently is engaging with the public via posts on its X account and posts on Elon Musk’s X account.  Musk has also suggested that DOGE will be open to suggestions and feedback, saying that “[a]nytime the public thinks we are cutting something important or not cutting something wasteful, just let us know!”[95]  The House DOGE caucus has launched a tipline to receive public input, but it is unclear whether and how that will be communicated to DOGE itself.[96]  Additionally, Ramaswamy has announced that he and Musk will host a podcast (“DOGEcast”) that will provide the public with updates on DOGE.[97]

VI.  How can businesses prepare for DOGE?

DOGE promises to be disruptive, but businesses can prepare to make the most of the situation by gathering information, advocating for their interests, and—if necessary—by being prepared to litigate.  Specifically, businesses should consider whether and how best to:

  • Identify regulations, programs, and contracts that (a) affect its business or its competitors and (b) may be targets for DOGE. This can include monitoring Musk, Ramaswamy, and DOGE’s public statements and, if necessary, making FOIA requests.
  • Advocate for their interests directly to DOGE. For example, consider proactive engagement on a particular contract that appears to be a focus of DOGE.  In addition to more traditional forms of advocacy, it appears that DOGE may be unusually open to online and public advocacy.
  • Develop relationships with members of Congress and administration officials who work with and can influence DOGE. DOGE is likely to work closely with allies on the Hill and in executive branch agencies and it could be prudent to communicate with those allies in addition to DOGE.
  • Consider leveraging DOGE’s work by challenging burdensome regulations in court, especially where the major questions doctrine or Loper Bright could apply. In light of recent Supreme Court decisions, even longstanding regulations might be susceptible to such a challenge.[98]  In addition to potentially winning vacatur of the regulation, litigation might have the added benefit of bringing strong arguments against the regulation to DOGE’s and the agency’s attention.

VII.  Conclusion.

The coming days will yield some answers to the questions posed here about DOGE.  Gibson Dunn will be monitoring those developments closely, and our attorneys are available to assist clients as they navigate these challenges and opportunities that DOGE’s recommendations may present.

[1] Donald Trump (@realDonald Trump), Truth Social (Nov. 12, 2024, 7:46 PM), https://truthsocial.com/@realDonaldTrump/posts/113472884874740859.

[2] 5 U.S.C. § 1008(b).

[3] See, e.g., Exec. Order 13538, Establishing the President’s Management Advisory Board, 75 Fed. Reg. 20895 (Apr. 19, 2010), available at https://obamawhitehouse.archives.gov/the-press-office/executive-order-establishing-presidents-management-advisory-board.

[4] E.g., NAACP Leg. Defense & Educ. Find, Inc. v. Barr, 496 F. Supp. 3d 116, 145 (D.D.C. 2020).

[5] E.g.Ass’n of Am. Physicians & Surgeons, Inc. v. Clinton, 997 F.2d 898, 914 (D.C. Cir. 1993).

[6] Id. at 913 (emphasis in original); see also Public Emps. for Env’t Responsibility v. Nat’l Park Serv., 605 F.Supp.3d 28, 52-53 (D.C. Cir. 2022) (citing Ass’n of Am. Physicians and Surgeons, Inc.).

[7] See Jay S. Bybee, Advising the President: Separation of Powers and the Federal Advisory Committee Act, 104 Yale L.J. 51, 128 (1994).

[8] Antonin Scalia, Constitutionality of the Federal Advisory Committee Act, OLC Opinion (Dec. 1, 1974).

[9] See, e.g.Freedom Watch, Inc. v. Obama, 807 F.Supp.2d 28, 36 (D.C. Cir. 2011) (declining to address argument that applying FACA to task force set up by president to solicit advice raised separation of powers concerns by applying constitutional avoidance canon).

[10] 5 U.S.C. §§ 1008(c), 1009(a), (b).

[11] 5 U.S.C. § 1005(b)(3).

[12] 51 C.F.R. § 102-3.60(b)(3).

[13] See, e.g., Am. First Leg. Foundation v. Cardona, 630 F. Supp. 3d 170, 177 (D.D.C. 2022); Ctr. For Biol. Diversity v. Tidwell, 239 F. Supp. 3d 213, 221 (D.D.C. 2017).

[14] See, e.g., NAACP Leg. Defense & Educ. Find, Inc. v. Barr, 496 F. Supp. 3d 116, 145 (D.D.C. 2020) (entering writ of mandamus compelling chairs of a FAC to file a charter and provide timely notice of meetings as required by FACA).

[15] 28 U.S.C. § 1361.

[16] See Barr, 496 F. Supp. 3d at 145; Freedom Watch, Inc. v. Obama, 807 F. Supp. 2d 28, 33 (D.D.C. 2011); Ctr. For Biol. Diversity v. Tidwell, 239 F. Supp. 3d 213, 221–22 (D.D.C. 2017).  (“Plaintiff challenges the actions of those agencies in failing to comply with FACA in relation to an alleged advisory committee convened by the Forest Service”); Jud. Watch, Inc. v. U.S. Dep’t of Com., 736 F. Supp. 2d 24, 30–31 (D.D.C. 2010) (suit against Cabinet agency and Cabinet secretary that convened the FAC).

[17] Compare Heartwood, Inc. v. U.S. Forest Serv., 431 F. Supp. 2d 28, 36 (D.D.C. 2006) (a FAC is not an “agency” under FOIA), with Elec. Privacy Info. Ctr. v. Nat’l Sec. Comm’n on Artificial Intelligence, 466 F. Supp. 3d 100, 119 (D.D.C. 2020) (a FAC can be considered an “agency” under FOIA).

[18] 5 U.S.C. § 1002(b).

[19] 5 U.S.C. § 1008(b).

[20] E.g., 42 U.S.C. § 7411 (providing EPA administrator authority to set emissions standards for stationary sources); 12 U.S.C. § 5512 (providing CFPB director exclusive rulemaking authority regarding compliance with federal consumer financial law).

[21] See Buckley v. Valeo, 424 U.S. 1, 126 (1976) (“We think [the] fair import [of the Appointments Clause] is that any appointee exercising significant authority pursuant to the laws of the United States is an ‘Officer of the United States,’ and must, therefore, be appointed” as the Constitution requires).

[22] See Memorandum from John G. Roberts to Fred F. Fielding (May 29, 1985) https://www.reaganlibrary.gov/public/digitallibrary/smof/counsel/roberts/box-065/40_485_6909456_065_017_2017.pdf (hereinafter “Grace Commission Memo”).  Then-Associate Counsel to the President John G. Roberts discussed in the memorandum whether a successor commission to the Grace Commission should have the authority to implement the recommendations of the original Grace Commission. Roberts concluded that endowing the successor commission with the authority to implement the original commission’s recommendations would be a “disaster” and that doing so would create an “uproar.”

[23] See Memorandum From Marilyn Glynn, General Counsel, to Designated Agency Ethics Officials, Office of Government Ethics, 05 x 4 (Aug. 18, 2005), https://www.oge.gov/web/oge.nsf/News+Releases/E3B0076C971CEDE6852585BA005BED23/$FILE/05x4_.pdf.

[24] See Memorandum From Stephen D. Potts, Director, Off. Of Gov’t Ethics, to Designated Agency Officials et al., Off. Gov’t Ethics 00 x 1 ,(Feb. 15, 2000), https://www.oge.gov/Web/oge.nsf/Legal%20Docs/445ECB1FB63809DA852585BA005BED9E/$FILE/00×1.pdf?open.

[25] Elon Musk (@ElonMusk), X (Nov. 14, 2024 12:03 AM), https://x.com/elonmusk/status/1856925863725412706.

[26] Stephanie Lai et al., Trump Names David Sacks As White House AI And Crypto Czar, Bloomberg (Dec. 6, 2024), https://www.bloomberg.com/news/articles/2024-12-06/trump-names-david-sacks-as-white-house-ai-and-crypto-czar.

[27] 5 C.F.R. § 2635.702; 18 U.S.C. § 203(a).  Representative members of FACs are not subject to federal employee conflict of interest laws.

[28] 18 U.S.C. § 202(a).

[29] 5 C.F.R. § 2640.103(a).

[30] 18 U.S.C. § 208(b)(1), (3).

[31] 48 C.F.R. § 3.601(a)–(b); see also id. § 3.602.

[32] 48 C.F.R. § 3.602.

[33] Reagan Library Topic Guide – President’s Private Sector Survey on Cost Control

(Grace Comm’n), Reagan Library,  https://www.reaganlibrary.gov/public/archives/textual/topics/ppsscc.pdf (last visited Dec. 4, 2024) (“The Foundation for the President’s Private Sector Cost Control Survey, a separate organization led by Mr. Grace, raised private donations to fund the PPSSCC.”).

[34] Elon Musk (@elonmusk), X (Nov. 12, 2024 9:13 PM), https://x.com/elonmusk/status/1856520760656797801?lang=en.

[35] See 2 U.S.C. § 1601 et seq; see also Measuring Lobbying: Substantial Part Test, IRS, https://www.irs.gov/charities-non-profits/measuring-lobbying-substantial-part-test (guidelines about when an charitable organization’s lobbying activities may undermine its tax-exempt status); Measuring Lobbying Activity: Expenditure Test, IRS, https://www.irs.gov/charities-non-profits/measuring-lobbying-activity-expenditure-test (same).

[36] 2 U.S.C. § 1602(8)(B)(vi).

[37] Donald Trump (@realDonaldTrump), Truth Social (Dec. 4, 2024, 12:50 PM), https://truthsocial.com/@realDonaldTrump/posts/113595819146944245.

[38] Department of Government Efficiency (@DOGE), X (Nov. 14, 2024, 10:03 AM),  https://x.com/DOGE/status/1857076831104434289.

[39] Id.

[40] Elizabeth Dwoskin, Jeff Stein, Jacob Bogage & Faiz Siddiqui, Musk and Ramaswamy race to build a ‘DOGE‘ team for war with Washington, Washington Post (Nov. 24, 2024), https://www.washingtonpost.com/business/2024/11/24/musk-ramaswamy-doge-trump/; Ananya Gairola, Elon Musk’s DOGE Dream Team: From Marc Andreessen To Uber’s Travis Kalanick, Silicon Valley Titans Reportedly Join Forces To Overhaul Federal Spending, Benzinga (Nov. 30, 2024),

https://www.benzinga.com/24/11/42253427/elon-musks-doge-dream-team-from-marc-andreessen-to-ubers-travis-kalanick-silicon-valley-titans-join-forces-to-overhaul-federal-spending; Brian Schwartz, Dana Mattioli, Rebecca Ballhaus & Emily Glazer, Musk-a-Lago: Inside Elon Musk’s Role on Trump’s Transition Team, Wall Street Journal (Nov. 13, 2024), https://www.wsj.com/politics/policy/musk-a-lago-inside-elon-musks-role-on-trumps-transition-team-55235859 (hereinafter “Musk-a-Lago”).  David Sacks has been announced as the White House AI and Crypto Czar.  See Stephanie Lai et al., Trump Names David Sacks As White House AI And Crypto Czar, Bloomberg (Dec. 6, 2024), https://www.bloomberg.com/news/articles/2024-12-06/trump-names-david-sacks-as-white-house-ai-and-crypto-czar.

[41] See Elon Musk & Vivek Ramaswamy, The DOGE Plan to Reform Government, Wall Street Journal (Nov. 20, 2024), https://www.wsj.com/opinion/musk-and-ramaswamy-the-doge-plan-to-reform-government-supreme-court-guidance-end-executive-power-grab-fa51c020 (hereinafter “Musk and Ramaswamy Op-Ed”).

[42] Aris Folley, Musk Draws Skepticism With Call For $2 Trillion in Spending Cuts, The Hill (Nov. 3, 2024), https://thehill.com/business/4966789-elon-musk-skepticism-2-trillion-spending-cuts/.

[43] Department of Government Efficiency (@DOGE), X (Nov. 23, 2024, 1:40 AM), https://x.com/DOGE/status/1860211822722449910.

[44] Lindsey Choo, Elon Musk’s DOGE May Cut These Federal Agencies—As CFPB Becomes Latest Target, Forbes (Nov. 27, 2024), https://www.forbes.com/sites/lindseychoo/2024/11/27/elon-musk-doge-takes-aim-federal-agencies-where-cuts-can-be-made/.

[45] Andres Picon, Musk, On Capitol Hill, Says ‘Get Rid Of All Credits,” Politico (Dec. 5, 2024), https://subscriber.politicopro.com/article/2024/12/musk-on-capitol-hill-says-get-rid-of-all-credits-00192786.

[46] Elon Musk (@elonmusk), X (July 16, 2024 3:26 AM), https://x.com/elonmusk/status/1813112958157005259.

[47] Christine Mui, Ramaswamy Threatens DOGE Review Of Biden’s Microchip Funding Spree, Politico (Nov. 26, 2024), https://www.politico.com/live-updates/2024/11/26/congress/ramaswamy-aims-doge-at-microchips-funding-00191693.

[48] Department of Government Efficiency (@DOGE), X (Nov. 19, 2024, 2:36 PM), https://x.com/DOGE/status/1858957615889543628Agenda47: Using Impoundment to Cut Waste, Stop Inflation, and Crush the Deep State (June 20, 2023),

https://www.donaldjtrump.com/agenda47/agenda47-using-impoundment-to-cut-waste-stop-inflation-and-crush-the-deep-state (hereinafter “Agenda47 Plan”).

[49] Cong. Budget Off., Expired and Expiring Authorizations of Appropriations for Fiscal Year 2024 (July 2024), https://www.cbo.gov/publication/60580.

[50] Principles of Federal Appropriations Law at 2-80, Gov’t Accountability Office (4th ed. 2016), https://www.gao.gov/assets/2019-11/675709.pdf.

[51] Gov’t Accountability Off., High Risk Listhttps://www.gao.gov/high-risk-list (last visited Dec. 2, 2024).

[52] Chris Megerian, Elon Musk’s Budget Crusade Could Cause A Constitutional Clash In Trump’s Second Term, Associated Press (Nov. 21, 2024), https://apnews.com/article/musk-ramaswamy-trump-budget-cuts-doge-impoundment-8e2fffc27df6acc1b275b1614e66fd01.

[53] Vivek Ramaswamy (@VivekGRamaswamy), X (Nov. 12, 2024 10:25 P.M.), https://x.com/VivekGRamaswamy/status/1856538974384255206.

[54] Logan, Doge Alerts, Trump’s Avengers, Daily GOP News (Nov. 17, 2024).

[55] Musk and Ramaswamy Op-Ed, supra note 41.

[56] Muyao Shen and Bloomberg, Ramaswamy sees ‘massive cuts’ for contractors in efficiency push, Fortune (Nov. 17, 2024), https://fortune.com/2024/11/17/doge-vivek-ramaswamy-elon-musk-massive-cuts-government-contractors-efficiency/.

[57] Agenda47 Plan, supra note 48.

[58] Cong. Budget Off., Monthly Budget Review: Summary for Fiscal Year 2024 (Nov. 8, 2024), https://www.cbo.gov/publication/60843#:~:text=In%20fiscal%20year%202024%2C%20which,recorded%20in%20the%20previous%20year.&text=See%20more%20editions%20of%20CBO%27s%20Monthly%20Budget%20Reviewsee also Justin Lahart & Rosie Ettenheim, Musk Wants $2 Trillion of Spending Cuts. Here’s Why That’s Hard., Wall Street Journal (Nov. 26, 2024), https://www.wsj.com/politics/policy/government-spending-doge-elon-musk-trump-administration-60477bc5.

[59] See Musk and Ramaswamy Op-Ed, supra note 41; Jesus Mesa, Why F-35 Fighter Jets Are ”Obsolete”, According to Elon Musk, Newsweek (Nov. 25, 2024), https://www.newsweek.com/f-35-obsolete-elon-musk-1991486.

[60] Train v. City of New York, 420 U.S. 35, 39 (1975) (emphasis added).

[61] 2 U.S.C. § 683.

[62] Matter of: Off. of Mgmt. & Budget-Withholding of Ukraine Sec. Assistance, B-331564 (Jan. 16, 2020), https://www.gao.gov/assets/b-331564.pdf.

[63] Letter from General Counsel, OMB, to General Counsel, GAO (Dec. 11, 2019), https://context-cdn.washingtonpost.com/notes/prod/default/documents/5dbd9f69-2537-4272-bd5d-60c94d3843b6/note/112b1caa-763c-4c4c-a5bb-0a04f7962d2c.pdf.

[64] See Agenda47 Plan, supra note 48; Molly Redden, How Trump Plans to Seize the Power of the Purse From Congress, ProPublica (Nov. 26, 2024), https://www.propublica.org/article/trump-impoundment-appropriations-congress-budget?utm_source=sailthru&utm_medium=email&utm_campaign=majorinvestigations&utm_content=toc; Jeff Stein, Elizabeth Dwoskin, Cat Zakrzewski & Jacob Bogage, Trump aides explore plans to boost Musk effort by wresting control from Congress, Washington Post (Nov. 13, 2024 ),  https://www.washingtonpost.com/business/2024/11/13/elon-musk-government-efficiency-congress-budget-law/.

[65] See Musk and Ramaswamy Op-Ed, supra note 41.

[66] Id.

[67] Aimee Picchi, Musk and Ramaswamy say DOGE will target $500 billion in spending. Here’s where they say they’ll cut., CBS News (Nov. 26, 2024), https://www.cbsnews.com/news/musk-ramaswamy-doge-500-billion-spending-where-they-will-cut/.

[68] See 5 U.S.C. § 3502 (providing that employees may be released pursuant to a reduction in force subject to order-of-retention rules and a 60-day notice requirement); see also 5 C.F.R. part 351 (OPM‘s current rules governing reductions in force); Vivek Ramaswamy (@VivekGRamaswamy), X (Sep. 13, 2023, 2:47 P.M.), https://x.com/VivekGRamaswamy/status/1702031198543921370 (asserting that ”’reductions in force‘ are not covered by for-cause requirements”).

[69] Allan Smith & Peter Nicholas, Will Elon Musk and Vivek Ramaswamy’s new ’department’ actually be able to do anything?, NBC News (Nov. 15, 2024), https://www.nbcnews.com/politics/donald-trump/elon-musk-vivek-ramaswamys-new-department-government-efficiency-rcna179906.

[70] Exec. Order No. 13957, Creating Schedule F in the Excepted Service, 85 Fed. Reg. 207 (Oct. 26, 2020), available at https://www.govinfo.gov/content/pkg/FR-2020-10-26/pdf/2020-23780.pdf.

[71] Exec. Order No. 14003, Protecting the Federal Workforce, 86 Fed. Reg. 7231 (Jan. 27, 2021)

[72] E.g., Upholding Civil Service Protections and Merit Systems Principles, 89 Fed. Reg. 24,982 (Apr. 9, 2024).

[73] Derek Saul, What We Know About Elon Musk’s ‘Department Of Government Efficiency’—As Marjorie Taylor Greene Enters Fold, Forbes (Nov. 21, 2024), https://www.forbes.com/sites/dereksaul/2024/11/21/what-we-know-about-elon-musks-department-of-government-efficiency-as-marjorie-taylor-greene-enters-fold/.

[74] 597 U.S. 697 (2022).

[75] 603 U.S. ___ (2024).

[76] Musk and Ramaswamy Op-Ed, supra note 41.

[77] See, e.g.Perez v. Mortg. Bankers Ass’n, 575 U.S. 92, 101 (2015) (the Administrative Procedure Act (“APA”) “mandate[s] that agencies use the same procedures when they amend or repeal a rule as they used to issue the rule in the first instance”); Humane Society v. Dep’t of Agriculture, 41 F.4th 564 (D.C. Cir. 2022) (holding that once a rule was “made available for public inspection” through the Federal Register, it “prescribe[d] law with legal consequences,” and the “APA require[d] the agency to undertake notice-and-comment before repealing it”).

[78] Musk and Ramaswamy Op-Ed, supra note 41.

[79] See id.

[80] Elon Musk (@ElonMusk), X (Nov. 27, 2024 12:35 AM), https://x.com/elonmusk/status/1861644897490751865.

[81] Rachel Scully, Ramaswamy: ‘We Expect Certain Agencies To Be Deleted Outright,’ The Hill (Nov. 18, 2024), https://thehill.com/blogs/blog-briefing-room/4995638-vivek-ramaswamy-donald-trump-doge/.

[82] See Musk-a-Lago, supra note 40.

[83] Gov’t Accountability Off., High Risk List, https://www.gao.gov/high-risk-list (last visited Dec. 2, 2024).

[84] See 3 U.S.C. § 301 (authorizing the president to delegate to any senate-confirmed official any function vested in the president by law); 31 U.S.C. § 1341 (prohibiting expenditures or incurring obligations except where authorized by law).

[85] Past executive branch reorganizations have occurred pursuant to statutes, but the most recent reorganization authority expired in 1984.  See 5 U.S.C. §§ 901–12 (providing president authority to reorganize the executive branch); id. at § 905(b) (sunsetting the authority in 1984); see also Jared P. Cole, Organizing Executive Branch Agencies: Who Makes The Call, CRS LSB10158, (June 27, 2018) https://crsreports.congress.gov/product/pdf/LSB/LSB10158; Henry Hogue, Executive Branch Reorganization, CRS, R44909 (Aug. 3, 2017), https://crsreports.congress.gov/product/pdf/R/R44909.

[86] Jeff Stein, Musk’s ‘DOGE’ commission eyes new app for Americans to file taxes, Washington Post (Nov. 19, 2024), https://www.washingtonpost.com/business/2024/11/19/taxes-irs-musk-ramaswamy/.

[87] Annie Grayer and Haley Talbot, Greene To Chair New DOGE Subcommittee on Oversight Next Congress, CNN (Nov. 21, 2024), https://www.cnn.com/2024/11/21/politics/marjorie-taylor-greene-doge-oversight/index.html.

[88] Id.

[89] ‘DOGE’ Meets Congress: GOP Lawmaker Launches Caucus To Help Must Take On ‘Crazytown,’ Fox News (Nov. 19, 2024) https://www.foxnews.com/politics/doge-meets-congress-gop-lawmaker-launches-caucus-help-musk-take-crazytown.

[90] Annie Grayer, Trump’s DOGE Push Finds Support From Some Democrats On Capitol Hill, CNN (Dec. 4, 2024), https://www.cnn.com/2024/12/04/politics/trump-doge-democrats-capitol-hill/index.html.

[91] Marissa Payne, Joni Ernst Will Lead Senate Partnership on Trump’s New “DOGE” Initiative To Cut Spending, Des Moines Register (Nov. 23, 2024) https://www.desmoinesregister.com/story/news/politics/2024/11/23/iowa-us-senator-joni-ernst-will-lead-senate-partnership-on-trump-doge-initiative-to-cut-spending/76508767007/.

[92] Jordain Carney, Ernst Pitches DOGE On Spending Cuts And Savings, Politico (Nov. 25, 2024), https://www.politico.com/live-updates/2024/11/25/congress/ernst-pitches-doge-on-cuts-and-savings-00191487.

[93] Brooke Singman, Senate DOGE leader Ernst to take on government telework abuse at first meeting with Musk, Ramaswamy, Fox News (Dec. 5, 2024), https://www.foxnews.com/politics/senate-doge-caucus-take-government-telework-abuse-first-meeting-musk-ramaswamy.

[94] Grayer, supra note 90.

[95] Elon Musk (@elonmusk), X (Nov. .12, 2024, 9:13 PM), https://x.com/elonmusk/status/1856520760656797801?lang=en.

[96] Jake Sherman et al., Will Congress Surrender To The DOGE?, Punchbowl News (Dec. 5, 2024), https://punchbowl.news/article/washington/musk-ramaswamy-to-visit-capitol-hill-talk-doge/ (reporting the House Doge caucus tipline is “[email protected]”).

[97] Vivek Ramaswamy, A New Chapter In The Fight To Restore Self-Governance, YouTube (Nov. 20, 2024) https://www.youtube.com/watch?v=XAjGFreVeLw; Casey Weldon, The Scoop: Musk, Ramaswamy Bypass Media With DOGE Podcast, PR Daily (Nov. 22, 2024) https://www.prdaily.com/the-scoop-musk-ramaswamy-bypass-media-with-doge-podcast/.

[98] See Corner Post, Inc. v. Bd. of Governors of Fed. Rsrv. Sys., 144 S. Ct. 2440, 2447 (2024) (holding that the default statute of limitations for APA claims is six years running from the date the plaintiff is injured by final agency action).


The following Gibson Dunn lawyers prepared this update: Michael Bopp, Stuart Delery, Tory Lauterbach, Amanda Neely, Aaron Gyde, Maya Jeyendran*, and Christian Dibblee.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Public Policy, Administrative Law & Regulatory, Energy Regulation & Litigation, or Government Contracts practice groups, or the following in the firm’s Washington, D.C. office:

Michael D. Bopp – Co-Chair, Public Policy Practice Group,
(+1 202.955.8256, [email protected])

Stuart F. Delery – Co-Chair, Administrative Law & Regulatory Practice Group,
(+1 202.955.8515, [email protected])

Lindsay M. Paulin – Co-Chair, Government Contracts Practice Group,
Washington, D.C. (+1 202.887.3701, [email protected])

Joseph D. West – Partner, Government Contracts Practice Group,
Washington, D.C. (+1 202.955.8658, [email protected])

Tory Lauterbach – Partner, Energy Regulation & Litigation Practice Group,
(+1 202.955.8519, [email protected])

Amanda H. Neely – Of Counsel, Public Policy Practice Group,
(+1 202.777.9566, [email protected])

*Maya Jeyendran, an associate in the firm’s Washington, D.C. office, is not yet admitted to practice law.

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

Gibson Dunn’s Workplace DEI Task Force aims to help our clients develop creative, practical, and lawful approaches to accomplish their DEI objectives following the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center. Should you have questions about developments in this space or about your own DEI programs, please do not hesitate to reach out to any member of our DEI Task Force or the authors of this Update (listed below).

Key Developments:

On November 25, Walmart confirmed to the Associate Press plans to rework its DEI policies in response to a threatened boycott campaign by Robby Starbuck, an anti-DEI activist. Walmart confirmed that it would remove the term “DEI” from internal communications and replace it with “belonging.” The retailer also confirmed that it will discontinue DEI training offered by the Racial Equity Institute; will not consider race and gender when choosing suppliers; and will put guardrails on which community events, such as drag shows and Pride events, it supports through grants. Walmart will also end its participation in the Human Rights Campaign’s Corporate Equality Index, which surveys corporate practices related to the LGBTQ+ community. While Starbuck claimed credit for these policy changes, a company spokesperson said that the changes have been in progress for a while. Addressing these changes, the company said in a statement, “We’ve been on a journey and know we aren’t perfect, but every decision comes from a place of wanting to foster a sense of belonging, to open doors to opportunities for all our associates, customers and suppliers and to be a Walmart for everyone.”

On November 20, a shareholder brought a derivative action against athletic apparel brand Lululemon in the U.S. District Court for the Southern District of New York, claiming that the company’s leadership concealed inventory allocation problems and made false statements about the company’s new “Inclusion, Diversity, Equity, and Action” (IDEA) program that artificially inflated the stock price. Shane Kanaly v. Calvin McDonald et al., No. 1:24-cv-08839 (S.D.N.Y 2024). Lululemon announced the IDEA program in October 2020, saying the company would aim to reflect “the diversity of the communities the company serves and operates in around the world by 2025.” The complaint alleges that, in reality, the IDEA program was not structured to combat discrimination within Lululemon in any meaningful way, with employees of color continuing to experience harmful bias at work. The complaint refers to a November 2023 news article containing interviews with more than a dozen former Lululemon employees who said the company’s corporate culture is hostile to Black employees. The complaint also alleges that the company’s eleven-person board never had more than two racially diverse members during the relevant period and that the company’s financial statements were silent on racial diversity goals.

On November 18, a former employee of the Federal Reserve Board sued the Chair of the Federal Reserve, the Chief Operating Officer, and four Federal Reserve supervision officials, alleging he faced discrimination on the basis of his religion, race, gender, and sexual orientation in violation of his rights under Title VII of the Civil Rights Act and under the Age Discrimination in Employment Act. Bobowicz v. Powell et al., No. 5:24-cv-00246 (W.D.N.C. 2024). The plaintiff claims he was discriminated against due to his religious beliefs, which precluded him from receiving the COVID-19 vaccination. He further alleges he became “a target for termination” because he was “a heterosexual, white, male who was the oldest employee in both his local and national [teams].” In addition to damages, reinstatement, and front and back pay, the plaintiff seeks a declaration that the Federal Reserve’s diversity initiatives violate the Fourteenth Amendment’s equal protection clause.

On November 13, an Austin-based aerospace staffing agency sued Texas Governor Greg Abbott and Texas Comptroller Glenn Hegar in the U.S. District Court for the Western District of Texas, alleging that the state’s Historically Underutilized Business (HUB) Program violates the Equal Protection Clause of the Fourteenth Amendment and Section 1981. Aerospace Solutions LLC v. Abbott et al., No. 1:24-cv-01383 (W.D. Tex. 2024). The HUB Program designates that a percentage of the state’s contract budget will be awarded to minority-owned businesses, which are defined as companies that are at least 51% owned by individuals from certain designated minority groups. The staffing agency alleges that this unconstitutionally prevents non-minority businesses from submitting competitive bids for certain contracts. The staffing agency is seeking a declaration that the HUB Program is unconstitutional and an injunction preventing its operation, along with attorneys’ fees and costs.

On October 1, the advisory firm Teneo released a report on the evolution of corporate DEI disclosures, based on a review of DEI-related disclosures in 250 sustainability reports published by S&P 500 companies between January and June of 2024. Teneo found that 43% of companies included quantitative DEI goals in their sustainability reports. These quantitative goals included representation goals (present in 33% of company disclosures) and supplier diversity goals (present in 14% of company disclosures). Twenty-three percent of reports also include other DEI goals such as goals for hiring from Historically Black Colleges and Universities and for investing in underrepresented communities.

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

  • Associated Press, “Walmart’s DEI rollback signals a profound shift in the wake of Trump’s election victory” (November 26): Alexandra Olson and Cathy Bussewitz write that Walmart has announced changes to some of its DEI initiatives following scrutiny by anti-DEI activist Robby Starbuck, whose public criticisms of corporate diversity initiatives have garnered increasing media attention in recent months. Olson and Bussewitz report that on Monday, Starbuck posted on X (formerly Twitter), claiming that he told Walmart executives last week that he was “doing a story on wokeness there” and that the company agreed to several changes to its programming to avoid the ensuing public scrutiny. In a statement, Walmart confirmed the changes to its programming but said these changes were underway before discussions with Starbuck occurred. Jason Schwartz, co-chair of Gibson Dunn’s Labor & Employment practice group, says the upcoming change in administration will likely cause more companies to revisit their DEI initiatives. “The impact of the election on DEI policies is huge. It can’t be overstated,” said Schwartz. “Companies are trying to strike the right balance to make clear they’ve got an inclusive workplace where everyone is welcome, and they want to get the best talent, while at the same time trying not to alienate various parts of their employees and customer base who might feel one way or the other. It’s a virtually impossible dilemma.”
  • USA Today, “RIP DEI? The war on ‘woke’ America has a new commander-in-chief” (November 22): USA Today’s Jessica Guynn reports that the Trump administration and Republican majorities will put DEI programs “on the chopping block.” Guynn describes the recent election as a “DEI referendum,” as corporate diversity efforts face increasing scrutiny from right-wing entities. Guynn says that conservative think tanks—including the Heritage Foundation in its Project 2025 roadmap—have recommended a host of anti-DEI measures, from removing DEI terms from federal legislation, rules, contracts, and grants, to directing the Justice Department to investigate diversity programs. According to Guynn, public sentiment has also shifted. A November 2024 Pew Research Center survey shows a decline in support for DEI among workers: 52% of those surveyed view DEI positively, down from 56% last year, while those viewing it negatively rose from 16% to 21%. Joelle Emerson, CEO of diversity strategy and consulting firm Paradigm, believes the impact of the election and a second Trump presidency remains to be seen. Emerson noted that while corporations may publicly distance themselves from the DEI debate, most continue to pursue diversity-based efforts, including expanding candidate pools and developing mentorship and coaching programs accessible to all.
  • Wall Street Journal, “Christopher Rufo Has Trump’s Ear and Wants to End DEI for Good” (November 25): The Wall Street Journal’s Douglas Belkin profiles Christopher Rufo, a documentary filmmaker and writer who opposes DEI efforts in schools, businesses, and government. Belkin says that President-elect Trump has invited Rufo to Mar-a-Lago to present a plan to “geld American universities” into dropping DEI programs. “It’s time to really put the hammer to these institutions and to start withdrawing potentially billions of dollars in funding until they follow the law,” Rufo told Belkin, concluding that organizations “can prioritize excellence or diversity, but not both simultaneously.” According to Belkin, this is not the first time Donald Trump has called on Rufo for guidance: in 2020, Rufo advised Trump on an executive order banning race or sex stereotyping in the federal government.
  • Law360, “Cruz Calls Digital Equity Program Rules ‘Unlawful’” (November 25): Law360’s Christopher Cole reports that Senator Ted Cruz (R-Texas) sent two letters to Alan Davidson, chief of the National Telecommunications and Information Administration (NTIA), a branch of the Commerce Department responsible for pass-through internet access grants to the states. Cruz, incoming chair of the Senate Commerce Committee, criticized NTIA’s administration of two grant programs—both created under the bipartisan Infrastructure Investment and Jobs Act—that aim to increase access to broadband service to underserved areas. Cole says that Cruz is challenging the grant programs as unlawfully discriminatory because they require funds be used to serve members of “covered populations,” a term defined to include racial and ethnic minorities. A spokesperson for the Affordable Broadband Campaign says Cruz has “ignored” that the grant programs also cover veterans, aging and disabled individuals, and people in rural areas, and that Texas will soon receive $55 million in funding for its own digital equity program.
  • Harvard Business Review, “What Trump’s Second Term Could Mean for DEI” (November 14): New York University’s Kenji Yoshino, David Glasgow, and Christina Joseph discuss the anticipated effect of the upcoming Trump Administration on DEI initiatives. According to the authors, the incoming administration is expected to employ various strategies to dismantle DEI initiatives, including issuing executive orders to eliminate programs that promote DEI. Project 2025’s anti-DEI agenda includes abolishing DEI offices within the federal government and amending anti-discrimination laws to remove “disparate impact” liability. The authors suggest that companies seeking to continue advancing LGBTQ+ diversity and inclusion “in this daunting environment” can adopt one of three approaches depending on their risk tolerance: (a) adhering their policies to local norms and laws, even if that causes them to somewhat dilute their DEI efforts, (b) adopting pro-LGBTQ+ policies internally to create a “safe haven” in the workplace, but without pushing for wider change in society, or (c) using their influence to shift norms and laws in their community in a pro-LGBTQ+ direction.

Case Updates:

Below is a list of updates in new and pending cases:

1. Contracting claims under Section 1981, the U.S. Constitution, and other statutes:

  • Strickland et al. v. United States Department of Agriculture et al., 2:24-cv-00060-Z (N.D. Tx 2024): On March 3, 2024, plaintiff farm owners sued the USDA over the administration of relief programs that allegedly allocated funds based on race or sex. The plaintiffs alleged that only a limited class of socially disadvantaged farmers, including certain races and women, qualify for funds under these programs. On June 7, 2024, the court granted in part the plaintiff’s motion for a preliminary injunction. The court enjoined the defendants from making relief payments based directly on race or sex. However, the court allowed defendants to continue to apply their method of appropriating money, if done without regard to the race or sex of the relief recipient.
    • Latest update: On November 14, 2024, the USDA filed a motion for summary judgment. The USDA made two primary arguments: 1) its method of appropriating money is race and sex neutral; and 2) where it has directly taken into account race or sex, it has permissibly done so in order to remedy the lingering effects of historical discrimination, which would satisfy strict scrutiny.

2. Employment discrimination and related claims:

  • Missouri v. Int’l Bus. Machs. Corp., No. 24SL-CC02837 (Cir. Ct. of St. Louis Cty. 2024): On June 20, 2024, the State of Missouri filed a complaint against IBM in state court, alleging that the company violates the Missouri Human Rights Act by using race and gender quotas in its hiring and by basing employee compensation on participation in allegedly discriminatory DEI practices. The complaint cites a leaked video in which IBM’s Chief Executive Officer and Board Chairman, Arvind Krishna, allegedly stated that all executives must increase representation of ethnic minorities in their teams by 1% each year to receive a “plus” on their bonus. The complaint also alleges that employees at IBM have been fired or otherwise suffered adverse employment actions because they failed to meet or exceed these targets. The Missouri Attorney General seeks to permanently enjoin IBM and its officers from utilizing quotas in hiring and compensation decisions. On September 13, 2024, IBM moved to dismiss the suit, arguing that the “plus” bonus is not a “rigid racial quota,” but a lawful means of encouraging “permissible diversity goals.” IBM also argued that Missouri failed to assert sufficient facts to show that the “plus” bonus influenced any employment decisions in the state.
    • Latest update: On November 8, 2024, the State of Missouri filed a “Suggestions in Opposition” to IBM’s motion to dismiss. Missouri first argued that IBM’s arguments are merits questions that cannot yet be addressed at the motion to dismiss stage. Missouri then argued that if the court considers the merits questions, it should hold that IBM’s racial quotas are unlawful in light of the Missouri Human Rights Act and the Supreme Court decision in Students for Fair Admissions.
  • Haltigan v. Drake, No. 5:23-cv-02437-EJD (N.D. Cal. 2023): A white male psychologist sued the University of California Santa Cruz, arguing that the school imposed a “loyalty oath” on prospective faculty candidates in violation of the First Amendment by requiring them to submit statements explaining their views on DEI. The plaintiff claimed that because he is “committed to colorblindness and viewpoint diversity”––which he alleged contradicts the University’s position on DEI––the University would compel him to alter his political views in order to obtain a faculty position. The plaintiff sought a declaration that the University’s DEI statement requirement violates the First Amendment and a permanent injunction against the enforcement of the requirement. On January 12, 2024, the district court granted UC Santa Cruz’s motion to dismiss with leave to amend. On March 1, 2024, the defendant moved to dismiss the plaintiff’s second amended complaint, arguing that the plaintiff lacks standing and failed to state claims of either First Amendment viewpoint discrimination or compelled speech.
    • Latest update: On November 15, 2024, the district court granted UC Santa Cruz’s motion to dismiss the second amended complaint with leave to amend, finding that the plaintiff failed to cure the deficiencies identified in the court’s previous order. First, the court rejected the plaintiff’s claim that he had “competitor standing” because he failed to allege that he undertook any preparations specifically in anticipation of applying for the position or any other employment at UC Santa Cruz. Second, the court reaffirmed its initial finding that the plaintiff had not sufficiently alleged that it would be futile to apply without a DEI statement because the plaintiff’s own allegations demonstrated that the University could have advanced plaintiff’s application based on his academic and research accomplishments. Finally, the court found that the plaintiff’s argument that the University will inevitably post another opening that plaintiff is qualified for was speculative and insufficient to show an imminent injury.
  • Langan v. Starbucks Corporation, No. 3:23-cv-05056 (D.N.J. 2023): On August 18, 2023, a white, female former store manager sued Starbucks, claiming she was wrongfully accused of racism and terminated after she rejected Starbucks’ attempt to deliver “Black Lives Matter” T-shirts to her store. The plaintiff alleged that she was discriminated and retaliated against based on her race and disability as part of a company policy of favoritism toward non-white employees. On July 30, 2024, the district court granted Starbucks’ motion to dismiss, agreeing that the plaintiff’s claims under the New Jersey Law Against Discrimination were untimely and that she failed to sufficiently plead her tort or Section 1981 claims. The court found that she failed to allege that her termination was based on anything other than her “egregious” discriminatory comments and her violation of the company’s anti-harassment policy. On August 11, 2024, the plaintiff filed an amended complaint. On November 8, 2024, the defendant moved to dismiss the amended complaint, arguing that the additional facts alleged to explain plaintiff’s untimeliness—specifically, her difficulty obtaining a right to sue letter—were insufficient to state a claim.
    • Latest update: The plaintiff filed her opposition to the motion to dismiss on November 25, 2024, arguing that her claims are timely under the doctrine of equitable tolling. Plaintiff also argued that she sufficiently alleged facts to support her claims of intentional infliction of emotional distress, racial discrimination, retaliation, and negligent retention, supervision, and hiring.
  • Dill v. International Business Machines, Corp., No. 1:24-cv-00852 (W.D. Mich. 2024): On August 20, 2024, America First Legal filed a reverse discrimination suit against IBM on behalf of a former IBM employee, alleging violations of Title VII and Section 1981. The plaintiff claims that IBM placed him on a performance improvement plan as a “pretext to force him out of [IBM] due to [its] stated quotas related to sex and race.” The plaintiff seeks back pay, damages for emotional distress, and a declaratory judgment that IBM’s policies violate Title VII and Section 1981. The complaint cites to a leaked video in which IBM’s Chief Executive Officer and Board Chairman, Arvind Krishna, allegedly states that all executives must increase representation of underrepresented minorities on their teams by 1% each year to receive a “plus” on their bonuses.
    • Latest update: On November 20, 2024, Dill responded to IBM’s motion to dismiss, arguing that he sufficiently pled both direct and circumstantial evidence of improper termination and discrimination. Dill further argued that IBM relied on an unnecessarily burdensome pleading standard in their motion to dismiss.
  • Detillion v. Ohio Dep’t of Rehab. & Corr., No. 24-3347 (6th Cir. 2024): In July 2022, Lynn Detillion, a white woman, sued her union, the Ohio Civil Service Employees Association, and former employer, the Ohio Department of Rehabilitation and Correction, for violations of Title VII and Ohio discrimination law. Detillion alleged that the union discriminated against her based on her race and sex by declining to advocate on her behalf while advocating for a Black male union member and, similarly, that the department discriminated against her by reinstating the Black male guard, but not her. The district court granted summary judgment against her on all claims. She appealed.
    • Latest update: On November 21, 2024, the Sixth Circuit upheld the district court’s finding that Detillion’s claims lacked merit.
  • EEOC v. Battleground Restaurants, No. 1:24-cv-00792 (M.D.N.C. 2024): On September 25, 2024, the U.S. Equal Employment Opportunity Commission (EEOC) filed a lawsuit against a sports bar chain, Battleground Restaurants, in federal district court in North Carolina. The lawsuit alleges that the chain refused to hire men for its front-of-house positions, such as server or bartender jobs, in violation of Title VII. This is one of over 50 lawsuits the EEOC filed in the last week of September, prior to the end of its fiscal year on September 30, 2024.
    • Latest update: On November 25, 2024, Battleground Restaurants moved to dismiss or strike an improperly named defendant. Battleground Restaurants argued that the EEOC’s pattern or practice claims are “insufficiently pled, conclusory, and not plausible on their face,” and that the EEOC failed to conduct a “reasonable investigation” or give “adequate notice” to Battleground Restaurants.
  • Spitalnick v. King & Spalding, LLP, No. 24-cv-01367-JKB (D. Md. 2024): On May 9, 2024, Sarah Spitalnick, a white, heterosexual female, sued King & Spalding, alleging that the firm violated Title VII and Section 1981 by deterring her from applying to its Leadership Counsel Legal Diversity internship program. Spitalnick alleged that she believed she could not apply after seeing an advertisement that stated that candidates “must have an ethnically or culturally diverse background or be a member of the LGBT community.” On September 19, 2024, King & Spalding moved to dismiss, arguing that Spitalnick failed to state a claim, her claims were time-barred, and she lacked standing because she never applied to the program.
    • Latest update: On November 8, 2024, Spitalnick responded to the firm’s motion to dismiss, arguing that her claim was not time-barred and that being deterred from applying was sufficient to confer standing.
  • Paul Fowler v. Emory University, No. 1:24-cv-05353 (N.D. Ga. 2024): On November 21, 2024, a former Emory University employee sued the university alleging that the Vice Provost for Career and Professional Development discriminated against white employees in investigations, discipline, hiring, and promotions. The plaintiff asserts employment discrimination claims arising from “unlawful race, gender, and age discrimination and retaliation” in violation of Title VII, the Age Discrimination in Employment Act, and Section 1981.
    • Latest update: The docket does not yet reflect that the defendant has been served.

3. Challenges to agency rules, laws and regulatory decisions

  • Nat’l Ctr for Pub. Policy Research, et al. v. SEC, No. 23-60230 (5th Cir. 2023): The petitioners, Kroger shareholders, previously sought to require that Kroger Company include in its proxy materials a proposal requiring Kroger to issue a report detailing risks associated with omitting “viewpoint” and “ideology” from the list of protected characteristics in its equal opportunity policy. The SEC concluded that Kroger could exclude the proposal from its proxy materials. In April 2023, the petitioners sought judicial review of the SEC’s decision in the Fifth Circuit.
    • Latest update: On November 14, 2024, the Fifth Circuit denied the petitioner’s motion for stay pending appeal and granted the SEC’s motion to dismiss for lack of jurisdiction and mootness. The court found that Kroger chose to include the challenged measure in its proxy materials, which extinguished any live controversy on appeal. The court also held that it lacked authority to resolve the dispute because the SEC failed to issue an order concerning this matter, final or otherwise.

4. Actions against educational institutions:

  • Chu, et al. v. Rosa, No. 1:24-cv-75 (N.D.N.Y. 2024): On January 17, 2024, plaintiffs—a minor child represented by her mother, and three non-profit organizations—sued the commissioner of the New York State Education Department, which administers the STEP program. The STEP program is designed to “assist eligible students in acquiring the skills, attitudes and abilities necessary to pursue professional study in post-secondary degree programs in scientific, technical and health-related fields.” The plaintiffs alleged that the STEP program is unconstitutional because it subjects Asian American students to different eligibility requirements than applicants of other races; specifically, Asian American applicants must show that they are economically disadvantaged to apply.
    • Latest update: On November 22, 2024, the court denied the defendant’s motion to dismiss for lack of subject matter jurisdiction. The court held that the plaintiffs plausibly alleged an injury in fact under the “government erected barrier theory.” Under this theory, a plaintiff demonstrates an injury in fact if: 1) there exists a reasonable likelihood that the plaintiff is in a disadvantaged group, 2) there exists a government-erected barrier, and 3) the barrier causes members of that group to be treated differently from members of another group. Here, the court held that the plaintiffs were Asian Americans purportedly disadvantaged by the STEP program’s unique eligibility requirements for Asian Americans.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Matt Gregory, Zoë Klein, Cate McCaffrey, Jenna Voronov, Emma Eisendrath, Felicia Reyes, Allonna Nordhavn, Janice Jiang, Laura Wang, Maya Jeyendran, Kristen Durkan, Ashley Wilson, Lauren Meyer, Kameron Mitchell, Chelsea Clayton, Albert Le, Emma Wexler, Heather Skrabak, and Godard Solomon.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, [email protected])

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, [email protected])

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, [email protected])

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, [email protected])

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, [email protected])

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

On December 3, 2024, a federal district court in Texas ruled that the Corporate Transparency Act (CTA) is likely unconstitutional and preliminarily enjoined its enforcement nationwide. Accordingly, the rule’s requirements cannot currently be enforced against entities that would otherwise be subject to the rule. Thus, as it currently stands, reporting companies that were required to make a CTA filing by the end of the year are not required to do so, although that posture could change very quickly depending on the government’s next steps. This update briefly describes the ruling and what it means for CTA compliance moving forward.[1]

The Corporate Transparency Act, enacted in 2021, requires all corporations, limited liability companies, and certain other entities created (or, as to non-U.S. entities, registered to do business) in any U.S. state or tribal jurisdiction to file a beneficial ownership interest (BOI) report with the U.S. Financial Crimes Enforcement Network (FinCEN) identifying, among other information, the natural persons who are beneficial owners of the entity.[2] A regulation, the Reporting Rule, helps implement the CTA by specifying compliance deadlines—including a January 1, 2025 deadline for companies created or registered to do business in the United States before January 1, 2024—and detailing what information must be reported to FinCEN.[3]

On March 1, 2024, the U.S. District Court for the Northern District of Alabama ruled that the CTA is unconstitutional.[4] The court permanently enjoined the government from enforcing the CTA, but only as to the plaintiffs in that case.[5] The government appealed, and the Eleventh Circuit heard oral argument on September 27. The Eleventh Circuit’s decision in that case remains pending.

The December 3, 2024 Ruling

Six plaintiffs, among which include a small business named Texas Top Cop Shop, Inc. and the National Federation of Independent Business (NFIB), brought a lawsuit challenging the constitutionality of the CTA and the Reporting Rule on various grounds. On December 3, 2024, Judge Amos L. Mazzant of the U.S. District Court for the Eastern District of Texas granted the plaintiffs’ motion for a preliminary injunction.[6] Like the Northern District of Alabama, the court held that the CTA exceeds Congress’s enumerated powers. Specifically, in a 79-page opinion, Judge Mazzant ruled that it was likely that the plaintiffs would be able to prove that:

  • The CTA is not a proper exercise of Commerce Clause power because it does not regulate a channel or instrumentality of interstate commerce or any activity that substantially affects commerce[7]; and
  • The CTA cannot be justified under the Necessary and Proper Clause because, contrary to the government’s assertions, it is not rationally related to any enumerated power to regulate commerce, conduct foreign affairs, or collect taxes.[8]

The court’s reasoning about the scope of the Commerce Clause, Necessary and Proper Clause, foreign affairs power, and taxing power echoed that of the Northern District of Alabama. While the Northern District of Alabama enjoined enforcement of the CTA against only the plaintiffs in that case, the Eastern District of Texas went further. Observing that an injunction pertaining to plaintiff NFIB’s approximately 300,000 members would be tantamount to a nationwide injunction, the court concluded that it was appropriate to preliminarily enjoin enforcement of the CTA and the Reporting Rule nationwide.[9] Moreover, the court invoked its power under the Administrative Procedure Act’s stay provision, 5 U.S.C. § 705, to “postpone the effective date of” the Reporting Rule.[10]      

Potential U.S. Government Response

The government has 60 days to appeal the district court’s preliminary injunction to the U.S. Court of Appeals for the Fifth Circuit, though it may do so earlier.[11] The government may also ask the district court or the Fifth Circuit for an emergency stay of the district court’s preliminary injunction in full or in part during the pendency of any appeal. Any such emergency application would be considered by the Fifth Circuit on an expedited basis. If the Fifth Circuit leaves the district court’s order in place, the government could then seek emergency relief in the Supreme Court, which could also stay the injunction pending appeal.

In the meantime, FinCEN will likely issue a notice clarifying its position on the impact of the district court’s order, including potentially extending the January 1, 2025 filing deadline.

Ultimately, the validity of the CTA is unlikely to be resolved nationwide without Supreme Court review or unanimous decisions from the federal courts of appeals who consider the question.  Notably, district courts in Michigan,[12] Oregon,[13] and Virginia[14] have denied similar requests for preliminary injunctions against enforcement of the CTA. The Eastern District of Virginia, for example, concluded that the CTA is an exercise of Congress’s Commerce Clause power because it regulates an activity—operating a corporate entity as a going concern—that in the aggregate substantially affects interstate commerce.[15]

What the Ruling Means for Entities Subject to the CTA

Given the district court’s nationwide preliminary injunction and stay of the Reporting Rule’s effective date, the rule’s requirements cannot currently be enforced against entities that would otherwise be subject to the rule. Thus, as it currently stands, reporting companies that were required to make a CTA filing are not required to do so. 

Given the possibility of either the Fifth Circuit or the Supreme Court staying the district court’s order pending appeal, however, reporting entities’ legal obligations are subject to change on short notice, and as a general matter companies should not assume that the January 1, 2025 deadline will ultimately be extended without further guidance from FinCEN. If either the Fifth Circuit or Supreme Court stay the district court’s order pending appeal, the Reporting Rule will become enforceable again, and the rule’s deadlines will become effective as to all entities that are not parties to the litigation in the Northern District of Alabama—though FinCEN may adjust those deadlines depending on how long the district court’s order remains in effect. It also remains to be seen whether the incoming administration will continue to defend the constitutionality of the CTA or not, although as a general rule the Department of Justice typically defends the constitutionality of federal statutes regardless of administration.[16]

Entities that believe they may be subject to the Reporting Rule should closely monitor this matter, and consult with their CTA advisors as necessary, to understand whether and when they need to comply with the Reporting Rule’s requirements and to allow for sufficient lead time in advance of any filing deadline.

We note that this ruling deals only with the federal CTA passed by Congress, not similar legislation passed by states such as New York, which have enacted similar requirements.[17] Gibson Dunn will continue to monitor CTA developments closely.

[1] Prior alerts by Gibson Dunn explaining the Corporate Transparency Act are available at: https://www.gibsondunn.com/top-12-developments-in-anti-money-laundering-enforcement-in-2023https://www.gibsondunn.com/the-impact-of-fincens-beneficial-ownership-regulation-on-investment-fundshttps://www.gibsondunn.com/the-corporate-transparency-act-reminders-and-key-updates-including-fincen-october-3-faqs.

[2] See William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, Div. F., § 6403 (adding 31 U.S.C. § 5336).

[3] 31 C.F.R. § 1010.380.

[4] Nat’l Small Business United v. Yellen, 721 F. Supp. 3d 1260 (N.D. Ala. 2024); see https://www.gibsondunn.com/corporate-transparency-act-declared-unconstitutional-what-it-means-for-you.

[5] Nat’l Small Business Union et al. v. Yellen et al., No. 5:22-cv-01448, Dkt. 52 (N.D. Ala. 2024).

[6] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[7] Id. at 35–53.

[8] Id. at 53–73.

[9] Id. at 74–75, 77.

[10] Id. at 78.

[11] Fed. R. App. P. 4(a)(1)(B).

[12] Small Business Ass’n of Mich. et al. v. Yellen et al., No. 1:24-cv-00314-RJJ-SJB, Dkt. 24 (W.D. Mich. Apr. 26, 2024).

[13] Firestone et al. v. Yellen et al., No. 3:24-cv-1034-SI, Dkt. 18 (D. Ore. Sept. 20, 2024).

[14] Cmty. Ass’ns Inst. et al. v. Yellen et al., No. 1:24-cv-1597 (MSN/LRV), Dkt. 40 (E.D. Va. Oct. 24, 2024).

[15] Id. at 14; see also Firestonesupra note 13, at 12–14.

[16] See https://www.gibsondunn.com/tools-of-transition-procedural-devices-could-help-president-elect-implement-agenda.

[17] See S.995-B/A.3484-A


The following Gibson Dunn lawyers assisted in preparing this update: Kevin Bettsteller, Stephanie Brooker, Matt Gregory, Justin Newman, Dave Ware, Sam Raymond, Chris Jones, and Connor Mui.

Gibson Dunn has deep experience with issues relating to the Bank Secrecy Act, the Corporate Transparency Act, other AML and sanctions laws and regulations, and challenges to Congressional statutes and administrative regulations.

For assistance navigating white collar or regulatory enforcement issues, please contact the authors, the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s Anti-Money Laundering, Administrative Law & Regulatory, Investment Funds, Real Estate, or White Collar Defense & Investigations practice groups.

Please also feel free to contact any of the following practice group leaders and members and key CTA contacts:

Anti-Money Laundering:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
M. Kendall Day – Washington, D.C. (+1 202.955.8220, [email protected])
David Ware – Washington, D.C. (+1 202-887-3652, [email protected])
Ella Capone – Washington, D.C. (+1 202.887.3511, [email protected])
Sam Raymond – New York (+1 212.351.2499, [email protected])
Chris Jones – Los Angeles (+1 213.229.7786, [email protected])

Administrative Law and Regulatory:
Stuart F. Delery – Washington, D.C. (+1 202.955.8515, [email protected])
Eugene Scalia – Washington, D.C. (+1 202.955.8673, [email protected])
Helgi C. Walker – Washington, D.C. (+1 202.887.3599, [email protected])
Matt Gregory – Washington, D.C. (+1 202.887.3635, [email protected])

Investment Funds:
Kevin Bettsteller – Los Angeles (+1 310.552.8566, [email protected])
Shannon Errico – New York (+1 212.351.2448, [email protected])
Greg Merz – Washington, D.C. (+1 202.887.3637, [email protected])

Real Estate:
Eric M. Feuerstein – New York (+1 212.351.2323, [email protected])
Jesse Sharf – Los Angeles (+1 310.552.8512, [email protected])
Lesley V. Davis – Orange County (+1 949.451.3848, [email protected])
Anna Korbakis – Orange County (+1 949.451.3808, [email protected])

White Collar Defense and Investigations:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
Winston Y. Chan – San Francisco (+1 415.393.8362, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
F. Joseph Warin – Washington, D.C. (+1 202.887.3609, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

This update provides a high-level summary of the Amendments and the implementation timeline and explains steps to take now to prepare for the transition to EDGAR Next.

On September 27, 2024, the U.S. Securities and Exchange Commission (the SEC) adopted amendments[1] (the Amendments) to Rules 10 and 11 of Regulation S-T and Form ID to make technical changes to the Electronic Data Gathering, Analysis, and Retrieval System (EDGAR) filer access and account management processes (referred to by the SEC as EDGAR Next). While there will be a steep learning curve associated with these significant procedural changes to EDGAR, they are expected to ultimately result in a filing system that is easier for filers and the individuals acting on their behalf to manage. As discussed in more detail in the section entitled “When Do the Changes Take Effect?” below, EDGAR Next is in a beta testing period now and will go live on March 24, 2025, though legacy EDGAR can still be used to make filings through September 12, 2025.

The Amendments, which received support from all five SEC Commissioners, are intended to enhance the security of EDGAR, improve the ability of filers to securely manage and maintain access to their EDGAR accounts, facilitate the responsible management of filer credentials, and simplify the procedures for accessing EDGAR. Chair Gary Gensler called the Amendments “an important next step for EDGAR account access protocols” and noted that they will benefit the Commission, filers, and investors alike.[2]

The adoption of EDGAR Next will, among other things, require filers to designate individuals to manage the filers’ EDGAR accounts and file on their behalf. To access EDGAR and make filings, these designated individuals will be required to have their own individual account credentials and complete multifactor authentication.

How Does EDGAR Next Work?

Individual Account Credentials Will Replace Filer Password, PMAC, and Passphrase

Currently, each filer, regardless of whether they are a company or an individual, is identified with a central index key (CIK) and has only one set of login credentials, consisting of a password, passphrase, CIK confirmation code (CCC), and password modification authorization code (PMAC). Using a filer’s password and CCC, any individual could access the filer’s EDGAR account and make filings.

EDGAR Next will continue to use the CIK and CCC but will retire the EDGAR password, PMAC, and passphrase (though existing filers’ passphrases will be needed to initially enroll in EDGAR Next, as described in the section entitled “How Does a Filer Enroll in EDGAR Next?” below). Under EDGAR Next, only authorized individuals, such as account administrators and authorized users, may access a filer’s EDGAR account and make filings on their behalf. To access a filer’s account, authorized individuals will need to log in to EDGAR with their own individual account credentials (obtained through Login.gov, a sign-in service of the U.S. government), complete multifactor authentication, and enter the relevant filer’s CIK and CCC. By limiting access to a filer’s account to only those individuals directly authorized by the filer and requiring such individuals to have their own personal EDGAR accounts, EDGAR Next’s updated access protocols provide additional security and traceability as compared to legacy EDGAR.[3]

Filers Will Be Required to Identify Individuals Authorized to Manage the Account

Under EDGAR Next, filers will be required to designate individuals to serve in the following roles, with each role having different responsibilities and privileges related to the filer’s EDGAR account: account administrator, user, technical administrator, and delegated entity. The Adopting Release provides the following chart depicting the key functions of each role:

Role Submit filings, view CCC Generate/
change CCC
Manage account administrators, users, technical administrators, and delegated entities Delegate to another filer Manage delegated users Manage filer API token[4] Manage user API token
Account Administrator

X

X

X

X

X

User

X

X

Technical Administrator

X

Delegated Administrator

X

X

X

Delegated User

X

X

Each role serves the following purposes:

  • Account administrators will manage the filer’s EDGAR account and serve as the points of contact for questions from the SEC staff regarding the filer’s account.[5] All entity filers are required to maintain at least two account administrators, and all individual filers (including single-member companies) are required to have one account administrator. Up to 20 account administrators may be assigned for each filer.[6] Account administrators are also responsible for managing the filer’s dashboard; adding and removing other account administrators, technical administrators, and users; creating and editing groups of users; and delegating filing authority to a delegated entity (such as a filing agent). Additionally, account administrators are responsible for performing an annual confirmation, which involves confirming the accuracy of the filer’s account information.[7]
    • Entity Filers. An account administrator for a filer that is an entity could be an employee of the filer or the filer’s affiliate or an individual holding a notarized power of attorney authorizing them to serve as account administrator.[8]
    • Individual Filers. Individual filers, such as Section 16 filers, may authorize relevant individuals at their filing agents, related issuers, or other representative entities to act as their account administrator. If an individual filer chooses not to make such an authorization, the individual will be responsible for managing his or her own account and filings.
  • Users are individuals authorized by a filer’s account administrator to make EDGAR submissions on the filer’s behalf.
  • Technical administrators are responsible for managing the technical aspects of a filer’s connection to EDGAR’s APIs (as discussed in more detail below).
  • Delegated entities are entities that another filer authorizes to make filings on its behalf. Since delegated entities must have their own EDGAR accounts, they must comply with the same requirements applicable to all filers, maintaining their own accounts with their own account administrators, users, and technical administrators. A delegated entity can be any EDGAR account, including but not limited to filing agents,[9] issuers making submissions on behalf of Section 16 filers, and parent companies of large groups of related filers. Delegated entities may receive delegated authority to file for an unlimited number of filers. In response to comments from filing agents, the dashboard will be enhanced to enable prospective delegated entities to send delegation requests to filers. Once a delegated entity has accepted a delegation, all the delegated entity’s account administrators will automatically become delegated administrators for the filer. These delegated administrators will then be able to authorize delegated users.

How Does a Filer Enroll in EDGAR Next?

Existing EDGAR Filers: Must Enroll by December 19, 2025 to Avoid the Need to Submit an Amended Form ID

Access to the EDGAR Next dashboard will be available starting March 24, 2025. Existing EDGAR filers who enroll in EDGAR Next by December 19, 2025 will generally not be required to submit a new Form ID. However, if an existing filer fails to enroll by December 19, 2025, the filer will be required to submit an amended Form ID to apply for EDGAR Next access.

To enroll, a person authorized by the filer will log in to the EDGAR Next dashboard using his or her individual account credentials and will verify their authorization by entering the filer’s CIK, CCC, and passphrase.[10] (This will be the last time the filer’s passphrase is needed.) Once verified, the individual will provide information on the individuals that will serve as the filer’s account administrators. If the above information is accurate and entered correctly, enrollment could be effective the same day that it is submitted.[11]

For individual filers, such as Section 16 filers, the same process applies. However, to alleviate the burden of enrollment and account management on individual and single-member company filers, EDGAR Next will allow these filers to, initially, authorize an individual at their filing agent or other third party to enroll them in EDGAR Next and, subsequently, authorize one or more individuals at these entities to act as their account administrators. A power of attorney is not required to permit an individual to enroll on the filer’s behalf. Instead, entering the filer’s CIK, CCC, and passphrase will act as validation of the filer’s intent.[12] This ability to delegate the enrollment and management of a filer’s account will be particularly helpful to Section 16 and Form 144 filers, reducing the burden of compliance with EDGAR Next. The practical effect of this is that, during the enrollment period, Section 16 and Form 144 filers can be enrolled in EDGAR Next by individuals working at the companies with which they are associated so long as those individuals have been authorized by the individual filer and have access to the individual filers’ legacy EDGAR access codes. Individual filers will need to authorize individuals to act on their behalf but will not be required to create their own credentials or have any direct involvement with EDGAR. If a filer does not act by December 19, 2025 and as a result is required to apply for access on amended Form ID, the filer must provide a signed and notarized power of attorney to permit a third party to enroll the filer on their behalf.

A person responsible for enrolling multiple filers in EDGAR Next (e.g., someone responsible for a company and its subsidiaries and/or all of a company’s Section 16 filers) will have the option of using bulk enrollment, a process by which multiple accounts can be enrolled by completing and uploading a spreadsheet template with the required information for each account.

New EDGAR Applicants: Form ID Will Be Amended to Require Certain Additional Information from EDGAR Applicants

Form ID is an online form used to apply for EDGAR access. Currently, to complete the Form ID, an applicant must provide the following: information about the applicant and filer, relevant contact information, and the signature of an authorized individual (such as the CEO or secretary of the company for an entity filer).

Beginning on March 24, 2025, the amended Form ID will become effective and will require applicants, among other things and in addition to previous requirements, to do the following:

  1. Designate account administrators and provide a power of attorney for each designated account administrator that is not the applicant (for an individual applicant) or an employee of the applicant or the applicant’s affiliate (for an entity applicant). As mentioned above, account administrators must have individual account credentials, at least two must be assigned per filer (or one in the case of individual or single member company filers), and up to 20 can be assigned.
  2. Provide its Legal Entity Identifier (LEI), if any. (The LEI is a global alphanumeric identifier used to uniquely and unambiguously identify a legal entity, which can be obtained through any Global Legal Entity Identifier Foundation (GLEIF) accredited organization.) Applicants that have not yet obtained an LEI will not be required to do so to submit Form ID.
  3. Provide more specific contact information about the filer, its account administrators, the individual authorized to sign Form ID on the filer’s behalf, and the billing contact responsible for filing fees.
  4. Provide a history of past securities law violations, specifically whether the applicant, its account administrator, the individual authorized to sign Form ID on the filer’s behalf, the billing contact, or the person signing a power of attorney has been criminally convicted or enjoined, barred, suspended, or banned in any capacity as a result of a securities law violation.
  5. Indicate whether the applicant is in good standing with its state or country of incorporation.[13]

The person submitting a Form ID on a prospective filer’s behalf need not be one of the applicant’s prospective account administrators. Once the Form ID application is granted, account administrators will be able to log in to EDGAR with their individual credentials obtained through Login.gov to access the filer’s dashboard and generate a CCC. Once the account administrators have access to the filer’s dashboard, they can add additional account administrators without the need to provide additional powers of attorney for each new non-employee administrator.

How Can a Filer Minimize Their Manual Interaction with EDGAR?

While the Amendments aim to make EDGAR Next user-friendly, they also provide a way for filers to limit their need to interact with the system altogether. EDGAR Next will include optional Application Program Interfaces (APIs), which allow machine-to-machine authentication—a process commonly used by filing agents—as an alternative to making filings through the EDGAR website. EDGAR Next will include a total of 15 optional APIs.[14] Among other things, these APIs will allow filing applications (such as those created and operated by DFIN, Workiva, Toppan Merrill, and other filing agents) to replicate much of the dashboard account management functionality, allowing filers to manage their EDGAR accounts with minimal manual interaction with EDGAR. For example, APIs will allow filers to make live and test submissions on EDGAR, check the status of an EDGAR submission, and check EDGAR operational status. According to SEC Chair Gary Gensler, these APIs “will help enhance how filers, including registrants and their agents, can access EDGAR, retrieve information, and submit bulk filings” and will “promote efficiency for filers and the Commission alike.” To use and manage these APIs, filers will be required to designate two individuals as technical administrators.[15]

When Do the Changes Take Effect?

  • September 30, 2024: Beta testing opened on September 30, 2024, and will continue until at least December 19, 2025. During this period, filers are able to test the EDGAR Next changes in the “Adopting Beta” environment, a testing environment that is separate from the live EDGAR system.[16] This period can also be used to prepare for the implementation of EDGAR Next. For example, among other things, filers can determine their account administrators, encourage the relevant individuals to obtain their individual account credentials through Login.gov, and gather information needed to enroll prior to EDGAR Next’s launch on March 24, 2025.
  • March 24, 2025: The new EDGAR Next dashboard will go live on March 24, 2025, and existing filers (or individuals authorized to act on their behalf) will obtain access by enrolling on the dashboard using the filers’ legacy EDGAR access codes. New filers (and existing filers unable to enroll) must complete the newly amended Form ID, the application for access to EDGAR Next. Once live, the dashboard will be available during EDGAR operating hours, 6 a.m. to 10 p.m. Eastern Time each day except Saturdays, Sundays, and Federal holidays. To access the EDGAR Next dashboard, individuals will be required to log in with the individual account credentials obtained through Login.gov.
  • September 15, 2025: Compliance with EDGAR Next will be required in order to file beginning September 15, 2025. Filers may continue to enroll (but not file) using legacy EDGAR access codes until December 19, 2025. However, we recommend enrolling well in advance of any anticipated filings in order to avoid last-minute issues. Beginning December 22, 2025, as discussed above, existing filers who have not enrolled or been granted access on the amended Form ID will be required to submit the amended Form ID to access their EDGAR account.

What Should I Be Doing Now?

While EDGAR Next is intended to make managing an EDGAR account easier, the transition to EDGAR Next will involve certain administrative burdens for filers and individuals acting on their behalf. To be ready for the transition, we recommend the following:

  1. Collect legacy EDGAR access codes. Existing filers or individuals authorized to act on their behalf will need to use the filers’ legacy EDGAR access codes (specifically their CIK, CCC, and passphrase) to enroll in EDGAR Next once it goes live. Check to make sure you have the codes of any entities or individual filers for which you are responsible and confirm that the codes work and have not expired. If any of your EDGAR access codes have been lost, you may reset them here.[17]
  2. Identify individuals who will serve in various roles. Decide now who will serve as account administrators, users, and technical administrators for the EDGAR accounts of any entities or individual filers for which you are responsible. You can also decide which individuals will handle enrollment for the filers. It is common for multiple companies to handle EDGAR submissions for Section 16 filers who are directors or more than 10% holders, so those companies and the Section 16 filer will need to coordinate to determine who is going to enroll the filer in EDGAR Next once it goes live and who will serve as account administrator(s) for the Section 16 filer. If an individual filer authorizes multiple account administrators, the individual filer should consider which of the account administrators will perform the annual confirmation on the filer’s behalf and communicate that to the various account administrators.
  3. Determine how filers will authorize individuals to enroll them in EDGAR Next and serve as account administrators. As noted above, during the enrollment period, presentation of a power of attorney for the person performing enrollment or being authorized as an account administrator will not be necessary (entering the CIK, CCC, and passphrase will serve as validation of the filer’s intent); however, the Adopting Release urges all filers to carefully coordinate regarding the person they will authorize to enroll them. For any filers for which you are responsible, decide in advance the process whereby entities and individual filers will authorize an individual at their filing agent or other third party to enroll them in EDGAR and designate individual account administrator(s) (e.g., power of attorney, email, some other form of writing).
  4. Encourage individuals to obtain Login.gov credentials. All individuals who make submissions on behalf of a company or its Section 16 filers, or who manage the EDGAR access codes of those filers (likely members of the legal and financial reporting teams), should obtain Login.gov account credentials well before March 24, 2025. This will allow them to test the Adopting Beta and also hit the ground running when EDGAR Next goes live.
  5. Take Advantage of the Adopting BetaIf you expect to be tasked with managing a filer’s EDGAR account, consider familiarizing yourself with EDGAR Next via the Adopting Beta environment. Everything you need to access the Adopting Beta can be found at this website. A few things to note:
    • The Adopting Beta is separate from the live EDGAR system—anything in Adopting Beta is fictional and won’t carry over.
    • Users should use an email they intend to use for EDGAR Next when creating Login.gov credentials for the Adopting Beta. These credentials can be reused for EDGAR Next once it goes live.
    • To test in the Adopting Beta, users submit a Form ID to get a fictitious CIK and “account admin” role, which is only for the Adopting Beta.
    • Only enter fictional info in the Adopting Beta, except for real names/emails for Login.gov.

While users of the Adopting Beta are encouraged to report technical bugs to the SEC, the utility of the Adopting Beta is much broader than this, and we think it is worth taking advantage of the opportunity to try out EDGAR Next before it goes live.

  1. Update onboarding process to account for amended Form ID. After March 24, 2025, any new Section 16 filers will need to designate account administrators and provide certain other information (e.g., information regarding history of past securities law violations and good standing) in connection with the amended Form ID. To prepare for this, onboarding processes can be adjusted now to request this information.
  2. Coordinate with filing agents. You should coordinate with any filing agents you currently use to ensure that the filing agent is implementing appropriate processes to prepare for a smooth transition. The filing agents should be able to explain how they expect to manage your EDGAR account through the various APIs available and what they will need you to do to authorize them to act on your behalf.

What Other Resources are Available?

Instructional Videos. Videos introducing EDGAR Next topics and providing step-by-step instructions are available on the SEC’s YouTube channel:

Other Online Resources. The SEC’s dedicated EDGAR Next website includes detailed discussions regarding the transition to EDGAR Next and the Adopting Beta, among other topics. The EDGAR Business Office has also published this guide intended to help with enrolling individual filers (e.g., Section 16 filers) in EDGAR Next.

Contact Info. Finally, filers may email [email protected] or call Filer Support at (202) 551-8900 Option #2 for additional assistance.

What’s Next?

We will be monitoring further developments as the SEC transitions to and implements EDGAR Next. Commissioner Mark T. Uyeda noted that “[o]ver the next 15 months, the [SEC] staff will need to work with filers, filing agents, and the rest of the filing community to carry out—and implement changes from—additional beta testing of EDGAR Next functionalities.”[18] Commissioner Uyeda’s statement suggests that the SEC staff will be taking feedback from filers during the beta testing period and implementing further changes.

Our Securities Regulation and Corporate Governance attorneys are available to assist with any questions on relating to the transition to EDGAR Next.

[1] See SEC Release No. 33-11313, EDGAR Filer Access and Account Management (the Adopting Release), available here.

[2] See Chair Gary Gensler “Statement on EDGAR” available here.

[3] The EDGAR Filer Manual is being amended to clarify that individual account credentials may not be shared with other individuals as these credentials are intended to identify the individual taking action on EDGAR. See Adopting Release at Section II.B.

[4] APIs, or Application Program Interfaces, are discussed below.

[5] EDGAR Next will offer an option to allow account administrators to designate one account administrator as the filer’s primary EDGAR point of contact. The first account administrator listed on Form ID or an existing filer’s enrollment will by default be designated as the primary point of contact. See Adopting Release at Section II.B.1.

[6] The Adopting Release encourages filers to authorize more than the minimum number of account administrators, if possible, because if all account administrators for a filer cease to be available to manage the filer’s account, the filer will be required to submit a new Form ID to authorize new account administrators. See Adopting Release at Section II.B.1.b.

[7] EDGAR will allow account administrators to select one of four quarterly dates as the filer’s ongoing confirmation deadline: March 31, June 30, September 30, and December 31 (or the next business day if the date falls upon a weekend or holiday when EDGAR is not operating); however, an account administrator may choose to perform confirmation at an earlier date within the quarter when confirmation is due. See Adopting Release at Section II.B.1.d.

[8] Filers are required to provide a notarized power of attorney for account administrators only when the account administrators are included on Form ID. There is no such requirement for account administrators added through the filer’s dashboard. See Adopting Release at Section II.B.1.a.

[9] The Amendments define “filing agent” to include law firms, financial services companies, broker dealers when making submissions on behalf of individuals filing pursuant to Section 16 of the Exchange Act, and other entities engaged in the business of submitting EDGAR filings on behalf of their clients. See Adopting Release at Section II.C.3. and fn. 129.

[10] Filers that have lost or forgotten their CCC will be able to reset it by providing their CIK and passphrase and using the “Generate New EDGAR Access Codes” option in the EDGAR Filer Management website until March 21, 2025. Filers that have lost or forgotten their passphrase may automatically reset their passphrase by requesting a security token be sent to their point of contact email address on record in EDGAR, consistent with current practice. See Adopting Release at Section II.H.1.b. and fn. 208.

[11] As a security measure, following a filer’s enrollment in EDGAR Next, the filer’s CCC will be automatically reset. The new CCC will appear on the dashboard for all individuals with the ability to make submissions on the filer’s behalf, so it will not need to be separately communicated.

[12] See Adopting Release text accompanying and following fn. 39.

[13] The Adopting Release notes that “[a]lthough the lack of good standing will not prevent a company from obtaining EDGAR access, this information could be relevant in determining whether it may be appropriate for the staff to review additional documentation as part of its assessment of the application.” Adopting Release at Section II.F.3.

[14] Information regarding the 15 APIs is available here.

[15] The SEC has clarified that “the role of technical administrator could be filled by someone with a primarily administrative background” and that software or other technology expertise is not required. See Adopting Release at Section II.B.3.

[16] More information regarding beta testing can be found in the SEC’s EDGAR Next Filer Testing Guidance, available here.

[17] To generate new a PMAC, password, or CCC, you will need access to your CIK and passphrase. To reset your passphrase, you will need access to your CIK.

[18] See Commissioner Mark T. Uyeda’s “Statement on EDGAR Next” available here.


The following Gibson Dunn lawyers assisted in preparing this update: Mike Titera, Ron Mueller, Tom Kim, Aaron Briggs, Elizabeth Ising, David Korvin, Rob Kelley, Antony Nguyen, and Caroline Bakewell.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation and Corporate Governance practice group, the authors, or any of the following practice leaders and members:

Securities Regulation and Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])

© 2024 Gibson, Dunn & Crutcher LLP.  All rights reserved.  For contact and other information, please visit us at www.gibsondunn.com.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials.  The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel.  Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.